SSO to partner application running under IIS

Similar Messages

• How to protect an application running on IIS with OAM 11gR2

  Hello Gurus,
  I have a question regarding protecting an application running on IIS with OAM 11gR2. We have an OHS server running and all the requests from the users are coming to this OHS server webgate for them to login using the SSO login page. These is all solaris. I am protecting other applications like pplsoft moduels with this OHS instance and OAM server. There is another application that I need to protect which is itself running on IIS windows machine. I need guidance as to -
  1.) Do I need to install a windows version of webgate to protect this IIS based application?
  2.) Or I can still protect and proxy requests from this application to current OHS instance? How can I do this?
  3.) Or Do I need to proxy requests directly from IIS to OAM weblogic server?
  Please advise to the earliest as this is an urgent issue.
  Thanks !!

  From your description it is not clear how exactly architecture looks like
  We have an OHS server running and all the requests from the users are coming to this OHS server webgate for them to login using the SSO login page.
  is this OHS centralized login farm ? (Case 1)
  OR is this OHS server (with webgate) acting as virtual web server hosting multiple web sites so that request to any site passes through this OHS/webgate (Case 2)
  1.) Do I need to install a windows version of webgate to protect this IIS based application?
  If case 1 then you need to install 10g webgate on top of IIS server to protect this application
  If case 2 then you can just proxy request from OHS to IIS server. As every request passes through OHS user will be authenticated before request hits IIS
  Look at Product documentation for virtual web sites : http://docs.oracle.com/cd/E27559_01/admin.1112/e27239/shared.htm#autoId12
  It has steps to protect virtual web sites.
  Also you need to make sure no one hits IIIS web sites directly.
  Hope this helps

• Global data getting reset when running under IIS?

  We have a scenario using IIS with an ASP.NET web service written in VB.NET. When a call to the web service is made, the web service calls a native dll (written in C, compiled using VS2010) using platform invoke, which in turn calls into our product API:
  VB.NET web service -> native library (p/invoke) -> native API ....
  Web service requests are successfully completed and the system runs without problem for hours. A trace of the native API shows it is being called by multiple processes and multiple threads within those processes.
  The main native API dll contains a static global variable used to detect whether it is the first time it has been called and run initialization logic if it is. This dll is itself linked to a second dll that contains a global variable used to detect if it is
  the first time it has been called.
  After some hours the trace shows that the native API is invoked by an existing process but that the initialization logic is being exercised again, even though the global variable was set to indicate not first time and is never reset.  One theory was that
  the first process has ended and a new process has started almost instantaneously using the same process ID. However this is not the case as existing thread IDs from the same process are seen to write to the trace again after the first time logic has executed
  for the second time, indicating the process has not restarted. The problem occurs regularly.
  It is as though the process's global data has been initialized again and malloc'ed memory freed while the processing is still running. Is there any way this is possible when running under IIS?
  There is an internal thread which waits on a blocking read of a named pipe (via ReadFile), and when the problem occurs, the ReadFile call ends with ERROR_NO_ACCESS, which appears to indicate the malloc'ed buffer is no longer valid, again implying something
  has happened to the memory allocated to the process.

  Suggestting you asking it on:
  http://forums.iis.net/

• Application Runs Under Windows 8.1 But Not Under Windows XP (I Know XP Is Deprecated)

  The problem is with the obtuse error message put out by Windows's program loader. It reads, in part, "..is not a valid Win32 application." The application runs everywhere except on Windows XP. Looking for root cause of the problem. It's a very
  simple application. Only a few lines of code. 
  C:\Packaged-Software\32-BIT\Reboot.exe is not a valid Win32 application.
  Proposed nature of the problem:
  1. The file was downloaded from a website but the download was incomplete.
  2. The full file system filename path contains bad characters such blank space.
  3. Visual Studio constructed an application that won't run anywhere much less on XP.
  4. The supporting libraries are not properly installed (e.g. .NET Framework4, and VCREDIST).
  Retorts:
  1. The file wasn't downloaded from a website and is intact.
  2. The filename path doesn't contain any spaces.
  3. The application runs under Windows 8.1.  Also on Windows 7.
  4. The supporting libraries are properly installed.
  So, what's the problem?  One surely will not discover the root cause from "not a valid application."
  Body must be 4 to 60000 characters long.  I had put the code here.  It isn't 60000 character long.  But it validated as if there are more than 60000 characters.  Sorry for the incomplete submission due to website construction error.
  MARK D ROCKMAN

  Hi F7H2fw,
  How did you develop the application ?
  Here is a similar symptom and this may explain the issue somehow:
  Setup.exe is not a valid Win32 application
  http://blogs.msdn.com/b/vsnetsetup/archive/2012/10/16/setup-exe-is-not-a-valid-win32-application.aspx
  I suspect there is a compatibility issue here .
  Considering this is more likely a developing issue .It is recommended to ask for help from our MSDN Forum .They are more familiar with the developing issue .If it is possible ,please attach the code in that thread .Thanks for your understanding and cooperation.
  MSDN Forum
  https://social.msdn.microsoft.com/Forums/en-US/home
  Best regards
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• SSO for partner applications

  Hi All,
  I have installed 10g AS Release 2 on a system. I also have Application Express(formerly HTML DB) installed on the same system. I registered one of the HTML DB applications as partner applications and have put SSO authentication for it.
  When I try to login the AS looks at the OID installed on the system(which I gave during installation). I want it to look at the Oracle gmldap.oraclecorp.com server OID so that only Oracle employees login.
  Can anybody tell me how to change the OID and what are the entries to be give to configure it to gmldap.oraclecorp.com server??
  Thanks,
  Swaroop

  See Task 3 in the Section 9.4 of the Oracle Application Server Administrator's Guide:
  http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/chginfra.htm#i1014978
  See the following for information about what to specify on each page.
  http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/reconfig.htm#i1013341

• Register the partner application through SSO Administer Partner Application

  When should I use the "Administer Partner Applications" link on the SSO Server Administration page to register the application among the following cases?
  1. sign-on SDK integrated application
  2. mod_osso integrated application

  Were you able to resolve the issue???
  Can you pls try Rerunning ssodatan/x with the correct data. The ssodatan script is located in the directory ORACLE_HOME/portal30/admin/plsql/ssodatan.
  Refer following link for more info on SSODATAN , SSODATAX and DIAGNOSTICS scripts in Portal 3.0.x:
  http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=136138.1

• Apex application registered with sso as partner application

  We have 1 apex app registered with sso and working properly.
  I just registered a new apex application with sso. when i authenticate through sso, it directs me to the originally registered application.
  I went in through the portal administrator app and verified my settings all pointed to the new application. I verified that my dad is set up correctly.
  Any ideas?
  APEX 2.0

  i did register and obtain the keys through portal admin.
  to ensure i used the proper keys (i guess there is a possibility i used the keys from db1 registration) i re-ran regapp with the right keys but recieved the following output:
  SQL> @regapp
  Partner Application Configuration
  Enter value for listener_token: HTML_DB:050iasphttp.xxx.na.xxx.com:7777
  Enter value for site_id: EFBE3E14
  Enter value for site_token: MSMXURH1EFBE3E14
  Enter value for login_url: https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admin.ls_login
  Enter value for encryption_key: 2EBDD126A3A40606
  Enter value for ip_check: N
  ERROR: Error in registration. Please try again
  User-Defined Exception
  Registration successful.
  Listener token: HTML_DB:050iasphttp.xxx.na.xxx.com:7777
  Site id : EFBE3E14
  Site token : MSMXURH1EFBE3E14
  Encryption key: 2EBDD126A3A40606
  Login URL :
  https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admi
  n.ls_login
  Logout URL :
  https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admi
  n.ls_logout
  IP check : N
  PL/SQL procedure successfully completed.
  Commit complete.
  No errors.
  SQL>
  ...in spite of the error, i aske the app developer to try and use sso for db2. he now recieves:
  User-Defined Exception
  Error Error in wwv_flow_custom_auth_sso.process_success:l_sso_user_name:l_sess_id:: Please contact administrator.
  OK
  any ideas?

• RE: How to have multiple application running under one server

            I have one server
            I have many application
            Question: Is it possible for me to have a weblogic properties file under each
            of this application.
            

  If your question is whether you can run multiple instances of WebLogic
            (or multiple applications) on one server, the answer is yes. The only
            problem is, you must have a unique port for each of the servers to run
            on. I.e., they can not all run under port 80 which has obvious
            internet/network implications.
            This also means you have multiple weblogic.properties files etc. for
            each instance.
            We do this with WL5.1 on a Linux 2.4 kernel in developement to allow
            multiple developers run their own instance on one box.
            Dano
            Mettu Kumar <[email protected]> wrote in message news:<[email protected]>...
            > No if you are running single instance of wls.
            >
            > Kumar.
            >
            > Sonny wrote:
            >
            > > I have one server
            > > I have many application
            > > Question: Is it possible for me to have a weblogic properties file under each
            > > of this application.
            

• Applications running under Managed Account not able to connect to servers

  My kids use a Managed Account on my MacBook (running Lion).  They have two games (Roblox and Minecraft) which can not connect to their particular game servers.  These games work fine when running under the Administrator account.  I believe that the ports that these games are trying to connect to may be blocked when running under a Managed Account.  The firewall is disabled.  Is there a way to open up specific network ports to programs running under Managed Accounts?

  Still don't have an anwer for you, but just a few thoughts... So it would seem that creating a Managed account automatically invokes some user account firewall settings, since the game works under your admin account. I was  able to access the System Prefs under a managed account to see about opening up the port in question, but if this is indeed the problem, the firewall isn't the GUI kind.
  It's possible that there would be a terminal command to do so, but I wouldn't have a clue about how to do that.

• Flex application running under AIR takes a long, long time to start.

  I have a flex application which runs on a desktop under AIR. The application has an assets folder with 3,500 mp3 soundclips totalling about 50MB. The problem is, the application takes around 90 seconds to load. I'm sure that AIR is scanning the application folder and doing something with the contents because if I delete the assets folder it loads in about 5 seconds. Does anyone know why AIR/Flex would do this, and why it doesn't exhibit the same problem if I run or debug in Flexbuilder on eclipse? It's making my killer app unusable!
  Thanks
  Paulo

  Well, I've spent a bit longer looking at this now, and the problem appears to lie with my encrypted local store. The first thing that happens is for the app to read the product key from the ELS. But, it fails (for some unknown reason). So, the app seems to hang there for 90 seconds until it eventually renders the welcome screen. If I remove the assets folder it still fails to read from the ELS, but only takes a couple of seconds to start the welcome screen. This is where the scanning of the application folder seems to come into play, because if I remove the code which reads from the ELS the app starts within 2 seconds whether the asset folder is there or not.
  I think the slow startup and the scanning of the assets folder are just symptoms of a different problem, i.e. a problem with the ELS. I don't have the same problem with my development environment though - it's only when I test deploy the application.
  Thanks for your help on this problem EgorKDie. I think I should be able to resolve it once I can sort out why the ELS is being awkward.

• Do JSP applications run under Oracle 8i?

  How can I run my JSP application under Oracle 8i?
  Do Oracle 8.1.5 or 8.1.6 include JSP server?

  Oracle 8.1.7 (the next release of Oracle8i) will have the webserver to support JavaServlets and JavaServer Pages
  raghu

• Netscape and SSO to partner application

  Help!
  I have a partner Java app using SSO with a custom login form. All is well in IE 6 but I get problems with Netscape 7.
  It authenticates to the Portal OK, but not to the partner app.
  The browser displays the following message:
  Oracle SSO Failure - Unable to process request
  Either the requested URL was not specified in terms of a fully-qualified host name or OHS single sign-on is incorrectly configured.
  In the http server error log is the message:
  [OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request kwudeal2.nkw.ac.uk:80, registered host kwudeal2.nkw.ac.uk.
  The obvious difference in the host names is the port 80, which is the correct port, but it wasn't in the URL I followed, Netscape appears to have added it.
  Any ideas about what is going on and how to fix it?
  Is anyone using Netscape 7 with SSO?
  Thanks. Rob

  Here's a DIY answer.
  See Metalink Note 269820.1 which shows you how to use Perl to overwrite the host name in the HTTP header and remove the port number.

• Application runs under 1 account not another.. 10.4.11

  Hi
  I have a G5 with 10.4.11 with multiple user accounts. I have a application which will work under 1 account but not another. I've erased and re installed the software under the account I want it to work but it still does not work. I erased the software and all the associated folders for preferences and such and it still does not work.
  I've tried as well to fix permissions and set all access to read write for all users on various folders for preference and plists... still nothing. My last resort is to archive and install the OS again.
  Any direction would be helpful.
  Thanks
  Steve

  Which application?
  I've encountered something similar with FujiFinePix for downloading pictures from a camera. It will only work in my admin. account, but the camera's not mine.

• VI server application runs under debug mode but not other wise

  I have an application which uses VI server to call vi's on my targets hard drive. When I run this using the highlight execution( or debug ) this works OK, however when I run without this I get error 66, connection closed by peer. When I look at my target using a direct monitor connection I get various messages relating to memory errors. I have run virtually the same code calling a simpler application and this seems to work fine, however when I simply target the RT engine with the same code ( using the RT comms wizard construction) I don't get a problem. This should, I think, be using the same amount of memory. What is the best was of assessing the memory available against the memory required? Do anyone have a
  ny ideas as to why the VI should run with execution highlighted and not without. I have tried adding delays so simulate this but it doesn't seem to work.

  Check out this KnowledgeBase article. It describes how to enable a memory monitoring tool that might help solve your problem.

• Use Powershell with appcmd to check for availability of an application pool. under IIS. If the status is stopped, send me an email as alert.

  Dear All,
  please advise me on the above.
  Thanks.

  What do you have so far?
  Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable)