SSO and IIS 7.5

Does anyone have advice on how to configure JBoss 7.1.1.Final to successfully enable SSO using IIS 7.5 with integrated windows authentication. This used to be a simple process on CCP 9.3.2 but I've had no luck configuring JBoss 7.1.1.Final to use the SSO. The logs just always say the "LoginId not found for SSO in HttpHeader".
I've successfully setup the redirect from IIS using the isapi filter to connect to the CCP application but have not gotten any further.
I believe the standalone-full.xml file needs to be altered in someway to enable the SSO, any ideas?

Hi
We have resolved this issue, this is a known bug with JBoss 7.1.1 where the headers aren't passed through correctly. TAC had provided us with a patched version of the JBoss JAR file to resolve this.

Similar Messages

  • Java SSO and IIS

    This is a repeat of this post: Java SSO and IIS
    Noone answered there.
    Hello,
    my organization uses Java SSO authentication in Oracle Application Server. Now we want to "expand" SSO so that our IIS applications can benefit from Oracle SSO and user needn't print user name / password again. Is there any way to use Java SSO in IIS? In this project we use Java SSO, not Oracle Identity Management.
    Thanks in advance

    Hi ,
    I was installed and configured policy agent successfully.while i am trying to access the application url i am getting following error.
    I am using IIS6.0 and access manager 7.1.
    Error 2824:15b9918 AuthService: AuthService::processLoginStatus() Exception message=[Application user ID is not valid.] errorCode='107' templateName=login_failed_template.jsp.
    2009-03-10 00:03:05.828 Error 2824:15b9918 PolicyEngine: am_policy_evaluate: InternalException in AuthService::processLoginStatus() with error message:Exception message=[Application user ID is not valid.] errorCode='107' templateName=login_failed_template.jsp and code:3
    2009-03-10 00:03:05.828 Warning 2824:15b9918 PolicyAgent: am_web_is_access_allowed()(http://fcs-ylwkuzfoz1q.ramesh.com:99/website.html, GET) denying access: status = Access Manager authentication service failure
    2009-03-10 00:03:05.828 Debug 2824:15b9918 PolicyAgent: am_web_is_access_allowed(): Successfully logged to remote server for GET action by user unknown user to resource http://fcs-ylwkuzfoz1q.ramesh.com:99/website.html.
    2009-03-10 00:03:05.828 Info 2824:15b9918 PolicyAgent: am_web_is_access_allowed()(http://fcs-ylwkuzfoz1q.ramesh.com:99/website.html, GET) returning status: Access Manager authentication service failure.
    2009-03-10 00:03:05.828 Debug 2824:15b9918 PolicyAgent: HttpExtensionProc(): status after am_web_is_access_allowed = Access Manager authentication service failure (3)
    2009-03-10 00:03:05.828 Error 2824:15b9918 PolicyAgent: HttpExtensionProc(): status: Access Manager authentication service failure (3)
    2009-03-10 00:03:05.828 Debug 2824:15b9918 PolicyAgent: OnSendResponse(): HTTP Status code is 500
    can any one please help me to resolve this.
    Thanks
    Ramesh Kumar GV

  • BI Publisher - SSO and IIS

    Does anyone happen to know if SSO with the web server as IIS be an issue when trying to use BI Publisher? We are getting an error when trying to log into Publisher with SSO enabled (works fine with RPD Security). I have looked at the documentation and it has a section for updating an Apache file but I can find nothing with using it with IIS.

    Ummm, I am not sure how you are using BIP under IIS since according to the [System Requirements and Supported Platforms|http://download.oracle.com/docs/cd/E10415_01/doc/bi.1013/e10417.pdf] PDF BIP is suported under IIS via the Oracle Application Server Proxy Plug-in:
    Microsoft IIS is supported as an HTTP server for Oracle Business Intelligence Publisher and Oracle Business Intelligence Office Server via the Oracle Application Server Proxy Plug-in. Oracle Business Intelligence Publisher and Oracle Business Intelligence Office Server require a J2EE Application server*
    So you must have OAS installed in your system.

  • ADFS SSO and SharePoint 2013 on-premise Hybrid outbound search results from SharePoint Online - does it work?

    Hi, 
    I want to setup an outpund hybrid search for SharePoint 2013 on-premise to SharePoint Online.
    But I'm not shure if this works with ADFS SSO.
    Has somebody experience with this setup?
    Here's my guide which I'm going to use for this installation:
    Introduction
    In this post I'll show you how to get search results from your SharePoint Online in your SharePoint 2013 on-premise search center.
    Requirements
    User synchronisation ActiveDirectory to Office 365 with DirSync
    DirSync password sync or ADFS SSO
    SharePoint Online
    SharePoint 2013 on-premise
    Enterprise Search service
    SharePoint Online Management Shell
    Instructions
    All configuration will be done either in the Search Administration of the Central Administration or in the PowerShell console of your on-premise SharePoint 2013 server.
    Set up Sever to Server Trust
    Export certificates
    To create a server to server trust we need two certificates.
    [certificate name].pfx: In order to replace the STS certificate, the certificate is needed in Personal Information Exchange (PFX) format including the private key.
    [certificate name].cer: In order to set up a trust with Office 365 and Windows Azure ACS, the certificate is needed in CER Base64 format.
    First launch the Internet Information Services (IIS) Manager
    Select your SharePoint web server and double-click Server Certificates
    In the Actions pane, click Create Self-Signed Certificate
    Enter a name for the certificate and save it with OK
    To export the new certificate in the Pfx format select it and click Export in the Actions pane
    Fill the fields and click OK Export to: C:\[certificate
    name].pfx Password: [password]
    Also we need to export the certificate in the CER Base64 format. For that purpose make a right-click on the certificate select it and click on View...
    Click the Details tab and then click Copy to File
    On the Welcome to the Certificate Export Wizard page, click Next
    On the Export Private Key page, click Next
    On the Export File Format page, click Base-64 encoded X.509 (.CER), and then click Next.
    As file name enter C:\[certificate
    name].cer and then click Next
    Finish the export
    Import the new STS (SharePoint Token Service) certificate
    Let's update the certificate on the STS. Configure and run the PowerShell script below on your SharePoint server.
    if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
    # set the cerficates paths and password
    $PfxCertPath = "c:\[certificate name].pfx"
    $PfxCertPassword = "[password]"
    $X64CertPath = "c:\[certificate name].cer"
    # get the encrypted pfx certificate object
    $PfxCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
    # import it
    Set-SPSecurityTokenServiceConfig -ImportSigningCertificate $PfxCert
    Type Yes when prompted with the following message.
    You are about to change the signing certificate for the Security Token Service. Changing the certificate to an invalid, inaccessible or non-existent certificate will cause your SharePoint installation to stop functioning. Refer
    to the following article for instructions on how to change this certificate: http://go.microsoft.com/fwlink/?LinkID=178475. Are you
    sure, you want to continue?
    Restart IIS so STS picks up the new certificate.
    & iisreset
    & net stop SPTimerV4
    & net start SPTimerV4
    Now validate the certificate replacement by running several PowerShell commands and compare their outputs.
    # set the cerficates paths and password
    $PfxCertPath = "c:\[certificate name].pfx"
    $PfxCertPassword = "[password]"
    # get the encrypted pfx certificate object
    New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
    # compare the output above with this output
    (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate
    [/code]
    ## Establish the server to server trust
    [code lang="ps"]
    if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
    Import-Module MSOnline
    Import-Module MSOnlineExtended
    # set the cerficates paths and password
    $PfxCertPath = "c:\[certificate name].pfx"
    $PfxCertPassword = "[password]"
    $X64CertPath = "c:\[certificate name].cer"
    # set the onpremise domain that you added to Office 365
    $SPCN = "sharepoint.domain.com"
    # your onpremise SharePoint site url
    $SPSite="http://sharepoint"
    # don't change this value
    $SPOAppID="00000003-0000-0ff1-ce00-000000000000"
    # get the encrypted pfx certificate object
    $PfxCert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $PfxCertPath, $PfxCertPassword, 20
    # get the raw data
    $PfxCertBin = $PfxCert.GetRawCertData()
    # create a new certificate object
    $X64Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
    # import the base 64 encoded certificate
    $X64Cert.Import($X64CertPath)
    # get the raw data
    $X64CertBin = $X64Cert.GetRawCertData()
    # save base 64 string in variable
    $CredValue = [System.Convert]::ToBase64String($X64CertBin)
    # connect to office 3656
    Connect-MsolService
    # register the on-premise STS as service principal in Office 365
    # add a new service principal
    New-MsolServicePrincipalCredential -AppPrincipalId $SPOAppID -Type asymmetric -Usage Verify -Value $CredValue
    $MsolServicePrincipal = Get-MsolServicePrincipal -AppPrincipalId $SPOAppID
    $SPServicePrincipalNames = $MsolServicePrincipal.ServicePrincipalNames
    $SPServicePrincipalNames.Add("$SPOAppID/$SPCN")
    Set-MsolServicePrincipal -AppPrincipalId $SPOAppID -ServicePrincipalNames $SPServicePrincipalNames
    # get the online name identifier
    $MsolCompanyInformationID = (Get-MsolCompanyInformation).ObjectID
    $MsolServicePrincipalID = (Get-MsolServicePrincipal -ServicePrincipalName $SPOAppID).ObjectID
    $MsolNameIdentifier = "$MsolServicePrincipalID@$MsolCompanyInformationID"
    # establish the trust from on-premise with ACS (Azure Control Service)
    # add a new authenticatio realm
    $SPSite = Get-SPSite $SPSite
    $SPAppPrincipal = Register-SPAppPrincipal -site $SPSite.rootweb -nameIdentifier $MsolNameIdentifier -displayName "SharePoint Online"
    Set-SPAuthenticationRealm -realm $MsolServicePrincipalID
    # register the ACS application proxy and token issuer
    New-SPAzureAccessControlServiceApplicationProxy -Name "ACS" -MetadataServiceEndpointUri "https://accounts.accesscontrol.windows.net/metadata/json/1/" -DefaultProxyGroup
    New-SPTrustedSecurityTokenIssuer -MetadataEndpoint "https://accounts.accesscontrol.windows.net/metadata/json/1/" -IsTrustBroker -Name "ACS"
    Add a new result source
    To get search results from SharePoint Online we have to add a new result source. Run the following script in a PowerShell ISE session on your SharePoint 2013 on-premise server. Don't forget to update the settings region
    if(-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)){Add-PSSnapin "Microsoft.SharePoint.PowerShell"}
    # region settings
    $RemoteSharePointUrl = "http://[example].sharepoint.com"
    $ResultSourceName = "SharePoint Online"
    $QueryTransform = "{searchTerms}"
    $Provier = "SharePoint-Remoteanbieter"
    # region settings end
    $SPEnterpriseSearchServiceApplication = Get-SPEnterpriseSearchServiceApplication
    $FederationManager = New-Object Microsoft.Office.Server.Search.Administration.Query.FederationManager($SPEnterpriseSearchServiceApplication)
    $SPEnterpriseSearchOwner = Get-SPEnterpriseSearchOwner -Level Ssa
    $ResultSource = $FederationManager.GetSourceByName($ResultSourceName, $SPEnterpriseSearchOwner)
    if(!$ResultSource){
    Write-Host "Result source does not exist. Creating..."
    $ResultSource = $FederationManager.CreateSource($SPEnterpriseSearchOwner)
    $ResultSource.Name = $ResultSourceName
    $ResultSource.ProviderId = $FederationManager.ListProviders()[$Provier].Id
    $ResultSource.ConnectionUrlTemplate = $RemoteSharePointUrl
    $ResultSource.CreateQueryTransform($QueryTransform)
    $ResultSource.Commit()
    Add a new query rule
    In the Search Administration click on Query Rules
    Select Local SharePoint as Result Source
    Click New Query Rule
    Enter a Rule name f.g. Search results from SharePoint Online
    Expand the Context section
    Under Query is performed on these sources click on Add Source
    Select your SharePoint Online result source
    In the Query Conditions section click on Remove Condition
    In the Actions section click on Add Result Block
    As title enter Results for "{subjectTerms}" from SharePoint Online
    In the Search this Source dropdown select your SharePoint Online result source
    Select 3 in the Items dropdown
    Expand the Settings section and select "More" link goes to the following URL
    In the box below enter this Url https://[example].sharepoint.com/search/pages/results.aspx?k={subjectTerms}
    Select This block is always shown above core results and click the OK button
    Save the new query rule

    Hi  Janik,
    According to your description, my understanding is that you want to display hybrid search results in SharePoint Server 2013.
    For achieving your demand, please have a look at the article:
    http://technet.microsoft.com/en-us/library/dn197173(v=office.15).aspx
    If you are using single sign-on (SSO) authentication, it is important to test hybrid Search functionality by using federated user accounts. Native Office 365 user accounts and Active Directory Domain Services
    (AD DS) accounts that are not federated are not recognized by both directory services. Therefore, they cannot authenticate using SSO, and cannot be granted permissions to resources in both deployments. For more information, see Accounts
    needed for hybrid configuration and testing.
    Best Regards,
    Eric
    Eric Tao
    TechNet Community Support

  • SSO and portal timeout  -- other bug?

    ...this is very probably related to the other post talking about SSO and portal timeout...
    I am having another weird issue with dotnet portlets that uses inline refresh (done automatically by dotnet accelerator) and SSO.
    When you let the portal session expire, and then click on a button/link within a portlet (hence generate an inline refresh gatewayed request), the full portal window (header/footer etc...) appears within the portlet, instead of the portlet content alone.
    I did some http traces (see below) and it seems the problem is due to the windows SSOLogin.aspx (we are using windows auth SSO) not taking the requested portlet gatewayed request url as a post login redirect info... but taking instead the current page url (which is wrong)
    Thus, after the gatewayed portlet request is successfully authenticated by the SSOLogin.aspx component, it is automatically redirected to the wrong urll...making the full portal page refresh into the portlet.
    So my question is: have anyone already seen such behavior? And has anything been done to fix this?
    It really seems like a bug with the SSO servlet...but maybe i am doing something wrong...Just want to have your thoughts on this.
    Thanks,
    Fabien
    ============================================================================================
    HTTP Trace:
    POST     302     Redirect to /portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login     http://your.portal.com/portal/server.pt/gateway/PTARGS_0_15046_362_205_0_43/http%3B/your.portletserver.com/yourapp/youraspx.aspx
    GET     401     text/html     http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
    GET     401     text/html     http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
    GET     302     Redirect to http://your.portal.com/portal/server.pt?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login     http://your.portal.com/portal/sso/SSOLogin.aspx?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login
    GET     200     text/html; charset=utf-8     http://your.portal.com/portal/server.pt?in_hi_userid=15046&space=CommunityPage&parentid=1&cached=false&control=SetCommunity&PageID=0&CommunityID=205&parentname=Login

    I have this happen in v6.0 sp1. We have worked around the problem with a bit of work and synchronization of settings. Below, I've outlined how we've worked around the problem (which is indeed a problem that should be fixed). Also, if you have a load balancer, you'll need to set your session timeout on the load balancer to a bit more than the refresh rate that you set for your communities and My Pages.
    Resolving the Portlet Timeout / Refresh Problem in ALUI Portal_
    Problem: Users occasionally receive the portal page within a portlet error
    Cause: The root cause has not been determined; however it appears that the primary event that exhibits the behavior is when a teammember’s session has expired on the portal server and they then utilize a .NET form-based portlet which refreshes in place. Because we are using WIA SSO to enable automatic logins to the portal, it makes the error seem to occur randomly.
    Resolution:
    The workaround solution is to – 1) increase the portal session timeout on the portal web servers from the default 20min to 4 hours, and 2) set the MyPage refresh interval setting for all portal users to 3 hours. The setting name is a bit of a misnomer, as it will actually refresh the entire portal page automatically if the user is idle on either a My Page or a Community Page, as these are the only two places that portlets reside.
    Increasing the portal session timeout:
    The portal session timeout is controlled in two places, and both settings should match. On the portal virtual directory in IIS, edit the configuration and increase the timeout setting to 240 (minutes). Then, edit the portal application’s web.config file (d:\portal\ptportal\6.0\webapp\portal\web\) and increase the sessionState Timeout variable to 240. Editting the config file will require you to restart the services before you see the change.
    Initial setting of the MyPage refresh interval:
    The initial setting will need to be done by a SQL script in order to apply it to all existing users. The Default Profile should also be updated so that all new user synched from AD will have this setting applied automatically.
    /* Delete refresh interval settings for all users first so that there are no conflicts on the inserts */
    DELETE FROM portaldbuser.ptprefs WHERE prefname = 'intMyPageRefreshRate'
    /* Insert desired page refresh setting for all users */
    INSERT INTO portaldbuser.ptprefs (userid,gadgetid,prefclassid,prefobjectid,prefname,prefvaluetype,prefvalue,pagenumber) SELECT objectid,0,0,0,'intMyPageRefreshRate',3,180,0 FROM portaldbuser.ptusers
    From Administration, access the Default Profiles utility. Check the Default Profile entry and click on the Edit Profile Layout link. Click on the My Account link in the Portal Settings portlet and then on the Display Options link on the next page. In the Page and Portlet Settings, update the Your My Page will be updated: setting to 4 hours. Click Finish twice to return to Administration.
    Updating the MyPage refresh interval:
    To update the setting just modify the insert portion of the SQL script. Change the prefvalue number (180) to the desired timeout in minutes and rerun both statements of the script.
    The Default Profile should be also be modified per the instructions above.
    I hope this helps...
    -tom

  • SSO and how to Managing User Roles/Privileges with Forms using Oracle db

    We are in the process of implementing Oracle Application Server SSO with our custom Forms application using Oracle database -- all 10.2.0.1.0 version.
    In our Forms Applications, we have about a dozen roles we have assigned to various users. We need to identify each user using our Forms because we are using the GLOBAL USER throughout the application.
    Questions:
    -- Do we have to create users/passwords in both OID and application database?
    -- Is there a way to easily manage the user and passwords between SSO and Forms App/database in one place? For example, how does a user change their password once, but actually change it in both the database and SSO?
    Any advice and/or direction would be greatly appreciated.
    Thank you,
    Mika
    Edited by: user11846198 on Sep 1, 2009 1:41 PM
    Edited by: user11846198 on Sep 1, 2009 1:53 PM

    Yes, you can have global roles in the DB and assign this roles to specific OID users, and the will heritage the privilages, you can do this using Oracle Identity Management Web Tool http://hostname:7777/oiddas is not complicated.
    Greetings.

  • 10g - how to configure sso with iis-

    hi, experts, I have followed Oracle® Business Intelligence Enterprise Edition Deployment Guide to configure SSO with IIS.
    but I always meet this message.
    Not Logged In
    You are not currently logged in to the Oracle BI Server.
    If you have already logged in, your connection might have timed out, or a communications or server error may have occurred
    what steps are missing?
    how to check?

    hi, experts,
    I checked C:\OracleBIData\web\log\sawlog0.log on the obi server (windows server 2003 standard).
    at Thu Feb 17 14:48:46 2011 , I logined OBI on another machine (not via the browser on the obi server).
    however, the log shows the login user is the administrator of the obiserver (obiserver\administrator ).
    any setup on IIS are wrong? thank you very much!
    =========================================================================================
    Running job 'MinutelyMonitor' took 7422 milliseconds, 12.3% of job's frequency (60 seconds).
    Type: Error
    Severity: 40
    Time: Thu Feb 17 14:48:46 2011
    File: project/webodbcaccess/odbcconnectionimpl.cpp Line: 371
    Properties: ConnId-1,1;ThreadID-1796
    Location:
         saw.odbc.connection.open
         saw.connectionPool.getConnection
         saw.subsystem.security.checkAuthenticationImpl
         saw.threadPool
         saw.threads
    Odbc driver returned an error (SQLDriverConnectW).
    State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused.
    [nQSError: 43001] Authentication failed for obiserver\administrator in repository Star: invalid user/password. (08004)
    Type: Error
    Severity: 42
    Time: Thu Feb 17 14:48:46 2011
    File: project/webconnect/connection.cpp Line: 276
    Properties: ThreadID-1796
    Location:
         saw.connectionPool.getConnection
         saw.subsystem.security.checkAuthenticationImpl
         saw.threadPool
         saw.threads
    Authentication Failure.
    Odbc driver returned an error (SQLDriverConnectW).
    ---------------------------------------

  • SSO and external applications

    Hello folks,
    Due to my inexperience with PS6, I'm looking for some high-level outline that will help me look in the right places and understand things better here.
    I have an external application that requires authentication via a web form (or by attaching the username and password on the URL as parameters).
    What I want to do is have a channel of this application and utilize information from the SSO mechanism to redirect the request to that remote app and provide the credentials for a transparent login.
    From what I understand this can be done by having a servlet in that channel to retrieve the credentials of the user for that remote application from the SSO and then redirect to the external application, attaching the credentials to the URL.
    Is the above correct? I would appreciate any pointers or considerations since my experience with PS is minimal.
    Thanks in advance,
    Manos

    I don't see a way to that servlet to retrieve a password for the user - it's not stored in the session.
    There are following options:
    1. OpenText LiveLink way: You have some "hidden" password for every user (based on user's ID and a shared key) known only to your server and this servlet. Servlet will supply this password.
    2. Normal way - web server: Implement login module to this application, which will trust REMOTE_USER variable provided by the agent on the web server.
    3. Normal way - standalone app: Implement login module to this application which will validate DSAME session cookie on the DSAME server. You can use example code in the SUNWam/samples/ of your server.

  • SSO and WebUtil

    Hi,
    I have a form that was working with webutil. We implemented SSO on the server. Know the webutil jar file does not load - it can not find it.
    Getting the following message in java console:
    Loading http://capps.cauto.com/forms90/webutil/webutil.jar from JAR cache
    Loading http://capps.cauto.com/forms90/webutil/jacob.jar from JAR cache
    Loading http://capps.cauto.com/forms90/java/f90all_jinit.jar from JAR cache
    RegisterWebUtil - Loading Webutil Version 1.0.2 Beta
    Loading http://capps.cauto.com/forms90/java/rolloverbutton.jar from JAR cache
    Loading http://capps.cauto.com/forms90/java/hyperlink.jar from JAR cache
    connectMode=HTTP, native.
    Forms Applet version is : 90290
    java.io.IOException: Could not connect to http://wadjet.cauto.com/forms90/webutil/webutil.jar
         at oracle.jre.protocol.jar.JarCache$CachedJarLoader.download(Unknown Source)
         at oracle.jre.protocol.jar.JarCache$CachedJarLoader.load(Unknown Source)
         at oracle.jre.protocol.jar.JarCache.get(Unknown Source)
    Has anyone use SSO and webutil?
    Thanks,
    Mary Santry

    Mary,
    using single sign-On with Forms should not have an impact to webutil.jar.
    Just to be sure: You configured webutil and it works if not running using single sign-on. You configured Forms to use singke sign-on (uncommenting th emod_osso directive in forms90.conf file) and from now on webutil.jar cannot be found.
    What if you directly try and request the webutil.jar file from a Browser
    http://wadjet.cauto.com/forms90/webutil/webutil.jar ?
    Can you access jacob.jar using a Browser URL?
    Fran

  • SSO and BiBeans

    Hi,
    i want to use SSO with Bi Beans. I have my BiBeans deployed on a 9iasR2 (9.0.2.3). I edit the mod_osso.conf with <Location /*appname*> require valid-user authType Basic </Location> and i have in BIController uncomment the sso blocks.
    After authenticated to the SSO, i got always a NullPointerException. I looked in the code and i found that application.getBISession() is not initalized.
    Please, have anybody an idea, or knows anybody a documentation about SSO and BIBeans.
    best regards
    Rene

    cn=XXX information is missing for the SSO Server (orasso) when going to http://servername:7777/pls/orasso/orasso.home. Is that causing the problem? If so, how can I resolve it?
    Thanks.
    Andy

  • SSO and success URL with parameters

    Hello
    I have succeeded to configure HTML_DB engine as Partner App for Oracle SSO.
    HTML_DB 1.5.0.00.33
    Oracle IAS Release 1 ehk 1.0.2.2.2
    I'm entering into HTMLDB application from outside directly to concrete page with concrete parameters. The calling outside app is authenticated with SSO.
    Example URL: http://host/pls/DAD/f?p=103:3:::::PAR1,PAR2:VAL1,VAL2
    I'm then authenticated checked against SSO and redirected to my requested page, but the parameters are lost. The URL looks like http://host/pls/DAD/f?p=103:3:987698769876098
    It only happens at first try. Next time I have a session and I'm redirected together with parametes.
    It seams that this http://host/pls/DAD/wwv_flow_custom_auth_sso.process_success is getting somehow wrong parameter URLC. Without parameters. Why?
    Please help!
    Yours,
    jan lakspere

    Hi
    Thanks, Scott.
    This patch 1.5.1 solved this problem. Now SSO redirect forwards the parameters together with URL.
    Yours,
    jan

  • SSO and LDAP no working after revokeing Territory selection choice of SSO

    Hi i have 9ias 9.0.2 infrastructure on win 2k box.
    earlier the territory selection choice was checked.
    but when i unchecked that option. and i logged out of SSO.
    Now the problem is i am not getting the SSO and Internet Directory home pages.
    and in Enterprise manager web page shows both are up.
    win 2k's task manager also shows the all the three process of Internet directory also running along with other essentianl processs.
    any clue....
    my whole work and intranet & extranet is not accessible due to this.... it will be great to me if i get any tip of hint...
    thanks a lot... in advance...
    regards
    samir([email protected])

    Well, this is certainly a case where I would be opening a tech support case. Your server is down, and you need help . .
    I'll try what I can for you.
    [18/Jun/2004:09:21:57 -0400] vipmail2 httpd[1560]: Account Debug: SASL [10.29.11.63] Cannot get namespace for domain vipmail2.kvcc.edu: Entry not found
    This likely means that you've missed another, earlier error in the log. I suspect that what may have happened, is that the USER that Messaging Server connects to LDAP with has had a password change, and you're no longer able to BIND to LDAP to make queries.
    I would start looking at your LDAP Access Log, and see what user you're attempting to BIND as, and see if that BIND is successful.
    The contents of msg.conf and your other file is useful as information, but is not a user-editable file. You must use configutil to make changes, as this data is stored in LDAP, and on server startup, the files will be rewritten with ldap data.

  • SSO and EUS with EM Grid Control

    Trying to configure both SSO using client certificate authentication process and Enterprise Users, I noted that the parameter used to configure both is the same (oracle.sysman.emSDK.sec.DirectoryAuthenticationType) in emons.properties.
    Can I use both SSO and EUS with EM Grid Control???

    Hello
    i am interested in a very special feature: is it possible to get notified if alerts occur in alert logs in an 8i/9i database when using Grid control and the 10g agent on the 8i/9i systems?
    Moreover, the 10g agent should be able to get Performance Data using the v$ views or direct sga access without using statspack, right?
    Do you know where I can find documentation about the supported features when using Grid Control with 8i/9i databases?

  • SSO and REMOTE_USER

    Hi everybody,
    Once authenticated to HTML_DB through SSO, is there a way to know the REMOTE_USER (the username entered by the user when authentified by SSO) and use it in a query ?
    Thank you

    Yves,
    I think you might be talking about mod_osso. Mod_osso doesn't yet support dynamic directives for PL/SQL applications, so for the DAD that is protected by mod_osso, you will get the behavior you described in all HTML DB applications using that DAD. You might want to consider dedicating a DAD for mod_osso-authenticated HTML DB apps. When PL/SQL dynamic directives are supported in mod_osso in a future release, it will be easier to use with HTML DB.
    HTML DB never accesses REMOTE_USER, which is set by mod_osso. If mod_osso is also setting USER, i.e., the user connected through the DAD, to the same value, that's interesting.
    As far as spoofing REMOTE_USER, you'd have to get between mod_osso and mod_plsql and the application to do it. So I'd say that that isn't a concern.
    With mod_osso or AS Single Signon using a partner application, you have to decide how to handle logout. Should it end your current session only, or take you to the Single Sign-Out page and log you out of everything?
    Today, AS Single Signon with HTML DB registered as the partner application is a supported and secure solution. Search this forum for detailed steps about setting that up using the SSO SDK.
    Scott

  • SSO and JavaScript

    Hi all,
    does any one of you know about any restriction or any other issue involving SSO and JavaScript?
    We have a web app in an OC4J instance, which uses JSP and JavaScript.
    When SSO is disabled for the application, everything goes well. But when SSO is active, the page loads a lot slower, and the IE browser always shows the error icon when any component tries to execute Javascript.
    Any ideas about this issue?
    Oracle AS 10g (9.4.1)
    Win 2000 SP4
    IE 6.0 SP1
    Thanks a Lot in advance.
    Have a nice day.
    Jaime

    It is simpler to do from server side as follows. Place below line
    inside Page_Load event of any portal component:
       Write(this.Request.Cookies.Get("MYSAPSSO2").Value);

Maybe you are looking for

  • How to disable copy and paste from Mail to other applications

    Are there MDM or policy that can limit copy and paste?  Using MDM or ACU to lockdown the phone would be completely useless in regards to preventing data leakage unless copy/paste can be controlled.  MDM provider is advising that there is no API from

  • Logic Crashing - Please help me if you can!

    Hi guys First time posted; Long time browser.. Alright So I have Logic Pro with various AU instruments etc Its been going great for some time (months) and last two days Ive hit a bump. We tracked it down to being nexus; (au instrument) however even d

  • Scanning from Photosmart 4580 to Macbook Pro

    Hi, whilst I can print documents from the Mac I cannot scan from the Photosmart to the Mac. On System Preferences under Printers and Scanners there is no scan option. Can you help please? Thanks

  • PDF convert to PDF/A-1b problems

    I would like to convert my existing archive pdf files into PDF/A. I read on the forum that PDF/A-1b is less critical than 1a so I went with that. Using Acrobat Pro 9 and starting from "clean" (generated by Abbyy Finereader 8) pdfs, the conversion (us

  • How do I enable javascript if there is no option to enable javascript - follow-up

    I have read the solution on about:config solution in the original post, but when I when there, I found Java is already enabled - the default configuration. I am running Noscript, yet I am prompted on virtually every page, to allow or forbid scripting