SSO login for custom BO SDK Application

Similar Messages

• How to create sso login for webcenter application

  Hi,
  i have created a webcenter portal application with a login page.i have to create a sso login for that application .
  can anyone suggest me how to do?

  Hi.
  Do you have OAM as SSO?.
  The best way is to create a loginProxy page which proxies the user and password entered to OAM Login process (or the other SSO system).
  This post of JayJay will help you: http://jjzheng.blogspot.com/2013/10/non-programmatic-authentication-using.html
  Regards.

• I-view for custom WD ABAP application opening in new page

  Hi,
  We have created a new i-view and page in ESS for a custom WD ABAP application.
  Our requirement is that all i-views open in the same page (i.e. portal content area). I have set the property - launch in new window as ' display in portal content area'. The work protect mode settings for opening in the same window have also been done.
  Yet, the i-views that have been created for custom WD ABAP applications are opening in a new page while the standard i-views are opening in the same page.
  Would appreciate pointers on how can this issue can be resolved.
  TIA.

  hi,
  check your homepage configuration and makesure nothing is there on window name in the resource.
  thanks,
  pkv

• SSO for some SAP Apps, but forced login for the sensitive data application

  We have R/3 4.7 (Enterprise), with EP 6.0 and Web AS 6.40.  We have implemented Employee Self Service, as well as CRM, and some BW reports through EP 6.0.  We have a Broadvision Portal that is on top of EP 6.0.  In other words, the employees login to the Broadvision Portal, and authenticate against our Active Directory user store.  Then they will choose the SAP apps listed above, which go through the SAP Portal (EP 6.0)
  We want to allow SSO through EP when users choose either CRM, or BW reports, but we want to force a login when they choose ESS, since this data is more sensitive.  The problem we have had is that when we turn on SSO, it allows the user through for all 3 SAP apps.  My question is: How can we force a login for just ESS, but not for the other 2 apps.
  Thanks.

  Rick,
  I suppose, Eric meant Authentication Schemes ("authschemes") instead of security zones.
  An authentication scheme is essentially a pointer to a JAAS logon stacks on the J2EE Engine plus a frontend ("login screen"). Authentication schemes are assigned numbers ("priorities"), the higher the number the more trustworthy the authentication of the underlying JAAS stack is regarded.
  Example:
  Let's assume you use the default authscheme "uidpwdlogon" for all your iviews. It features a password-based or SAP logon ticket-based logon and is assigned a value of 20. All iviews that have this authscheme set in its "authscheme" property are accessible for you without any further authentication once you have passed this scheme (or any other authscheme with a priority <= 20).
  Now, you set one individual iview to use authscheme "certlogon", which requires an X.509 certificate and is valued "21". When accessing this iview, the portal will force a re-authentication (as 21>20).
  By configuring custom authschemes and JAAS logon stacks you can easily implement your scenario. Simply ensure that all your ESS iviews will be using an authscheme with a value greater that your default value.
  Regards,
  Dominik

• SSO Authentication for more than one application in Application Express

  Hello,
  I recently got a single application working with SSO integration for Application Express 2.2.
  Now I would like to create multiple applications within the same workspace, which all use SSO authentication. I tried both copying the working one from the other application and creating a new SSO authentication scheme from scratch into the new aplication.
  I cant seem to make the new application work with SSO authentication. Do I have to go through all of the same steps I went through to get it working with the first application?
  Thanks
  -sean

  Ok, my bad.
  After shutting down my web browser and reopening it, the SSO integration now works for both the old and new applications. Not sure what was cached, but it was bypassing the sso check.

• How to configure logins for ADF Jclient based application

  Hi,
  I have an existing Java swings based application and the user authentication in the application uses Oracle (database level) user id/pwd verification. This I achieve through creating a successful JDBC connection. I treat this connection as a global variable and use it through out the user session.
  Now I need to create some new functionality that needs to be developed using ADF Jclient. This functionality would be plugged into the existing swing based application.
  However as per the documentation that I've gone through so far, we need to have a connection created for BC4J project at the development time. This connection is used to create data bindings. If I eliminate the connection information from the project properties/ connection the ADF Jclient form does not launch. The process hangs at:
  mgr.loadCpx("DataBindings.cpx", map);
  Is their some way I can specify the connection attributes for the ADF Jclient forms through my application. I'm fairly new to ADF Jclient and BC4J so I'm assuming that I'm missing something here, but, I'm not sure where to find for this information. Please help.
  Regards

  Hi,
  The following How-To may be helpful.
  http://www.oracle.com/technology/products/jdev/howtos/10g/dynamicjdbchowto.html
  I believe your application user is the same as database user. Dynamic JDBC credential provider seems to be what you are looking for.
  In ADF, we separate application user from JDBC user. You could read more about JAAS and BC4J Security by looking up 'Security' or 'JAAS' in Help.
  Thanks,
  Yvonne

• APEX 3.2 Associating application with SSO login page.

  Hi
  My requirement is to replace my login page of APEX3.2 application with an SSO login page. Also, the application uses some tables with some history columns like: "Last Updated by", "Created by", "Last Update Time", etc... While create/edit of any table, I want these columns to be automatically populated according to the credentials used in SSO login page to that application. Please help.
  The link given on this forum (http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html) for the purpose seems to be obsolete i.e. for previous versions of APEX.
  Thanks
  Bhavesh

  Bhavesh,
  That how-to explains all the steps you need to set up SSO with Application Express.
  As far as the audit columns, just create triggers on your tables. Referenced v('APP_USER') to get the authenticated username.
  Scott

• How to make use of SSO login credentials of oracle in Authentication shema using APEX

  Hi
  I am using SSO login for Authorizations. Would like make use of SSO for creating authentication schema. I would appreciate if someone can help me on this. My main requirement is to assign privilege based on users using SSO loging.

  Here's an example.
  I create a new application in APEX called Master with Application ID = 100. I modify some templates, create some LOV's in this master template.
  I create a 2nd application in APEX called Subscriber with Application ID = 101.
  In 101 I go to Shared Components => List of Values => Create. Choose to create as a copy of an existing list of values. In the dropdown, I choose Master (100) and click Next. You then are presented with all of the LOV's from your master application. First off you want to change the name from Copy of <LOV> to just <LOV> more because it is kind of confusing if you don't. In the copy drop-down, this where you choose Copy and Subscribe.
  The way it works is that once an object subscribes, you always make changes to that object in Master (100), and there is a button to push that change to all subscribing applications. So if you have 30 applications subscribing to that one LOV, you just make the change once, push it to the subscribers and they are now up to date.
  Keep in mind it doesn't work with all objects and only certain objects may be subscribed to. Objects like Application Processes for instance do not have a subscription feature, but you could use packages to keep common logic and just reference the same package anywhere you need it.
  What I ended up doing was to create a master and a subscription application. The subscription template has no actual pages, just subscriptions to templates and LOV's that I need. Whenever I need a new application, I just create a new application as a copy of that subscription application and my subscriptions are already setup for me.
  Check out the documentation and just search for Subscribe or Subscription and it should explain pretty much what I did above.

• SSO requires double login for partner application

  I'm having some trouble with SSO partner applications, when I login to a SSO protected application, the login works fine, but when I try to navigate to another application I'm presented with the login page again, the sso cookie seems to be working since clicking on the login button without entering the user credentials works. For example, I log in to portal and from there I navigate to a forms application that is on the same server and the same port (portal: https://apps.mydomain.com:4444/pls/portal --> forms: https://apps.mydomain.com/forms/frmservlet?config=app) I am presented with the login page and after clicking on the login button without entering any information everything works fine. This is happening for all the middle tiers that are connected to the same OID. Any ideas on what can be wrong on my configuration?

  Hi Andrey,
  The problem sounds really wierd.
  Can you check your SSO settings for your Portal ECC system? I mean, please check the User Management/Administration properties in your System Adminstration of Portal System that points to ECC.
  Regards
  <i><b>Raja Sekhar</b></i>

• SSO Enabling a custom application with OAM

  Hi All !
  Am a bit stuck on a problem and need some urgent help. Actually we are trying to launch some custom-built (J2EE/.NET) web applications from the Oracle Portal with SSO i.e. once the user logs into the portal he would not have to log-in again to the applications which would be launched from the portal home page.
  We have successfully integrated the Oracle Portal with the OAM SSO, but facing some problems with SSO enabling the custom applications. Any help on what should be the ideal integration architecture and approach for SSO enabling the apps with minimum amount of modification of the application code.
  The licenses are available for OID, OVD, OAM.
  Thanks in advance. Any views/comments/links to useful material appreciated.
  Cheers
  Soumak

  If your custom application uses its own database for Authentication, then you have to modify the login process for your application. i.e. you have to trust the OAM to have done the authentication and then create any custom cookie that your application might use in its landing page.
  I am assuming that your custom application have some way of tracking if the user has logged in or not. You can protect the Custom application URL within OAM and once the user has logged in you can then generate your custom application cookie.
  Even if you use OVD, you stil have to modify login process in your custom appliation to trust the third party to have done the authentication.
  Thanks
  Ram

• SSO userid for a partner application

  Hi,
  We have one application deployed on WebLogic Application Server this is registred as Partner application over SSO server.
  On application side we have installed Oracle HTTP Server as webserver and configured mod_osso.
  Now when user attempt to access any secured page SSO askes for the authentication. And on successful login user landed back to application page configured while creating Partner application.
  After login we need userid of user who logged in on sso server. I have tried following and getting null.
  Remote User: <%=request.getRemoteUser() %>,
       Proxy-Remote-User: <%=request.getHeader("Proxy-Remote-User") %>
       Osso-User-Dn: <%=request.getHeader("Osso-User-Dn") %>
       Osso-User-Guid: <%=request.getHeader("Osso-User-Guid") %>
       Osso-Subscriber: <%=request.getHeader("Osso-Subscriber") %>
       Osso-Subscriber-Dn: <%=request.getHeader("Osso-Subscriber-Dn") %>
       Osso-Subscriber-Guid: <%=request.getHeader("Osso-Subscriber-Guid") %>
       Accept-Language: <%=request.getHeader("Accept-Language") %>
  output:
  Remote User: null,
  Proxy-Remote-User: null
  Osso-User-Dn: null
  Osso-User-Guid: null
  Osso-Subscriber: null
  Osso-Subscriber-Dn: null
  Osso-Subscriber-Guid: null
  Accept-Language: en-us,en;q=0.5
  Is any one there knows, what exactly i should do?
  Thanks & Regards,
  Kevin Chheda

  So the user has successfully authenticated and can access protected areas of the application?
  Have you tried using Http headers to see values/attribute names?
  Can you try this:
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
  <html>
  <body>
  <%@ page import = "java.util.*" %>
  <h1>Headers received:</h1>
  Remote user header is: <% out.println(request.getRemoteUser()); %>
  <p>
  <table>
  <%
  Enumeration headerNames = request.getHeaderNames();
  while(headerNames.hasMoreElements()) {
  String headerName = (String)headerNames.nextElement();
  out.println("<tr><td>" + headerName);
  out.println(" <td>" + request.getHeader(headerName));
  %>
  </table>
  </body></html>

• Partner application configuration is missing error on SSO login page

  We have APEX 3.1.2 setup as a partner application and an application within APEX setup to use SSO for authentication. Following a link to the APEX application redirects to the Single Sign-On page, as it should, but it also shows "Error: The partner application configuration is missing or expired." I type in my password and username, click the Login button, and (if I entered my username and password correctly, of course!) then the APEX application is shown. So, I cannot figure out why we're getting the no_papp_err error and I have not found any solutions to that issue on Metalink or anywhere else on the Internet. Any ideas? I'm concerned that we have a misconfiguration somewhere that is causing this error and will affect any other partner application we setup in the future.
  We're on Oracle Portal 10.1.4, SSO 10.1.2, and SSL is setup on both infra and mid tiers.

  Did you try checking the partner application entries on the SSO-login server page?
  please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
  also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.

• Error: Partner application configuration is missing ... on SSO login page

  We have APEX 3.1.2 setup as a partner application and an application within APEX setup to use SSO for authentication. Going to the APEX application redirects to the Single Sign-On page, as it should, but it also shows "Error: The partner application configuration is missing or expired." I type in my password and username, click the Login button, and (if I entered my username and password correctly), it redirects me to the APEX application just like it should. So, I cannot figure out why we're getting the no_papp_err error and I have not found any solutions to that issue on metalink or anywhere else on the Internet. Any ideas?
  We're on Oracle Portal 10.1.4, SSO 10.1.2, and SSL is setup for both.
  +Closing this topic and opening it in [Oracle Application Server - General|http://forums.oracle.com/forums/thread.jspa?threadID=832022&tstart=0|New Topic]+
  Edited by: oportalist on Nov 28, 2008 10:24 AM

  Did you try checking the partner application entries on the SSO-login server page?
  please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
  also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.

• Did any body try to change 10g SSO  login page to custom login page?

  Hi..
  Did any body try to change Oracle 10g SSO login page with custom login Page as we used to do in 902 and 1022 versions by changing wwsso_ls_configuration_info_t table entries?
  It seems that there is now other file policy.properties that has entry for login page.
  Is there any documentation provided by Oracle on this?
  I checked metalink and SSO admin guide?
  Any clue or glue....??
  Thanks
  Sarvesh

  Try 1 & 2 if does not work please file a daycare for further assistance.
  1.   In "Day CQ Login Selector Authentication Handler" for path info add an empty row then verify.
  2.   Delete the existing entry for "Day CQ Login Selector Authentication Handler" , Configure your custom at repository level & verify

• How to pass parameter from SSO login page to ADF application page?

  We have ADF-JSF application (running on AS 1013) that is being protected by OID running on AS 1012. SSO login page contains (among others) paramter ssousername and I wish to pass this to my ADF application. For the testing purpose I created ADF application entry point page that has something like this:
  <h:outputText value="#{param.ssousername}"/>and my sso login page has:
  <input type="text" size="30" maxlength="50" name="ssousername" value="<%=str_user%>">OID and ADF OC4j are running on two different servers, same network.
  So after successful login, when my page displays param passed is NULL?!
  Why?

  I solved it with the following....when my page loads, I execute test method:
      public void processLogin(String ssousername) {
           Object o  = JSFUtils.getUserFromSSOLogin();
           if (o!=null) System.out.println(o.toString());
      public static Object getUserFromSSOLogin(){
          FacesContext ctx = FacesContext.getCurrentInstance();
          return ctx.getExternalContext().getRemoteUser();
      }