SSO login time

Dear Gurus,
I need your help to solve this problem:
First: some context:
Our customer has an EP 6.0 SP11 (by now, soon will be upgrated to SP18) with IISProxy implementing SSO from Windows to Portal.
So, I did some tests and measures (using HTTPLook tool) and found that the whole page (home page) takes about 12 sec. to load, and from that, 5 sec. belong to login.
I found this measuring first the time to respond from zero, and later, measuring time to respond after a successful login.
Now the question:
¿Is there some document or how-to in order to decrease the time needed to issuing the ticket in Portal, or some trick to make faster the SSO from IIS?
The landscape is this:
User Repository for Portal = SAP BW @ Win2003 server
User Repository for BW = Microsoft Active Directory
SSO = IIS 6.0 with IISProxy
IIS is in the same server than Portal
Any suggestions will be very much appreciated
Cheers
Patricio

Patricio,
Have you tuned the network;
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/62fee690-0201-0010-8199-9ad39a3f586c
There is also enhancing the page performance;
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/5132a990-0201-0010-f696-b480bffe1f40
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/22baa590-0201-0010-26a3-f1cfa2469973
James

Similar Messages

Problem with SSL Activated on SSO Login

Hi Guys,
One of my applications has recently hit a few problems when SSL was activated on several environments. My application requires you to login using a SSO username and password before you can use the application. Before SSL was implemented, when you pressed the main menu button the page would redirect to the login server and the SSO login would remember your details and log you in again and then take you to the 1st page with a new session id. However, with SSL implemented, when the main menu button is pressed it redirects you to the login server but this time it asks you to enter your username and password. This is a problem as every time authentication is required on my application, it will keep telling you to login even if you have already done so before.
For extra information, the main menu button (which is a navigation bar entry) redirects you to a piece of javascript which is used to take you back to the 1st page depending on what page you are on.
I am also using the latest version of APEX.
Any help is much appreciated as I am not sure where to go with this problem.
Also is it a problem with the SSL setup or my application?
Thanks
-Mark

I have tried to pass the cookie through the URL to the login server but this does nothing.I can't imagine what you mean by that or what exactly you did.
it just takes me to the login page and resets the session id after i have logged in again!What do you mean by "reset"?
How can I make cookies be accepted by SSL?Have you constructed an experiment to prove that this is the problem?
Is there something i can put in the application itself?Definitely not.
Scott

OAM SSO login page language

Hi,
I have an application that is authenticated using the SSO component of OAM 11.1.1.3. The application uses mod_osso for authentication and redirection to the SSO login page.
My application is available in multiple languages, the end user selects the required language using a drop-down list on the landing page. However, when he/she is redirected to the SSO login page, it is always in english. From what i can see, the SSO page uses the browser settings to determine which language to display. Is there something i can do on the application side to force the SSO page to use the same language that the user selected from my application.
I have read the "Internationalization and Multibyte Data Support for OAM 10g WebGates" chapter of the Identity Management documentation, it lists the available languages, but doesnt specify any way of over-riding the browser settings.
Thanks a lot,
Edited by: noshea on Apr 27, 2011 2:09 PM

Joe wrote:
Hello,
I have configured OAM with OID as the datastore. I have a password policy in OID such that if the user enters a wrong password more than 3 times then > the account is locked for a specific interval.
OAM has its own password management feature, it is not smart enough to understand that the policy is in OID. You can write custom plugins to help solve that problem or you can use OAM's LPM. http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12489/whatsnew.htm#CHDCFDEH

APEX 3.2 Associating application with SSO login page.

Hi
My requirement is to replace my login page of APEX3.2 application with an SSO login page. Also, the application uses some tables with some history columns like: "Last Updated by", "Created by", "Last Update Time", etc... While create/edit of any table, I want these columns to be automatically populated according to the credentials used in SSO login page to that application. Please help.
The link given on this forum (http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html) for the purpose seems to be obsolete i.e. for previous versions of APEX.
Thanks
Bhavesh

Bhavesh,
That how-to explains all the steps you need to set up SSO with Application Express.
As far as the audit columns, just create triggers on your tables. Referenced v('APP_USER') to get the authenticated username.
Scott

Unexpected error in SSO login page

Hi all,
We have a problem with our SSO, or with our LDAP directory, or with the way in which they work, not sure about. In the past we were using version 9.x and everything worked fine. Now we migrated to version 10.1.2.0.2 and we discovered that using the same functionality to register and log user is crashing. After a bit of debugging, the problem seems to be that the PASSWORD of the created users is encrypted using some Hash and retrieve in an array of bytes, insted of in plain text as before. In principle this shouldn't affect the way in which we use the LDAP & SSO, but for some reason, when the user tries to log in using the recently created user account and password, the SSO login page gives an "unexpected error" message. The SSO login page is the original page coming with the SSO infrastructure, no change at all on it.
Any idea why this might happened? Is the some way to configure the SSO or the LDAP so they don't encrypt the user password? Any other possible config detail that we should check?
Thanks in advance,
Luis

So after finding the log files on our SSO server, I found out the exact error message that the SSO was throwing was that the account was still not activate!!! Then I realized that we started to make use of the "Start date" LDAP field recently, and event when the date was set to the current date when the account was created, the time was set to 0s, event when the current time was also passed to the LDAP. I don't know what's the reason why the LDAP didn't get our time, passing the date-time with the format the LDAP was asking for (yyyyMMddHHmmssz), but just by rolling one day back the start date, the user accounts were automatically activate when they're creating, solving our problem.
Regards,
Luis
Edited by: lagh on Dec 15, 2008 11:52 AM

SSO login for custom BO SDK Application

Hi,
I am trying to build custom application using BO SDK. Requirement is application should be SSO configured.
Below is my sample code of JSP
<%@ page import = "com.crystaldecisions.sdk.framework.ISessionMgr"%>
<%@ page import = "com.crystaldecisions.sdk.framework.IEnterpriseSession"%>
<%@ page import = "com.crystaldecisions.sdk.exception.SDKException"%>
<%@ page import = "com.crystaldecisions.sdk.occa.infostore.IInfoStore"%>
<%@ page import="com.crystaldecisions.sdk.framework.CrystalEnterprise" %>
<%@ page import="org.ietf.jgss.GSSCredential"%>
<%@ page import="org.ietf.jgss.GSSManager"%>
<%@ page import="com.businessobjects.sdk.credential.CredExtractor"%>
<%
               GSSCredential creds = null;
               GSSManager manager = null;
               CredExtractor credExtractor = new CredExtractor(request);
               creds = credExtractor.GetCredential();
               manager = credExtractor.GetManager();
               ISessionMgr sm = CrystalEnterprise.getSessionMgr();
               IEnterpriseSession enterpriseSession = sm.logon(creds, manager, cms, authentication);
               IInfoStore infoStore = (IInfoStore)enterpriseSession.getService("", "InfoStore");
               String token=enterpriseSession.getLogonTokenMgr().getDefaultToken();
               String myUserID=enterpriseSession.getUserInfo().getUserName().toString();
               session.setAttribute("myUserID",myUserID);
               session.setAttribute("token", token);
               session.setAttribute("InfoStore", infoStore);
               session.setAttribute("enterpriseSession",enterpriseSession);
            response.sendRedirect("home.jsp");
%>
i am redirecting to home.jsp and on home.jsp page i am just displaying userID whish is set in above code
I am deploying my application on server which is SSO enable (Vintela)i have made the necessary changes in web.xml file also
below is my web.xml file
<filter>
          <filter-name>authFilter</filter-name>
          <filter-class>com.businessobjects.sdk.credential.WrappedResponseAuthFilter</filter-class>
          <init-param>
               <param-name>idm.realm</param-name>
               <param-value>abcd.AD.some.COM</param-value>
          </init-param>
          <init-param>
               <param-name>idm.princ</param-name>
               <param-value>abso/SYSBODEV.abcd.ad.some.com</param-value>
          </init-param>
          <init-param>
               <param-name>idm.keytab</param-name>
               <param-value>C:\winnt\sysbodev.keytab</param-value>
          </init-param>
          <init-param>
               <param-name>idm.allowUnsecured</param-name>
               <param-value>true</param-value>
          </init-param>
          <init-param>
               <param-name>idm.allowNTLM</param-name>
               <param-value>false</param-value>
          </init-param>
          <init-param>
               <param-name>idm.logger.name</param-name>
               <param-value>simple</param-value>
               <description>The unique name for this logger.</description>
          </init-param>
          <init-param>
               <param-name>idm.logger.props</param-name>
               <param-value>error-log.properties</param-value>
          <description>                Configures logging from the specified file.            </description>
          </init-param>
          <init-param>
               <param-name>error.page</param-name>
               <param-value>/frame/errorSSO.jsp</param-value>
               <description>The URL of the page to show if an error occurs during authentication.</description>
          </init-param>
     </filter>
<filter-mapping>
        <filter-name>authFilter</filter-name>
        <url-pattern>/frame/frameset.jsp</url-pattern>
    </filter-mapping>
but i am getting error saying VSJ authentication was not performed for this request.
can any one help me ouot where i am going wrong
Edited by: Asraf_Shaikh on Aug 25, 2011 6:39 PM

Hi ivan,
since i was busy with something else, so i could not logging to the forum and reply on time, anyways if your problem is still not solved.
then follow the approach ( this is for java only)
1. see if you can access infoview application , if yes then check web.xml file and try to uncomment the comment elements in web.xml file.
2. check the jar file needed for sso , like credential.jar. you can take all the jar file from infoview application
below is my code for sso login( only the important things i am putting rest you can manage)
imports
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSManager;
import com.businessobjects.sdk.credential.CredExtractor;
import com.crystaldecisions.sdk.framework.CrystalEnterprise;
import com.crystaldecisions.sdk.framework.IEnterpriseSession;
import com.crystaldecisions.sdk.occa.infostore.IInfoStore;
code
GSSCredential myCredential = null;
GSSManager myManager = null;
CredExtractor myCredExtractor = new CredExtractor(request);
myCredential = myCredExtractor.GetCredential();
myManager = myCredExtractor.GetManager();
String myCmsName = getServlet().getServletContext().getInitParameter("cms.default");
IEnterpriseSession myIEnterpriseSession = CrystalEnterprise.getSessionMgr().logon(myCredential,myManager, myCmsName, SEC_WINAD);
IInfoStore myIInfoStore = (IInfoStore) myIEnterpriseSession.getService(PortalConstants.EMPTYSTRING, PortalConstants.INFOSTORE);
you can put try catch block -
web.xml file
     <filter>
          <filter-name>authFilter</filter-name>
          <filter-class>com.businessobjects.sdk.credential.WrappedResponseAuthFilter</filter-class>
          <init-param>
               <param-name>idm.realm</param-name>
               <param-value>HODC.AD.abc.COM</param-value>
          </init-param>
          <init-param>
               <param-name>idm.princ</param-name>
               <param-value>BOSSO/SYSBODEV.hodc.ad.abc.com</param-value>
          </init-param>
          <init-param>
               <param-name>idm.keytab</param-name>
               <param-value>C:\winnt\sysbodev.keytab</param-value>
          </init-param>
          <init-param>
               <param-name>idm.allowUnsecured</param-name>
               <param-value>true</param-value>
          </init-param>
          <init-param>
               <param-name>idm.allowNTLM</param-name>
               <param-value>false</param-value>
          </init-param>
          <init-param>
               <description>The unique name for this logger.</description>
               <param-name>idm.logger.name</param-name>
               <param-value>simple</param-value>
          </init-param>
          <init-param>
                <description>Configures logging from the specified file.</description>
               <param-name>idm.logger.props</param-name>
               <param-value>error-log.properties</param-value>
          </init-param>
          <init-param>
               <description>The URL of the page to show if an error occurs during authentication.</description>
               <param-name>error.page</param-name>
               <param-value>/JSP/failure.jsp</param-value>
          </init-param>
     </filter>
          <filter-mapping>
          <filter-name>authFilter</filter-name>
          <url-pattern>/logon.do</url-pattern>
     </filter-mapping>
above code is working , so if you can follow the same,it should work for you also.and it for secWinad and sso is vintela
let me know the status

Very Slow VDI Client Login Time

Hi,
My environment contains two Hyper-V Servers for DCs, Connection Broker, RD-Web, and two Hyper-V servers as virtualization host to thin clients. All Hyper-V servers are only 35% utilized and all client VMs don't have a performance issue.
After setting up the roles and creating the "Personalized Pools", I open the RD-Web, click on the collection and here it takes a very long time in securing connection part, then a warning message appears for the connection broker self-signed certificate,
I accept it and again a very long time to open the VM.
After searching the internet I figured out that I should install "PFX" certificates for the connection broker (SSO, Publisher). In my environment, we don't use a public certificate from trusted root CAs, however, we have our own "Enterprise
Root CA".
I then figured that I should create a certificate with the following attributes:
Advanced Key Usage: Server Authentication, Client Authentication
Key Usage: Data encipherment, Digital Signature, Key Agreement
I created the certificate and imported it to the RD CB, however, the "securing connection" part was even slower than before, so I duplicated the "Computer" certificate, and configured 1024 bit certificate instead of the old one "2048".
The "securing connection" part is taking half the time now, however it is still very long "+60 seconds" to open the VM.
I still suspect that it is a certificate issue and not sure if I have done the correct certificate.
Would anyone help in this case and providing the correct steps to install a certificate for the RD CB from internal CA.
Thanks.

Hi,
To avoid confusion, let's focus on the same thread.
http://social.technet.microsoft.com/Forums/en-US/17fb24d7-61a7-49be-83b3-35bd9d8b6863/very-slow-vdi-login-time?forum=winserverTS
Thanks.
Jeremy Wu
TechNet Community Support

IronPort SMA: External Spam Quarantine SSO Login

Can external spam quarantine accomodate SSO login, if it's tied with AD? As far as I know- it cannot.

Found the answer:
Accessing the Quarantine via the Quarantine URL
If LDAP Auth is configured, then the users AD username and password get them into the quarantine. There is no SAML SSO integration at this time.
Accessing the quarantine via the Notifcation Digest
When the user clinks on the link of a notification email, the URL has an auth token in it which authenticates the user to the quarantine. No popup login required.
https://sma.quarantine.com:83/Search?h=8d392bb51780c3f7ebe0fa388eb9db2a&email=[email protected]

Partner application configuration is missing error on SSO login page

We have APEX 3.1.2 setup as a partner application and an application within APEX setup to use SSO for authentication. Following a link to the APEX application redirects to the Single Sign-On page, as it should, but it also shows "Error: The partner application configuration is missing or expired." I type in my password and username, click the Login button, and (if I entered my username and password correctly, of course!) then the APEX application is shown. So, I cannot figure out why we're getting the no_papp_err error and I have not found any solutions to that issue on Metalink or anywhere else on the Internet. Any ideas? I'm concerned that we have a misconfiguration somewhere that is causing this error and will affect any other partner application we setup in the future.
We're on Oracle Portal 10.1.4, SSO 10.1.2, and SSL is setup on both infra and mid tiers.

Did you try checking the partner application entries on the SSO-login server page?
please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.

Error: Partner application configuration is missing ... on SSO login page

We have APEX 3.1.2 setup as a partner application and an application within APEX setup to use SSO for authentication. Going to the APEX application redirects to the Single Sign-On page, as it should, but it also shows "Error: The partner application configuration is missing or expired." I type in my password and username, click the Login button, and (if I entered my username and password correctly), it redirects me to the APEX application just like it should. So, I cannot figure out why we're getting the no_papp_err error and I have not found any solutions to that issue on metalink or anywhere else on the Internet. Any ideas?
We're on Oracle Portal 10.1.4, SSO 10.1.2, and SSL is setup for both.
+Closing this topic and opening it in [Oracle Application Server - General|http://forums.oracle.com/forums/thread.jspa?threadID=832022&tstart=0|New Topic]+
Edited by: oportalist on Nov 28, 2008 10:24 AM

Did you try checking the partner application entries on the SSO-login server page?
please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.

ORA-06502 error after SSO login

Hi all.
In our intranet i'm trying to use the AS 10g SSO
as authentication with my HTML DB application.
HTML DB is into a 9.2.0.4 database in a Alpha open VMS server.
AS 10g infrastructure and AS 10g mid-tier on two difference Linux RedHat AS 2.1 servers.
Infrastructure server: http://giedi.marinarinaldi.it:7779
Mid-tier server: http://si.marinarinaldi.it:7778
HTML DB application: http://si.marinarinaldi.it:7778/pls/htmldbSVIL/f?p=106:1
I followed the related how-to document
and the SSO login page shows correctly
but when i click "login":
Error     Error determining caller of process_success:l_owner::p_partner_app_name:HTML_DB Please contact administrator.
ORA-06502: PL/SQL: numeric or value error: character to number conversion error
The SSO logi page is a our custom login page
but it works perfectly with portal.
The SSO partner application parameters:
ID:     97F428BC
Token:     4PW44GF797F428BC
Encryption Key:     12E3971BE26C4E5D
Login URL:     http://giedi.marinarinaldi.it:7779/pls/orasso/orasso.wwsso_app_admin.ls_login
Single Sign-Off URL:     http://giedi.marinarinaldi.it:7779/pls/orasso/orasso.wwsso_app_admin.ls_logout
Name:     HTML_DB
Home URL: http://si.marinarinaldi.it:7778/pls/htmldbSVIL/f?p=106:1
Success URL: http://si.marinarinaldi.it:7778/pls/htmldbSVIL/wwv_flow_custom_auth_sso.process_success
Logout URL: http://si.marinarinaldi.it:7778/pls/htmldbSVIL/htmldb
The parameters of regapp.sql script on the Alpha HTMLDB database:
Enter value for listener_token: HTML_DB:si.marinarinaldi.it:7778
Enter value for site_token: 4PW44GF797F428BC
Enter value for site_id: 97F428BC
Enter value for login_url: http://giedi.marinarinaldi.it:7779/pls/orasso/orasso.
wwsso_app_admin.ls_login
Enter value for cookie_version: v1.0
Enter value for encryption_key: 12E3971BE26C4E5D
Enter value for ip_check: N
Thank you all in advance for help.

SQL> select * from WWSEC_SSO_LOG$;
1
entry: papp_show_config
05-AUG-04
2
IN papp_show_config: after the select.
05-AUG-04
3
site name is 4PW44GF797F428BC
05-AUG-04
4
exit: papp_show_config
05-AUG-04
5
entry: urlencode
05-AUG-04
6
encoded URL is http%3A%2F%2Fsi.marinarinaldi.it%3A7778%2Fpls%2FhtmldbSVIL%2Ff%3F
p%3D106%3A1%3A6300852000501899701
05-AUG-04
7
exit: urlencode
05-AUG-04
8
entry: urlencode
05-AUG-04
9
encoded URL is http%3A%2F%2Fsi.marinarinaldi.it%3A7778
05-AUG-04
10
exit: urlencode
05-AUG-04
11
entry: encrypt_url_cookie
05-AUG-04
12
Before bake_site2pstore_token: listener token: HTML_DB:si.marinarinaldi.it:7778u
rlcookie_version: v1.0papp_url_cookie: http%3A%2F%2Fsi.marinarinaldi.it%3A7778%2
Fpls%2FhtmldbSVIL%2Ff%3Fp%3D106%3A1%3A6300852000501899701~http%3A%2F%2Fsi.marina
rinaldi.it%3A7778enabler_config.site_token: 4PW44GF797F428BCkey: 12E3971BE26C4E5
D
05-AUG-04
13
entry: bake_site2pstore_token
05-AUG-04
14
entry get_enabler_config
05-AUG-04
15
site token is 4PW44GF797F428BC
05-AUG-04
16
exit: get_enabler_config
05-AUG-04
17
In hash string. Input is 308-05-2004 10:06:52
05-AUG-04
18
In hash string. Input is ud)xc`8L`GJd~4PW44GF797F428BC~20040805100652~http%3A%2F
%2Fsi.marinarinaldi.it%3A7778%2Fpls%2FhtmldbSVIL%2Ff%3Fp%3D106%3A1%3A63008520005
01899701~http%3A%2F%2Fsi.marinarinaldi.it%3A7778
05-AUG-04
19
temp site2pstoretoken is :ud)xc`8L`GJd~4PW44GF797F428BC~20040805100652~http%3A%2
F%2Fsi.marinarinaldi.it%3A7778%2Fpls%2FhtmldbSVIL%2Ff%3Fp%3D106%3A1%3A6300852000
501899701~http%3A%2F%2Fsi.marinarinaldi.it%3A7778~5169F5D95694EE7F4EEC7D80056B56
A5
05-AUG-04
20
entry: encrypt_des
05-AUG-04
21
Key is: 12E3971BE26C4E5D
05-AUG-04
22
before rpad
05-AUG-04
23
pre mask: 503504C465CC51FDD7EBB62850973AF1503504C465CC51FDD7EBB62850973AF1503504
C465CC51FDD7EBB62850973AF1503504C465CC51FDD7EBB62850973AF1503504C465CC51FDD7EBB6
2850973AF1503504C465CC51FDD7EBB62850973AF1503504C465CC51FDD7EBB628
05-AUG-04
24
post mask: 45FBB10E9AABB801ABAC1C861EBF9AE645FBB10E9AABB801ABAC1C861EBF9AE645FBB
10E9AABB801ABAC1C861EBF9AE645FBB10E9AABB801ABAC1C861EBF9AE645FBB10E9AABB801ABAC1
C861EBF9AE645FBB10E9AABB801ABAC1C861EBF9AE645FBB10E9AABB801ABAC1C86
05-AUG-04
25
exit: bake_site2pstore_token
05-AUG-04
26
After bake_site2_pstore_token. Value is: C061F10FBDDAACCB4A5B536D036656AF013D33B
17261B66BD9C46A02004CF08081B0EB68834FA1594884A2088A6E1829A35EEA97ECF7B0F9B728B60
B7DDEFEC846EA96CDB4208783B26F7DE976B3E7912554A8FA2B383EBF0C4221858C88B10A00A2789
65C85703BEF6C3C1E3F069FF9C41059B5982CBADB7F662D481C9812EBCD7B44A7E24819CD152BB29
9F2B40F08138F7DAE05BCC58CF87FECFA89B1BEE195FB2A314699AA2C8D406AC52FCE4F5B6DCE910
A4B31714D99918BEC39E3E067BE031F5E9DF031192064B1ECAE0B100775AD76EF4D478844
05-AUG-04
27
Redirect URL generated is : http://giedi.marinarinaldi.it:7779/pls/orasso/orasso
.wwsso_app_admin.ls_login?site2pstoretoken=v1.0~97F428BC~C061F10FBDDAACCB4A5B536
D036656AF013D33B17261B66BD9C46A02004CF08081B0EB68834FA1594884A2088A6E1829A35EEA9
7ECF7B0F9B728B60B7DDEFEC846EA96CDB4208783B26F7DE976B3E7912554A8FA2B383EBF0C42218
58C88B10A00A278965C85703BEF6C3C1E3F069FF9C41059B5982CBADB7F662D481C9812EBCD7B44A
7E24819CD152BB299F2B40F08138F7DAE05BCC58CF87FECFA89B1BEE195FB2A314699AA2C8D406AC
52FCE4F5B6DCE910A4B31714D99918BEC39E3E067BE031F5E9DF031192064B1ECAE0B100775AD76E
F4D478844
05-AUG-04

Did any body try to change 10g SSO login page to custom login page?

Hi..
Did any body try to change Oracle 10g SSO login page with custom login Page as we used to do in 902 and 1022 versions by changing wwsso_ls_configuration_info_t table entries?
It seems that there is now other file policy.properties that has entry for login page.
Is there any documentation provided by Oracle on this?
I checked metalink and SSO admin guide?
Any clue or glue....??
Thanks
Sarvesh

Try 1 & 2 if does not work please file a daycare for further assistance.
1. In "Day CQ Login Selector Authentication Handler" for path info add an empty row then verify.
2. Delete the existing entry for "Day CQ Login Selector Authentication Handler" , Configure your custom at repository level & verify

Opens Webmail login page instead of sso login page after changing the webma

Hi Gurus,
I have setup notes webmail in portal which uses SSO. I login to portal and click the webmail link which opens the sso page for authentication(Cuz I have integrated the webmail to use SSO). I enter my username and password. Then it shows my emails, inbox..etc. I logout of portal, Go to Notes client on my PC and change my webmail password there. I go back to portal and log in and click the webmail link on the portal. Cuz I have changed the webmail password, I expected that it will open the SSO page and ask me to enter the password again. It didn't happen. Instead of opening eh SSO login page, It opens the Webmail login page with an error saying "Invalid User Name or Password". I am wondering why it opens the webamil login page instead the sso login page. I can still login to webmail If I enter the user name and new password. But it doesn't update the webmail password which is stored in the SSO. Please post a reply if you have some idea about fixing this.
Thanks
Raj
-------------

Hi Gurus,
I have setup notes webmail in portal which uses SSO. I login to portal and click the webmail link which opens the sso page for authentication(Cuz I have integrated the webmail to use SSO). I enter my username and password. Then it shows my emails, inbox..etc. I logout of portal, Go to Notes client on my PC and change my webmail password there. I go back to portal and log in and click the webmail link on the portal. Cuz I have changed the webmail password, I expected that it will open the SSO page and ask me to enter the password again. It didn't happen. Instead of opening eh SSO login page, It opens the Webmail login page with an error saying "Invalid User Name or Password". I am wondering why it opens the webamil login page instead the sso login page. I can still login to webmail If I enter the user name and new password. But it doesn't update the webmail password which is stored in the SSO. Please post a reply if you have some idea about fixing this.
Thanks
Raj
-------------

How to pass parameter from SSO login page to ADF application page?

We have ADF-JSF application (running on AS 1013) that is being protected by OID running on AS 1012. SSO login page contains (among others) paramter ssousername and I wish to pass this to my ADF application. For the testing purpose I created ADF application entry point page that has something like this:
<h:outputText value="#{param.ssousername}"/>and my sso login page has:
<input type="text" size="30" maxlength="50" name="ssousername" value="<%=str_user%>">OID and ADF OC4j are running on two different servers, same network.
So after successful login, when my page displays param passed is NULL?!
Why?

I solved it with the following....when my page loads, I execute test method:
    public void processLogin(String ssousername) {
         Object o = JSFUtils.getUserFromSSOLogin();
         if (o!=null) System.out.println(o.toString());
    public static Object getUserFromSSOLogin(){
        FacesContext ctx = FacesContext.getCurrentInstance();
        return ctx.getExternalContext().getRemoteUser();
    }

Issue in redirecting to portal page from SSO login page

HI facing issue while redirecting to portal application from SSO login page.please find below basic details
the application comprises of TAM / Apache / Weblogic, and all the request goes in the same order.
When the application is deployed as portlet, the jsp page some how hard codes the apache host name, that in turn blocks any form submit or Ajax action.
so on successful login the redirection is not happening to required portal page as it includes apache host name in the url consrtucted.
Please suggest me what are the configurations that I need to verify .
Thanks in Advance
Jetti.

If you upgrade to v7.1 you will have all those features and more - PLUS a lot of defective pieces have been fixed in 7.1

SSO login time

Similar Messages

Maybe you are looking for