SSO enablement

Hi,
  I have a BSP application. It is a non portal environment. I have set the login/accept_sso2_ticket and
login/create_sso2_ticket parameters to 1. However it still shows me the login screen and not automatically logging in by SSO.
  Can anybody help me what else needs to be done ? Is there any other system setting that needs to be done. Who can be contacted in this regard ?
Ciao
Gansu

Gansu,
you said...
"I have a BSP application. It is a non portal environment. I have set the login/accept_sso2_ticket and
login/create_sso2_ticket parameters to 1. However it still shows me the login screen and not automatically logging in by SSO."
In the Portal, when we setup SSO to an SAP system we not only set the parameters in the profile as you described:
login/accept_sso2_ticket
login/create_sso2_ticket
but we also import the verify.der certificate from the Portal and make sure that a valid PSE certificate is maintained.
In the Portal environment SSO (with SAP Logon tickets) to SAP works by you first of being logged onto the Portal and authenticated and you having the same Username in the SAP system as you have in the portal.
You said you have a BSP application in a non-portal environment, this suggests to me that you will have to examine how the authentication works in your non-portal environment and see if there is a way of performing Usermapping of Username and Password by System to your WAS system to execute the BSP or if there is a way of exporting a trusted logontoken from your non-portal environment to the WAS environment.
SSL and x509 certificates is something else, but configuring SSL on your WAS is described in some very nice documents available on SAP Market Place.
It is an interesting topic for me because although we have the EP, the BSP's I am developing will be accessed by people logged into a different vendor's Portal environment - and I am sure at some stage the requirement is going to come my way to get the BSP's to open via the non-SAP Portal with SSO.
Milan.

Similar Messages

  • SSO Enabling a custom application with OAM

    Hi All !
    Am a bit stuck on a problem and need some urgent help. Actually we are trying to launch some custom-built (J2EE/.NET) web applications from the Oracle Portal with SSO i.e. once the user logs into the portal he would not have to log-in again to the applications which would be launched from the portal home page.
    We have successfully integrated the Oracle Portal with the OAM SSO, but facing some problems with SSO enabling the custom applications. Any help on what should be the ideal integration architecture and approach for SSO enabling the apps with minimum amount of modification of the application code.
    The licenses are available for OID, OVD, OAM.
    Thanks in advance. Any views/comments/links to useful material appreciated.
    Cheers
    Soumak

    If your custom application uses its own database for Authentication, then you have to modify the login process for your application. i.e. you have to trust the OAM to have done the authentication and then create any custom cookie that your application might use in its landing page.
    I am assuming that your custom application have some way of tracking if the user has logged in or not. You can protect the Custom application URL within OAM and once the user has logged in you can then generate your custom application cookie.
    Even if you use OVD, you stil have to modify login process in your custom appliation to trust the third party to have done the authentication.
    Thanks
    Ram

  • EBusiness Suite User Management Provision - SSO Enabled

    Hello,
    I am having a hard time provisioning to ebusiness suite 12; it is SSO enabled with OID as the LDAP Repository.
    I am able to
    1.provision userid testuser1 to OID.
    2.provision userid oimuser1 to ebusiness (I have not enabled SSO in the connector configuration at this point)
    When I try to provision user oimuser1 to OID, it says a duplicate entry already exists.
    Unabled to call fnd_ldap_wrapper.create_user due to the following reason:
    ORA-20001: Unabled to call fnd_ldap_wrapper.create_user due to the following reason:
    A user with the given username already exists. Please choose a different username.. (USER_NAME=OIMTEST2). (USER_NAME=OIMTEST2).
    ORA-06512: at "APPS.APP_EXCEPTION", line 72
    ORA-06512: at "APPS.FND_USER_PKG", line 1038
    ORA-06512: at "APPS.FND_USER_PKG", line 1196
    ORA-06512: at "APPS.FND_USER_PKG", line 1315
    ORA-06512: at line 1
    I also tried connector config with SSO Enabled parameters.
    SSO Enabled - Yes
    SSO IT Resource - OID IT Resource (resource name of OID)
    SSO Identifier - orclGUID
    SSO Login Attribute - uid
    While provisioning the user to ebiz (sso enabled) - I provided the SSO Userid, same as idm user id, it gave me error it does not exist.
    And if I leave the field blank- it gives me error stating Input field is blank.
    Can someone please guide me through it?
    Thanks & Regards,
    KJJ1983

    Issue is resolved.
    Was some connector configuration issue.
    Thanks,
    KJJ

  • Oracle.apps.fnd.framework.OAException: Application: FND, Message Name: LDAP_WRAP_VALIDATE_LOGIN_NO. Tokens: REASON = The E-Business instance is not SSO enabled

    Hi
      I am trying to run OAF Form in Jdeveloper, It's giving following error after refresh of Apps database
    oracle.apps.fnd.framework.OAException: Application: FND, Message Name: LDAP_WRAP_VALIDATE_LOGIN_NO. Tokens: REASON = The E-Business instance is not SSO enabled, Please verify the profile Applications SSO Type is set correctly.;
    Anyone knows , what is causing this issue ?
    thanks
    Nk

    And the answer is still the same.
    {forum:id=210}
    And reading the error message "The E-Business instance is not SSO enabled" would seem to give you somewhat of a hint as to what needs to be done

  • How to access the SSO enabled webservice

    Hi,
    I want to access the Oracle OID SSO enabled webservice from webcenter.
    Webcenter is enabled with OAM SSO as both are secured in a different SSO I couldn't access that web service.
    Can you please provide me the solution for the same.
    Thanks.

    Hai
    Please check this link.
    https://www.sdn.sap.com/irj/sdn/wiki?path=/display/vc/connectivity&
    Regards

  • How to run Crypto Tools for SSO Enabling

    Hi Friends,
    How to run Crypto tools for SSO enabling. If any body knows please help me...
    Thanks

    Hi ;
    what is the script for windows Environment...

  • Unable to make OBIEE components SSO enabled

    Hi,
    I have installed OBIEE 10.1.3.4 in windows env.
    I tried to SSO enble all the components that comes within OC4J of cluster (ascontrol, bi office..).
    From the OC4J instance admin security provider section, I checked all these applications to use SSO and JAZN (file based user repository).
    This way only Appliaction server (ascontrol) got SSO enabled not the other components in the oc4j. Am I missing something?
    Thanks
    Saikrishna

    Thank you very much for reply.
    After doing little research I found out that somehow I need to use SSPI to get the user credentials.
    I have no idea how can I use SSPI in java. Please let me know if you know about any third party DLL that do this. Do I need to use JNI to use SSPI in java code?
    Thanks.

  • OBIEE SSO enabling and role based reporting

    Hi,
    I had installed SOA10.1.3.1.0 and OBIEE10.1.3.4.0 already on my WINDOWS. I understand that I need to install 10.1.4 infrastructure to enable SSO in OBIEE, can you please tell me what is 10.1.4 infrastructure? is it equivelent to Oracle Identity Management Infrastructure and Oracle Identity Federation 10.1.4? I tried to download this from OTN since last night, but the page is always unaccessible. Where can I download 10.1.4 infrastructure except otn?
    I have another question regarding to the role based reporting with SSO. We want users to see different reports based on their roles once they login. What options do we have to implement this? From my understanding, we need to maintain a user role mapping table in our database, create groups in OBIEE and map the user role with the group in OBIEE? Is it true? Are there other options? Is there a existing product we can use to implement this?
    Thanks,
    Meng

    have a look on page 137 and further http://download.oracle.com/docs/cd/E10415_01/doc/bi.1013/b31770.pdf

  • Orcladmin can no longer access Collaboration Suite pages with SSO enabled

    I can no longer use the orcladmin account to access Collaboration Suite pages when SSO is enabled. I have the plug-ins listed in OID and have set the one property to exclude orcladmin (and other admin level accounts) from being authenticated using the external authentication connector with ADS. And yet despite that orcladmin still can't authenticate. I can see in the OC4J log that the authentication in IE is falling back to NTLM authentication but is still failing. What the heck am I missing?

    Swipe between pages stopped working for  me as well completely out of the blue. I haven't installed anything / updated anything lately, and it just stopped working about an hour ago.
    My issue isn't with Mission Control, it's with my browsers:
    In Safari, if I try to swipe to go back a page, it freezes the entire page. I can't scroll anywhere.
    In Chrome, swiping to go back pages just doesn't work at all. But no freezing occurs

  • Running reports through the web with SSO enabled

    Hey,
    I am trying to run several reports through the web by calling a direct url, but for some reason every time I am prompted to sign into Portal because SSO is enabled. What can I do to avoid the sign in page and run the report directly?
    Thanks

    Hello,
    Add authid=username/password in the URL where username/password is a valid account in the oid
    http://www.oracle.com/webapps/online-help/reports/10.1.2/topics/htmlhelp_rwbuild_hs/rwrefex/cmdline/common/cla_authid.htm
    Regards

  • Manual login to Non Default DB with SSO enabled

    Hi,
    I logged the following through SAP Support, but was advised that Single Sign-On was functionining as designed.  The issue is that the non-default database does not have a manual login page, whereas the default database does.  This is an issue for us, because we have two completely separate database, and cannot allow a User with a Windows AD account to login manually without disabling his Windows AD access altogether.
    Refer to SAP Message detail below:
    Please advise how we can login users manually to SSM when accessing
    the "non default" SSM Database when they have Single Sign-On access.
    We have 3 Users that generally will access the system using Single Sign-On, but will occasionally have to enter information using a generic
    User ("Initiator").
    We have a path that we can use for manual login to the default
    Database, however this appears to only work for the Default Database:
    http://ssmdev:50000/strategy/login/start.jsp
    This will only work for the Default Database (set as pw database in
    Java System Properties).
    The following path to the non-default Database (EPM Database) results
    in automatic login for the user:
    http://ssmdev:50000/strategy/pilotworks/start.jsp?PilotWorksDB=EPM
    Is there a path we can use to provide the manual login page for
    the "Non Default Database"       
    Steps for Reconstruction    
    As above, login by the Users does not allow manual login to the Non
    Default Database, EPM.

    Hi Scott,
    Sorry, I missunderstood your initial question and the documentation I referenced is not updated appropriately. You have to change the connection string to <server-name>.database.secure.windows.net when you enable the security/auditing features.
    Documentation for this can be found
    here
    Thanks,
    Jan

  • Pen a SSO-enabled URL for a Portal Group?

     

    In vanilla apache you'd do something like this to authorize access to a group of users:
    <Location /some/url>
    AuthType Basic
    AuthGroupFile /usr/local/.../groups.ora
    require PortalGroup
    </Location>
    where PortalGroup is defined in the groups.ora file. But with SSO, we currently don't support authorization, only
    authentication.
    So, the capability to do this is currently not provided.
    This is being considered for a future release.

  • Open sso enabled app in new browser window

    I have a java app deployed to OAS and secured with Single Sign on. I would like my app to open a report and display it in a new browser window. When the new window opens I am getting an error stating that user is not authorized to access the report. This is due to the session information (successful login) being stored with the cookie in the original browser window (where the session started and where the user originally logged in). Is there a way to pass that cookie information to the 2nd browser window...or some way to re-authenticate without having the user log on again...possibly some mod_osso set-up...or some additional code? TIA.

    Hi Durairaj,
    The thing is that I did not get the desired answer to my query and the thread was posted in a wrong forum thus I have the query again inthe correct forum.
    Regards,
    Sweta.

  • Can we use direct planning URL with SSO enabled in 11.1.2.2.300?

    Hi,
    Oracle is saying you have to use workspace to accesss planning app. We are able to go directly to planning in our current prod environment (11.1.2.0).
    But where in 11.1.2.2, we can not use directl planning URL (https://www.ppbebi-dw.army.mil/HyperionPlanning/LogOn.jsp). When you click on this URL, it prompt me to select my login credentials. Once you select your login credentials, it opens planning login page again with my userid and asking password screen.
    Oracle saying that they are not supporting using planning by direct URL.
    Can you please let us know is there any workaround to use dirrect planning URL instead going thru workspace.
    Can I attach screenshots to this thread? I don't know how to attach, please let me know if I can attach.
    Thanks
    Poorna

    Hello,
    OUD uses its own embedded database engine, based on Oracle Berkeley DB Java Edition (Oracle Berkeley DB)
    It does not rely on any additional external DB.
    Sylvain
    Please mark this response as correct or helpful when appropriate to make it easier for others to find it

  • Unable to view BI Publisher report with SSO configuration enabled

    Hi All,
    Can anybody let us know the configuration of the BI publisher with SSO enabled. We are unable to see any of the BI Publisher reports. without SSO configuration we have integration working perfectly fine with the OBIEE and Publisher.
    We followed the configuration steps to integrate BI Publisher with Oracle SSO. The following are the steps:
    1. deploy analytics.ear as a new application 'analyticsSOAP' in OAS
    2. protect analyticsSOAP in mod_osso.conf file under OAS
    3. change OBIEE Presentation services configuration to use analyticsSOAP/saw.dll
    4. run credstore utility to encrypt password
    5.restart xmlp server
    6.restart http server
    7.restart obiee server
    8. restart obiee presentation service
    Still we have issues when we try to accesses BI Publisher reports by clicking more Products -> BI Publisher or view reports directly on the OBIEE Dashboard
    Thanks in advance.

    configure one more virtual path which is unprotected from site minder. we had similar issue for Marketing and resolved by this virtual path.
    ref:
    http://vaandun-analytics.blogspot.com/2009/11/obi-publisher-with-empty-obi-catalog.html
    Thanks
    Sarathi

Maybe you are looking for

  • Can no longer scan with the HP Envy 4500

    I can no longer scan documents with the HP Envy 4500.  When I try to scan it times out and I receive the following error message: "Scanner communiocation cannot be established. Ensure your product is powered on, check the connection, and ensure your

  • Which one SAP ABAP or BI/BW ?

    Dear ALL,               Myself  Kiran from Bangalore, working as Software Developer(PHP/Mysql) having 3 year of total experience.  I always had a dream to learn some Technical modules like ABAP or BI  and to become SAP consultant from my initial days

  • Exporting files to workspace

    i have acrobat pdf creator. I uploaded 50 word files and converted them to pdf however they do not show in my workspace so I cant seem to export

  • Mac OS 10.5.8 help

    Hi there, I have a Mac OS X 10.5.8, 2.66 GHz Intel Core, 2GB 1067 MHz DDR3.  Great desktop for me at home but needs to be upgraded.  Can I have advice on what steps/software I need to go to next OS.  Is Ram expensive to increase?  I do a fair bit of

  • Possible to have "global" variable for book files?

    I'm working in FM9, I am wondering if there is any way to have a variable that spans all the .fm files within a book file? thanks gary in vermont