SSO requires double login for partner application

Similar Messages

• How to create sso login for webcenter application

  Hi,
  i have created a webcenter portal application with a login page.i have to create a sso login for that application .
  can anyone suggest me how to do?

  Hi.
  Do you have OAM as SSO?.
  The best way is to create a loginProxy page which proxies the user and password entered to OAM Login process (or the other SSO system).
  This post of JayJay will help you: http://jjzheng.blogspot.com/2013/10/non-programmatic-authentication-using.html
  Regards.

• Add new company (subscriber) for partner application

  Hi
  I want to add new company (subscriber) for partner application that is accessible from portal.
  and I want to get username , password , company in login page and change the login page to accept 3 parameter but I don't know what is the next step . and where can I define my company and define user for the company .
  Thanks
  Roshanak

  Hi,
  1. Get info regarding the chart of accounts.  It forms the basis  for FI\
  2. Though automatic postings are not regular, check the required details for configuration for APP.  If you are going for APP, u need to check house bank also
  3. Check the tax procedures (Varies between countries) - Sales Tax and Withholding tax config
  4. Payment terms
  5. Discount received / paid configurations
  6. Dunning details - Check if existing standard SAPscripts will suffice ur needs.  Else u may need the help of ABAPers
  Regards,
  Sridevi
  <i><b>Award points, if useful</b></i>

• SSO for partner applications

  Hi All,
  I have installed 10g AS Release 2 on a system. I also have Application Express(formerly HTML DB) installed on the same system. I registered one of the HTML DB applications as partner applications and have put SSO authentication for it.
  When I try to login the AS looks at the OID installed on the system(which I gave during installation). I want it to look at the Oracle gmldap.oraclecorp.com server OID so that only Oracle employees login.
  Can anybody tell me how to change the OID and what are the entries to be give to configure it to gmldap.oraclecorp.com server??
  Thanks,
  Swaroop

  See Task 3 in the Section 9.4 of the Oracle Application Server Administrator's Guide:
  http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/chginfra.htm#i1014978
  See the following for information about what to specify on each page.
  http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/reconfig.htm#i1013341

• Specify initial page following mod_osso login for JSP application?

  I'm developing a JSP application that is stand-alone from Portal, but that is protected via mod_osso. (What's the proper term for this - its sort of a Partner application, really an External application, but not registered w/ Portal at all...) Following mod_osso validation, if the login page was brought up (ie, the user was not signed when the application page was requested), I'd like the user to be taken to a 'default' application page (where I can retrieve other user info from the db for use in subsequent pages of the app.) Is there a way to specify this w/ mod_osso? (ie, after login, take user to a specific page.) I could put a flag in the session, check it on each page (ie, Boolean hasVisitedHomePage or such), then redirect to the home page if its false, but would rather not do this if there is a smarter method.
  Thanks,
  Jim

  Following are the steps to use SSO with an J2EE application:
  Steps to enable SSO/OID user authentication to your J2EE application
  1)     Deploy your apps to Oracle9iAS mid-tier instance e.g. mid-tier-host
  2)     Connect to your SSO server in your infrastructure host as follows:
  http://inf-host:<port>/pls/orasso/orasso.home and
  Login as orcladmin. The default password should be same as your IAS_ADMIN password
  3)     Click on SSO Server Administration and then Administer Partner Applications
  4)     Click on Add Partner application
  5)     Enter the following information for your environment and click on Apply:
  Home URL: http://inf-host:<port>/osso_login_success
  Success URL: Home Page for URL for your apps which you want to secure
  Logout URL: http:// inf-host :<port>/osso_logout_success
  6)     Logon to EMWebsite for the Mid-tier Oracle9iAS Instance
  Select the HTTP Server -> Advanced Properties -> mod_osso.conf and add the following. Please make appropriate change for your environment
  <Location /context-to-secure >
  AuthType Basic
  require valid-user
  </Location>
  And then restart HTTP Server
  7)     Now when you access your apps, the logon screen will appear
  hope this helps
  Debu

• OID Realm Setup for Partner Application in another application server

  This message was also posted under the Identity Management thread.
  We currently have 10.1.2 SSO running and configured to accept a partner application from another app server (10.1.3). A sample application attempts to authenticate a user and then use JAZN to confirm whether the user is in the correct OID group. The user can authenticate successfully, which shows up in the SSO audit table, but the group check fails. I believe this is due to the realm not being visible to the other app server? How do I go about setting up the app server or application on the 10.1.3 platform to be able to check the 10.1.2 SSO server for the right OID group when the user authenticates? I have tried to set up the file-based permissions through the EM console, but seems to be only valid for the local setup. My thought was that the system-jazn-data.xml file would need to identify and point to the SSO server? When I troubleshoot that file, I see the correct realm entry and also the correct JAZN group and the OID GUID for the group. Any suggestions?
  Thanks,
  Leif

  Hi Amit,
  I am also facing the same issue. Could you please share the work around you around to get rid of this issue?
  Mahendra.

• b OID Realm setup for partner application server /b

  We currently have 10.1.2 SSO running and configured to accept a partner application from another app server (10.1.3). A sample application attempts to authenticate a user and then use JAZN to confirm whether the user is in the correct OID group. The user can authenticate successfully, which shows up in the SSO audit table, but the group check fails. I believe this is due to the realm not being visible to the other app server? How do I go about setting up the app server or application on the 10.1.3 platform to be able to check the 10.1.2 SSO server for the right OID group when the user authenticates? I have tried to set up the file-based permissions through the EM console, but seems to be only valid for the local setup. My thought was that the system-jazn-data.xml file would need to identify and point to the SSO server? When I troubleshoot that file, I see the correct realm entry and also the correct JAZN group and the OID GUID for the group. Any suggestions?
  Thanks,
  Leif

  Hi Amit,
  I am also facing the same issue. Could you please share the work around you around to get rid of this issue?
  Mahendra.

• OID connection error for partner application

  Hello All
  I have registered a partner application which run from Oracle application server OC4J and when i login via URL, I get following error below, any suggestions?. All parameters are correctly specified.
  AJPRequestHandler-ApplicationServerThread-458 Communication Exception received. Cleaning up the stale
  connection
  oracle.ldap.util.CommunicationErrorException: Unable to establish connection to directory. Please verify the input parameters: host, port,
  dn &' password connection closed
  at oracle.ldap.util.Subscriber.getUser_NICKNAME(Subscriber.java:1214)
  at oracle.ldap.util.Subscriber.getUser(Subscriber.java:913)
  at oracle.ldap.util.Subscriber.getUser(Subscriber.java:860)
  at oracle.security.sso.server.ldap.OIDUserRepository.getUserProperties(OIDUserRepository.java:495)
  at oracle.security.sso.server.auth.SSOServerAuth.authenticate(SSOServerAuth.java:485)
  at oracle.security.sso.server.ui.SSOLoginServlet.processSSOPartnerRequest(SSOLoginServlet.java:1058)
  at oracle.security.sso.server.ui.SSOLoginServlet.doPost(SSOLoginServlet.java:350)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:835)
  at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:341)
  at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:816)
  at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:231)
  at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:136)
  at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
  at java.lang.Thread.run(Thread.java:534)
  Thanks
  Amit

  Hi Amit,
  I am also facing the same issue. Could you please share the work around you around to get rid of this issue?
  Mahendra.

• SSO Deployment-specific login - howto display application name

  I am deploying 4 forms applications using a single SSO server/OID for authentication. The problem is, I want to display the application name on login.jsp, depending on which application was requested.
  For example:
  If the URL is http://localhost/forms/frmservlet?config=app1, then login.jsp should display "App1".
  If the URL is http://localhost/forms/frmservlet?config=app2, then login.jsp should display "App2".
  ...... and so on. Has anyone ever done it before? I am using Oracle 10g Release 2.
  Thanks,
  Sanjay Gulabani

  Thanks to timktaylor's earlier post (messageid=1184036), I was able to solve this problem. I am using Oracle 10g (10.1.2.0.2) Single Sign On and Forms Services.
  For anyone who is facing a similar problem, I am pasting the code - just use it as it is in login.jsp - of course, you will need to change app1 and "APP 1" etc to suit your application names.
  (%ORACLE_HOME%\j2ee\OC4J_SECURITY\applications\sso\web\jsp\login.jsp):
  <%
  String str_token = null;
  try
  str_token = request.getParameterValues("site2pstoretoken")[0];
  catch (Exception e)
  try
  str_token = request.getParameterValues("Site2pstoreToken")[0];
  catch (Exception e1)
  str_token = null;
  if(str_token == null)
  throw new Exception("The site2pstoretoken value not found");
  //Code to decode site2pstoretoken starts here
  java.sql.Connection con = null;
  try
  oracle.jdbc.pool.OracleDataSource ds = new oracle.jdbc.pool.OracleDataSource();
  ds.setURL("jdbc:oracle:thin:@ngt-hyd:1521:orcl");
  con = ds.getConnection("orasso", "UBrWt0c9" );
  java.lang.String query = "begin ? := wwsso_utl.unbake_site2pstore_token('" + str_token + "',?); end;";
  java.sql.CallableStatement cstmt = con.prepareCall(query);
  cstmt.registerOutParameter(1, java.sql.Types.VARCHAR);
  cstmt.registerOutParameter(2, java.sql.Types.VARCHAR);
  cstmt.executeQuery();
  java.lang.String x = cstmt.getString(1);
  if (x.toLowerCase().indexOf("config%3dapp1") > -1) ngd_app_name = "APP 1";
  if (x.toLowerCase().indexOf("config%3dapp2") > -1) ngd_app_name = "APP 2";
  if (x.toLowerCase().indexOf("config%3dapp3") > -1) ngd_app_name = "APP 3";
  if (x.toLowerCase().indexOf("config%3dapp4") > -1) ngd_app_name = "APP 4";
  if (x.toLowerCase().indexOf("oiddas") > -1) ngd_app_name = "Delegated Administrative Services";
  javax.servlet.http.HttpSession session = request.getSession();
  if (ngd_app_name.trim().length() > 0) session.setAttribute("ngd_app_name",ngd_app_name);
  out.println("<center>");
  out.println(ngd_app_name);
  out.println("</center>");
  finally
  if( con != null ) { con.close(); }
  //Code to decode site2pstoretoken ends here
  %>

• SSO Authentication Audit Information for Partner Apps ?

  Hi,
  Is it possible to get Audit Information to show when a users has been authenticated by SSO for a Partner Application ?
  If I look at orasso.wwsso_audit_log_view I can see when a user has been authenticated and a row for Portal and each Partner App that gets authenticated. The question is can you tell which row relates to which Partner App or is there another table with this information ?
  i.e I have two Partner Apps, a user logs onto Portal and only visits pages for one of them, When I log I see 2 rows, I need to know which Partner App they vistied (A or B).
  Thanks
  Simon.

  Well in that case i guess am in luck because i am working with oracle. The thing however is that I don't know where to fetch the information about the installation and all that in order to proceed ahead.
  Besides it seems, the easier it was to make the application and deploy it on the apex, the harder it is to integrate it with the SSO.
  Also i don't understand when you say "public apex.oracle.com", I always thought it was meant only for oracle employees as in it's not accessible through the internet.
  You won't (unless you work for Oracle) be able to do
  that on the public apex.oracle.com site as far as I'm
  aware.

• How to get logout to work for partner applications

  Hi
  I have configured the demo partner application of the ssosdk 3.07
  And login / logout works.
  My problem is that the sample logout code, only clears the
  cookie of the partner application, so the code redirects the
  appliation to the login server which reauthenticates the partner
  application.
  So shall the logout code clear the portal30_sso cookie.
  My other problem is the other way around, when I log out of
  Portal, I also need to be logged out of the partner application,
  have anybody have any success with that.
  Jakob

  FOR ASSISTANCE WITH ORDERS - iTUNES STORE CUSTOMER SERVICE
  For assistance with billing questions or other order inquiries, please refer to our online support page by clicking here: http://www.apple.com/support/itunes/store/. If you cannot find the answers you are seeking in our robust knowledge base, you can contact us by visiting the following URL http://www.apple.com/support/itunes/store/, clicking on the appropriate Customer Service topic, then using the contact button or email form at the bottom of the page. Responses to emails will be provided as soon as possible.
  Phone: 800-275-2273 How to reach a live person: Press 0 four times
  Hours of Operation: Mon-Fri: 9am-5pm ET
  Email: [email protected]
  How to report an issue with Your iTunes Store purchase
  http://support.apple.com/kb/HT1933
  iTunes Purchase Problems: How to Report a Problem to iTunes Support
  http://tinyurl.com/7tscpa7
  How to Get a Refund from the App Store
  http://gizmodo.com/5886683/how-to-get-a-refund-from-the-app-store
  Getting Refunds for your iTunes Store Purchases
  http://www.labnol.org/software/itunes-app-store-refunds/13838/
  Canceling a Digital Subscription
  http://gadgetwise.blogs.nytimes.com/2011/10/14/qa-canceling-a-digital-subscripti on/
   Cheers, Tom

• Error running ssodatax script for partner applications

  I am running the ssodatax script after creating a partner
  application using the user interface in the portal. I get the following
  error after the script starts running:
  SP2-0310: unable to open file "sso/ssoseedp.sql"
  Any thoughts will be appreciated.
  Thanks,
  Suzanne

  It appears that ssodatax in your environment is unable to find the script ssoseedp.sql. This script should be available in plsql/sso directory under the ORACLE_HOME. Please find the script ssodatax and look for the sso subdirectory within the directory that contains ssodatax. If you find ssoseedp.sql in sso, then you can try running ssodatax from the directory that contains it.

• One login for multiple applications

  Hi,
  I was using HTMLDB 1.6 and followed the following guidlines: one login multiple applications for one login to multiple applications. Basically I set the cookie name the same for both applications. It worked.
  Now I've upgraded to HTMLDB 2.0 and this doesn't work anymore. I need to login to each application. Any way around this?
  Thanks,
  Marty

  Scott
  I have an SQL report region that includes this column:
  decode((select count(*) from gr_agency_add f, gr_emp_add a where a.empid = g.userid and a.aid = f.aid and a.add_type = g.address_option), 0, '', '<a href="f?p=&APP_ID.:9:' || :APP_SESSION || '::::P9_GRID:' || g.GRID || ' target="_blank">') ||decode(trunc(length(g.topic)/30), 0 , g.topic || '</a>', substr(g.TOPIC,1,30)||'..') "Topic",
  With the
  target="_blank"
  of course I am opening page 9 in a new window. I never had a problem with this but today, in a demo to some executives, the new window apparently came up with the login page and not page 9. Would this be due to a browser setting? Unfortunately, I don't have much info about the laptop they were using.
  The demo was still a success!
  Bill

• Specifing required php extensions for web application package

  Hello,
  is there a way to specify/auto-load required extensions in a web application package? Our application is needing the php_fileinfo and the php_opensll extension which are both not loaded by default and we preferred to save our users the hassle to add these by
  hand in their azure settings.
  We tried the .user.ini, which is not allowing extension loads.
  Setting the appSettings in web.config did not propagate, too.

  Hi jogoks,
  Did you want to enable the extensions and run it? I suggest you could try this
  How to: Customize the built-in PHP runtime . You may need add the extension information into 'php.ini' file.  
  Please try it. If I misunderstood, please let me know. 
  Regards,
  Will
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• OID SSO Logout issue from the partner application

  As per the below link I am trying the logout functionality from the partner application,
  http://download.oracle.com/docs/cd/B14099_19/idmanage.1012/b14078/tpsso.htm#i1011555
  The article talks about a logout url pattern, I am trying to execute the below from the partner application.
  https://single_sign-on_host:single_sign-on_ssl_port/pls/orasso/orasso.wwsso_app_admin.ls_logout?p_done_url=done_url
  The issue I got is OID server is not redirecting to the p_done_url, it just stays in the same OID logout page, Do I have to create any configuration entry to get the redirection working?
  Thanks

  Hi All,
  Providing more information,
  What I get is the OID logout screen with two return buttons on top and bottom of the page.
  If I found is when I click any of those it goes to the p_done_url but What I want is
  instead of stopping in the OID logout page, auto redirection to the p_done_url,
  Can this be done.
  Thanks