SSO to My application!!!
hi all,
how can I implement SSO from portal to my application?
portal:EP6.0(inside netweaver SP15).
my application: It's writed in JSP and JAVA. It has been deployed on the SAP web application server and the database is oracle.
I searched in forum and weblogs,but found none about this topic step by step. where can I find it? thank you very much!
B.R.
Hello,
U can go thru the following docs:
<a href="https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/1046">User Mapping based SSO</a>
<a href="https://weblogs.sdn.sap.com/pub/wlg/960">Sap Logon Ticket Based SSO</a>
This <a href="https://weblogs.sdn.sap.com/pub/wlg/2786">weblog</a> will also help u.
Regards,
Pooja.
Similar Messages
-
SSO java sample application problem
Hi all,
I am trying to run the SSO java sample application, but am experiencing a problem:
When I request the papp.jsp page I end up in an infinte loop, caught between papp.jsp and ssosignon.jsp.
An earlier thread in this forum discussed the same problem, guessing that the cookie handling was the problem. This thread recommended a particlar servlet , ShowCookie, for inspecting the cookies for the current session.
I have installed this cookie on the server, but don't see anything but one cookie, JSESSIONID.
At present I am running the jsp sample app on a Tomcat server, while Oracle 9iAS with sso and portal is running on another machine on the LAN.
The configuration of the SSO sample application is as follows:
Cut from SSOEnablerJspBean.java:
// Listener token for this partner application name
private static String m_listenerToken = "wmli007251:8080";
// Partner application session cookie name
private static String m_cookieName = "SSO_PAPP_JSP_ID";
// Partner application session domain
private static String m_cookieDomain = "wmli007251:8080/";
// Partner application session path scope
private static String m_cookiePath = "/";
// Host name of the database
private static String m_dbHostName = "wmsi001370";
// Port for database
private static String m_dbPort = "1521";
// Sehema name
private static String m_dbSchemaName = "testpartnerapp";
// Schema password
private static String m_dbSchemaPasswd = "testpartnerapp";
// Database SID name
private static String m_dbSID = "IASDB.WMDATA.DK";
// Requested URL (User requested page)
private static String m_requestUrl = "http://wmli007251:8080/testsso/papp.jsp";
// Cancel URL(Home page for this application which don't require authentication)
private static String m_cancelUrl = "http://wmli007251:8080/testsso/fejl.html";
Values specified in the Oracle Portal partner app administration page:
ID: 1326
Token: O87JOE971326
Encryption key: 67854625C8B9BE96
Logon-URL: http://wmsi001370:7777/pls/orasso/orasso.wwsso_app_admin.ls_login
single signoff-URL: http://wmsi001370:7777/pls/orasso/orasso.wwsso_app_admin.ls_logout
Name: testsso
Start-URL: http://wmli007251:8080/testsso/
Succes-URL: http://wmli007251:8080/testsso/ssosignon.jsp
Log off-URL: http://wmli007251:8080/testsso/papplogoff.jsp
Finally I have specified the cookie version to be v1.0 when running the regapp.sql script. Other parameters for this script are copied from the values specified above.
Unfortunately the discussion in the earlier thread did not go any further but to recognize the cookieproblem, so I am now looking for help to move further on from here.
Any ideas will be greatly appreciated!
/MadsPierre - When you work on the sample application, you should test the pages in a separate browser instance. Don't use the Run Page links from the Builder. The sample app has a different authentication scheme from that used in the development environment so it'll work better for you to use a separate development browser from the application testing browser. In the testing browser, to request the page you just modified, login to the application, then change the page ID in the URL. Then put some navigation controls into the application so you can run your page more easily by clicking links from other pages.
Scott -
SSO from Web Application to EP
Hi,
We have a requirement where we have to provide SSO from some web application to Portal (EP6 SP15).
This web application will be having link to portal on its pages.
User store for Web Application and Portal is different.
This Web Application can be accessed from Internet.
We have not yet decided about accessing Portal from internet.
Is there any solution to this? Is this doable??
I have looked at thread
SSO from .Net application to SAP Portal
can anyone provide more information??
Thanks in advanceHi Santosh,
there is not much to explain. It your web app side, you must have some matching table between webAppUser and the portal users and their passwords, like:
webAppUser1 portalUserA xy56123
webAppUser2 portalUserB g6324s3
Your own "integration" checks which user is logged on, takes the portal user name and password and calls the portal with the parameters "j_user" and "j_password" (and "login_submit=true"); for example via the client and a form where these values are put in and the target is requested per POST. And that's it. For the form (including the pwd) would be send to the client from your webApp server, you definitely should use https at least, as already stated.
Hope it helps
Detlev -
SSO for various applications within the same portal
Is it possible to implement SSO at the application level in an EP 7.0 environment?
Ex: One Portal with ESS and BI Functionality (BI is connected to the BI backend, ESS is connected to the ECC backend, but all of it exists within the same portal instance) in which the BI Explorer would rely on SSO, while the ESS would require a logon to the portal. The initial page of the portal would not be a logon screen, but rather a menu screen
Does this functionality exist?For our purposes, ESS would have to be authenticated (perferably through Active Directory), while BI Explorer wouldn't require "visible" authentication, BUT the question would be, could all of this exist on the same portal..
I agree that it certainly wouldn't be user friendly to ask users to logon (using AD l/p) for certain parts but not others. I think the solution would simply to have 2 portal instances (ESS/ECC = Logon/Password, BI Portal = SSO), and to federate the BI to the ECC Portal. That way, if someone wanted to work in BI and only BI, they could go without logging on, but if they wanted to go to the ESS Portal they would have to logon BUT would be able to use both ESS and BI.
This all stems from an effort to eliminate the neccessity of having to logon to a portal (for a small group of managers), but still maintaining a level of security for ALL users in regards to employee self-service -
Implementing OAM - SSO for Multiple Applications
I am trying to implement OAM - SSO for 2 applications. I already have completed the setup of SSO for one application . OID -- OAM -- OHS ( 11g webgate ) - Weblogic Server - OBIEE . ( All the components are 11.1.1.5 version ).
Now I am looking to add a 2nd application ( OBIEE 11.1.1.6.5 version ) into the mix. So should I install a separate OHS and webgate for the new application or can I use the existing OHS to add another application.
Any tips on this would be helpful please.
ThanksYou may use the same OHS server in reverse proxy to the two applications and configure corresponding policies in OAM console.
Let us know if you get into any issues. -
How to use SSO with Forms application
Can somebody explain, how can we configure the SSO with Forms application.
I have two application server instances. One for infrastructre and Other for application.
ThanksHave a look at http://www.oracle.com/technology/products/forms/pdf/10g/frm10gsso.pdf and http://download-uk.oracle.com/docs/cd/B14099_19/web.1012/b14032/sso.htm#i1006721
-
SSO to partner application running under IIS
Hi,
We have a complete set-up for 9iAS Release2 where some applications are running. In parallell we have an application running under IIS, and would now like to enable the IIS application as a partner application to 9iAS letting the 9iAS SSO server handle the authentication.
In the documentation of Oracle Proxy Plug-in I read that this proxy plug-in can be used to proxy requests from IIS to Oracle http server (OHS) and also in this way enable SSO.
My question is if this can be done only for applications running under 9iAS but having IIS as web server, or if it is also possible like in our case to enable SSO via the proxy plug-in to applications runnind under IIS?
If this is not supported is the only available solution to use the SSO SDK in my IIS application?
Thanks and regards,
RikardHere's a DIY answer.
See Metalink Note 269820.1 which shows you how to use Perl to overwrite the host name in the HTTP header and remove the port number. -
Hi All,
I have installed 10g AS Release 2 on a system. I also have Application Express(formerly HTML DB) installed on the same system. I registered one of the HTML DB applications as partner applications and have put SSO authentication for it.
When I try to login the AS looks at the OID installed on the system(which I gave during installation). I want it to look at the Oracle gmldap.oraclecorp.com server OID so that only Oracle employees login.
Can anybody tell me how to change the OID and what are the entries to be give to configure it to gmldap.oraclecorp.com server??
Thanks,
SwaroopSee Task 3 in the Section 9.4 of the Oracle Application Server Administrator's Guide:
http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/chginfra.htm#i1014978
See the following for information about what to specify on each page.
http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/reconfig.htm#i1013341 -
How to let SAP user use SSO to access Application in DMZ?
Hi All,
Our J2EE application is running on a system in DMZ which can not be connected with LDAP. So I am wondering if it's possible to let SAP user use SSO to access our application.
After talking with my colleague I think the only way is to import SSO public key to our WebAS and create user in UME and then assign user to the corresponding public key, but anybody know where to download SSP verification file or is it allowed to download and import into another system at all?
Regards,
BinHi,
Take a look at this example, it uses property nodes to select tha
active plot and then changes the color of that plot.
If you want to make the number of plots dynamic you could use a for
loop and an array of color boxes.
I hope this helps.
Regards,
Juan Carlos
N.I.
Attachments:
Changing_plot_color.vi 38 KB -
Register the partner application through SSO Administer Partner Application
When should I use the "Administer Partner Applications" link on the SSO Server Administration page to register the application among the following cases?
1. sign-on SDK integrated application
2. mod_osso integrated applicationWere you able to resolve the issue???
Can you pls try Rerunning ssodatan/x with the correct data. The ssodatan script is located in the directory ORACLE_HOME/portal30/admin/plsql/ssodatan.
Refer following link for more info on SSODATAN , SSODATAX and DIAGNOSTICS scripts in Portal 3.0.x:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=136138.1 -
Apex application registered with sso as partner application
We have 1 apex app registered with sso and working properly.
I just registered a new apex application with sso. when i authenticate through sso, it directs me to the originally registered application.
I went in through the portal administrator app and verified my settings all pointed to the new application. I verified that my dad is set up correctly.
Any ideas?
APEX 2.0i did register and obtain the keys through portal admin.
to ensure i used the proper keys (i guess there is a possibility i used the keys from db1 registration) i re-ran regapp with the right keys but recieved the following output:
SQL> @regapp
Partner Application Configuration
Enter value for listener_token: HTML_DB:050iasphttp.xxx.na.xxx.com:7777
Enter value for site_id: EFBE3E14
Enter value for site_token: MSMXURH1EFBE3E14
Enter value for login_url: https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admin.ls_login
Enter value for encryption_key: 2EBDD126A3A40606
Enter value for ip_check: N
ERROR: Error in registration. Please try again
User-Defined Exception
Registration successful.
Listener token: HTML_DB:050iasphttp.xxx.na.xxx.com:7777
Site id : EFBE3E14
Site token : MSMXURH1EFBE3E14
Encryption key: 2EBDD126A3A40606
Login URL :
https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admi
n.ls_login
Logout URL :
https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admi
n.ls_logout
IP check : N
PL/SQL procedure successfully completed.
Commit complete.
No errors.
SQL>
...in spite of the error, i aske the app developer to try and use sso for db2. he now recieves:
User-Defined Exception
Error Error in wwv_flow_custom_auth_sso.process_success:l_sso_user_name:l_sess_id:: Please contact administrator.
OK
any ideas? -
Oracle9iAS R2 - Virtual Hosts with Portal and SSO with OIDDAS application
Hi!
I have installed a the machine with name minsk.discover.local. The machine have installed Infrastructure and Portal. The instalation is sucessfull and i work fine. But i have publish Portal to WEB with name intranet.discover.com.br. The Oracle describe:
1 - Create the virtual hosts in SSO and PORTAL - OK
2 - run ptlasst to create SSO Partners Applications - OK
After this steps iwork fine with Portal and SSO, but when i click in portlet to create user to access the application OIDDAS, the Portal redirect to login page of SSO in address mct.com.br, the internal name, when then name not responde in the internet.
I need a help!!!!
Marcio MestiI just spoke to the Oracle App server admins, the two servers in question are clustered.
So my question changes slightly to:
What is the best way to install and configure a webgate for clustered Oracle App servers with mulitple virtual hosts, that are residing behind a load balancer (Traffic Manager)?
Thanks,
Andy -
Error while redirection from oracle SSO to custom application
Hi All,
I have enabled SSO for my web based application. I have modified in mod_osso.conf files in $ORACLE_HOME/Apache/Apache/conf directory. When user gives url like http://<application server name>:<port number>/<application name> then the browser will automatically directed to SSO page. After getting the authontication it has to come to the home page of the application.
After giving http://<application server name>:<port number>/<application name> the browser is going to SSO page. In some IE browsers after entering the authontication details, the browser redirects to the application home page. But in some of the IE browsers its going to 'page not found' error page.
I have checked all the details like privacy, IE service pack and security but couldn't get a concreate reason. Please any one help me out.
ShrikantHi,
I am currently experiencing the same problem. We have narrowed it down to users running Internet Explorer through a proxy connection (e.g. SQUID etc..). If they bypass their proxy servers then using the same PC / browser authentication works, however with the proxy enabled authentication fails and they have to refresh the page manually to get the portal landing page. The strange thing is the problem does not appear to happen with Opera / Firefox browsers.
Here are some links to the SQUID proxy issues:
http://www.squid-cache.org/mail-archive/squid-users/200312/0338.html
http://www.squid-cache.org/mail-archive/squid-users/200312/0336.html
Cheers,
Wayne -
SSO to J2EE application from SAP Portal
Hi
I am trying to do SSO from SAP Portal to a J2EE engine which runs on SAP Web AS.
Here are my queries
1. When I deploy a J2EE application on Web AS , I dont get any login screen. How can I make sure that if a user wants to access this J2EE application he should get a login screen and provide his login credentials first, only then would he be able to access the J2EE application.
2.When I am done with Part 1. If a user tries to access this J2EE application from the Portal (asuming the user Id's in Portal and J2EE application are same and both are in the same domain) , I should not get any login screen and should be able to view the J2EE application.
3.I want to use SAP Logon tickets generated by the Portal to enable SSO.
I have done all the necessary configurations in the J2EE server.
1. Imported the Portal's verify.der certificate.
2. Adjusted the login modules stack for the application accordingly.
Can anyone please help me out with this or throw some light.
Please help.
Thanks in advance,
Vivek
PS - Points will be definitely rewardedHi Vivek,
Let me give you the solution for both questions differently.
<b>Ques 1. When I deploy a J2EE application on Web AS , I dont get any login screen. How can I make sure that if a user wants to access this J2EE application he should get a login screen and provide his login credentials first, only then would he be able to access the J2EE application.</b>
<b>Ans:</b> For doing this in the code of your J2EE application you have to write a if statement which will check if the user ID is coming from the backend or not. If yes then you display that logon page else you just pass that username which is coming from backend and displ;ay the page accordingly.
<b>Ques 2.When I am done with Part 1. If a user tries to access this J2EE application from the Portal (asuming the user Id's in Portal and J2EE application are same and both are in the same domain) , I should not get any login screen and should be able to view the J2EE application.</b>
<b>Ans:</b> Yes, this is what I am explaining you. Even I had also made same kind of J2EE application in which if the user is coming from the backend then he/she will look the J2EE screen else if the username is not coming then he will se the Login screen. Exactly same as what are looking for.
<b>3.I want to use SAP Logon tickets generated by the Portal to enable SSO.</b>
<b>Ans:</b> I have used User Mapping instead of SAP Logon ticket. Well that is also the option for SSO but personally I think User Mapping is easy and better way for implementing SSO.
I dont know whether this will help you or not. Please let me know. I can definately help if you want to implement SSO using User Maping.
Regards
Pravesh
PS: Please dont forget to reward points. -
SSO to Web Application from Portal
Hi,
I am working on a scenario where I need to access a Web Application from the Portal.
I read about the Application Integrator that is provided by the Portal .
I wanted to know that can I only have SSO to those Web Application that accept the userid and password and as URL parameters using Application Integrator , ie: those applications that have post method cannot be integrated.
Please help me out with clearing this doubt.
Thnx,
Pravesh Puria.Hi Abdulbasit ,
Please give me more details , we have a Lotes Notes Web application hosted on Domino server , another is J2EE based application. I need to achieve SSO to each of these applications from the SAP Portal.
I followed the below listed steps:
Created two systems one for each Web application based on the template generated from the application integrator. I entered the user mapping values for both the systems.
I also created two IViews. When I preview , the logon page of the web application opens but the user credentials are not passed to the application.
Please help me with the steps to achieve the SSO , from the reply I interpret that Logon ticket method was used to achieve the SSO and user mapping.
My email id is : [email protected]
It will be of immense help to me.
Thnx,
Pravesh Puria.
Maybe you are looking for
-
I'm trying to create a trigger that will fire only when a specific column is changed. I ran a test that isn't doing what I expect. I created the following trigger. I expect it to only fire when "time_zone" changes but if I update another field, and n
-
Lightroom Serial Number not Valid
A while ago I downloaded Lightroom and was using it with no problem. Accidentally, I uninstalled the program from my mac. Now, when I try to reinstall it, I get a red "X" whenever I enter my serial number. Because of this, I'm not able to proceed w
-
Retrive data base details of all tables
how can i retrive the table name, no of rows in that table, no of indexs in that table, no of not null col's in that table of in single data base(genuine query).
-
I have an older Microtek scanner that is only supported thru 10.4. Is there anyway to install Tiger on my external HDDthat can boot up my new iMac? If not, anybody need a good scanner (Tiger users only please).
-
Using Multiple Linksys EA6500 routers
I would like to use multiple routers on my network. I need to have one downstairs, that is connected to my DSL Modem, then another one on a different floor. The first and second router will be connected via wired and wireless on both floors. Would