SSO with Apex 4.1.1.00.23

Similar Messages

• SSO with APEX anyone seen this before?

  Hi,
  I have followed the instructions from Metalink on
  "Configuring an APEX Application to Use SSO With SDK in Separate Schema"
  and have followed all the instructions but when I try and access application with SSO
  turned on I am seeing this page
  Thu, 3 Feb 2011 01:21:53 GMT
  Bad parameter name: none specified
    DAD name: apexwamsx
    PROCEDURE  : f
    URL        : http://lv700.light.ci.seattle.wa.us:7961/pls/apexwamsx/f?=
    PARAMETERS :
    ===========
    ENVIRONMENT:
    ============
      PLSQL_GATEWAY=WebDb
      GATEWAY_IVERSION=2
      SERVER_SOFTWARE=Oracle-Application-Server-10g/10.1.2.2.0 Oracle-HTTP-Server
      GATEWAY_INTERFACE=CGI/1.1
      SERVER_PORT=7961
      SERVER_NAME=lv700.light.ci.seattle.wa.us
      REQUEST_METHOD=GET
      QUERY_STRING==
      PATH_INFO=/f
      SCRIPT_NAME=/pls/apexwamsx
      REMOTE_HOST=
      REMOTE_ADDR=156.74.12.139
      SERVER_PROTOCOL=HTTP/1.1
      REQUEST_PROTOCOL=HTTP
      REMOTE_USER=APEX_PUBLIC_USER
      ORACLE_SSO_USER=
      OSSO_IDLE_TIMEOUT_EXCEEDED=
      OSSO_USER_GUID=
      HTTP_CONTENT_LENGTH=
      HTTP_CONTENT_TYPE=
      HTTP_USER_AGENT=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6 (.NET CLR 3.5.30729)
      HTTP_HOST=lv700:7961
      HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
      HTTP_ACCEPT_ENCODING=gzip,deflate
      HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.5
      HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7
      HTTP_COOKIE=ORA_WWV_REMEMBER_UN=ALBAM:commonws; ORA_WWV_USER=AC8796116B48095E; orasso=9.0.3+en-us+us+AMERICA+9B51BFB45D462A72E04400144FFABD7C+376A4AC4D470C5123650D53D83C6BF30A23BB27BB0F175D642AB7583249FBFF0B6AB6DAA9A2455BA6ACDA4CF36AD1646846B6E8310D16BDC569B61C08864631839C257F2EA1DD635005F1B4DE8B641FF755CFD4DAF89DA85
      HTTP_IF_MODIFIED_SINCE=
      HTTP_REFERER=http://lv700:7961/pls/apexwamsx/f?p=140:500:872061270446623:::::
      HTTP_SOAPACTION=
      HTTP_ORACLE_ECID=1296696113:156.74.21.244:28393:0:16,0
      HTTP_ORACLE_CACHE_VERSION=
      HTTP_AUTHORIZATION=
      WEB_AUTHENT_PREFIX=
      DAD_NAME=apexwamsx
      DOC_ACCESS_PATH=docs
      DOCUMENT_TABLE=wwv_flow_file_objects$
      PATH_ALIAS=
      REQUEST_CHARSET=WE8ISO8859P1
      REQUEST_IANA_CHARSET=ISO-8859-1
      SCRIPT_PREFIX=/pls
      HTTP_IF_MATCH=
      HTTP_CACHE_CONTROL=
      SOAP_BODY=
      HTTP_X_ORACLE_DEVICE_CLASS=
      HTTP_X_ORACLE_DEVICE_ORIENTATION=
      HTTP_X_ORACLE_DEVICE_MAXDOCSIZE=
      HTTP_X_ORACLE_DEVICE=
      HTTP_X_ORACLE_ORIG_ACCEPT=
      HTTP_X_ORACLE_ORIG_USER_AGENT=
      HTTP_X_ORACLE_USER_LOCALE=
      HTTP_X_ORACLE_USER_NAME=
      HTTP_X_ORACLE_USER_DISPLAYNAME=
      HTTP_X_ORACLE_USER_USERKIND=
      HTTP_X_ORACLE_USER_AUTHKIND=
      HTTP_X_ORACLE_USER_DEVICEID=
      HTTP_X_ORACLE_USER_LOCATION_ADDRESSLINE1=
      HTTP_X_ORACLE_USER_LOCATION_ADDRESSLINE2=
      HTTP_X_ORACLE_USER_LOCATION_ADDRESSLASTLINE=
      HTTP_X_ORACLE_USER_LOCATION_BLOCK=
      HTTP_X_ORACLE_USER_LOCATION_CITY=
      HTTP_X_ORACLE_USER_LOCATION_COMPANYNAME=
      HTTP_X_ORACLE_USER_LOCATION_COUNTY=
      HTTP_X_ORACLE_USER_LOCATION_STATE=
      HTTP_X_ORACLE_USER_LOCATION_POSTALCODE=
      HTTP_X_ORACLE_USER_LOCATION_POSTALCODEEXT=
      HTTP_X_ORACLE_USER_LOCATION_COUNTRY=
      HTTP_X_ORACLE_USER_LOCATION_TYPE=
      HTTP_X_ORACLE_USER_LOCATION_X=
      HTTP_X_ORACLE_USER_LOCATION_Y=
      HTTP_X_ORACLE_SERVICE_HOME_URL=
      HTTP_X_ORACLE_SERVICE_PARENT_URL=
      HTTP_X_ORACLE_HOME_URL=
      HTTP_X_ORACLE_MODULE_CALLBACK_URL=
      HTTP_X_ORACLE_MODULE_CALLBACK_LABEL=
      HTTP_X_ORACLE_CACHE_USER=
      HTTP_X_ORACLE_CACHE_SUBID=
      HTTP_X_ORACLE_CACHE_AUTH=
      HTTP_X_ORACLE_CACHE_DEVICE=
      HTTP_X_ORACLE_CACHE_LANG=
      HTTP_X_ORACLE_CACHE_ENCRYPT=
      HTTP_X_ORACLE_ASSERT_USER=Thanks so much for any insight!

  Jonnycake please see AAM doesn't update to Creative Cloud desktop Application for information on how to enable the AAM Detect Plug-in within Safari.

• Problem during configuring SSO with APEX 4.1

  Hello everybody,
  I'm trying to configure my APEX application to use SSO, but I have big problems with ssosdk902.zip file.
  During execution of the loadsdk.sql script it creates package "wwsec_sso_enabler" but APEX 4.1 wants to have "wwsec_sso_enabler_private". For me it a clear sign, that I'm using some old SSOSDK.
  Can somebody tell me where to find the current "ssosdk"?
  I'm using OAS10gR2 and the interesting thing is that in the DB schema ORASSO package "wwsec_sso_enabler_private" exists, but it doesn't helps me. It is at the other machine. I must have it on the same instance, where APEX is running.
  It looks like packaging error by Oracle. Can somebody help me?
  Thanks,
  Ianko

  Hi Anton,
  that's why I added the IF statement around the code block, to guarantee that it only runs if the URL contains auto-login data (i.e. P101_UNAME). Setting FSP_AFTER_LOGIN_URL to null avoids a loop when the login fails. If we keep FSP_AFTER_LOGIN_URL, the wwv_flow_custom_auth_std.login procedure will redirect to page 101 and the before header process will run again, re-executing wwv_flow_custom_auth_std.login , etc.
  It might be clearer to put the before header code into the authentication itself. The invalid session procedure is the right place for that, but it's use is very sparsely documented yet.
  I created a 2nd copy of your original application (22274), where I removed the before header process and added this invalid session procedure:
  procedure autologon_on_invalid_session
  is
    v_user                VARCHAR2(4000);
    v_pass                VARCHAR2(4000);
    v_fsp_after_login_url VARCHAR2(4000) := :FSP_AFTER_LOGIN_URL;
    v_user_pos            pls_integer    := instr(v_fsp_after_login_url, 'P101_UNAME:');
  BEGIN
    if apex_application.g_flow_step_id != 101 and v_user_pos > 0 then
      v_user := substr(v_fsp_after_login_url, v_user_pos+11);
      wwv_flow_custom_auth_std.login(
          P_UNAME       => v_user,
          P_PASSWORD    => v_pass,
          P_SESSION_ID  => v('APP_SESSION'),
          P_FLOW_PAGE   => :APP_ID||':1' );
      apex_application.stop_apex_engine;
    end if;
  END;If the current page is not 101 (the login page) and the URL (which was copied into the deep link item) contains the autologin credentials, call login. The finall call to apex_application.stop_apex_engine stops Apex from continuing it's default invalid session handling, which is to redirect to the login page.
  Regards,
  Christian

• Integrating SSO in APEX 3.0

  Hi,
  We're trying to integrate Oracle SSO with APEX follwing this how-to:
  http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html
  We have two major issues:
  1) We're following the instructions to create an authentication schema like "Oracle Application Server Single Sign On (My Application as Partner App)".
  After completing all the steps with no apparent error, we created our custom procedure:
       procedure process_success(urlc in varchar2) as
       begin
  wwv_flow_custom_auth_sso.process_success(urlc => urlc,
                                                                                                                p_partner_app_name => 'MY_PARTNER_NAME');
       end process_success;
  But when we access the application we get the following error:
  ORA-04067: not executed, package body "PROVES.WWV_FLOW_CUSTOM_AUTH_SSO" does not exist ORA-06508: PL/SQL: could not find program unit being called
       Error      ERR-10560 Error executing wwv_flow_custom_auth_sso.portal_sso_redirect.
  It seems it is searching WWV_FLOW_CUSTOM_AUTH_SSO inside our custom schema PROVES, when it should call the PUBLIC SYNONYM.      We've checked and the synonym exists and we've granted acces to it from our custom schema.
  Any ideas?
  2) It's not clear for us which URL we should use when registering the app via SSO. If we have application number 104 (in APEX), should we call this URL?
  http://educacio-pc.es.oracle.com:7778/pls/apex/f?p=104
  instead of this one:
  http://educacio-pc.es.oracle.com:7778/pls/apex
  Many thanks.

  Hi Scott,
  First of all many thanks for your reply!
  I'd like to understand better what's the difference between "My Application as Partner App" and "Oracle Application Express Engine as Partner App" because the documentation is not clear to me. I think I misunderstood its meaning, I though that using "Oracle Application Express Engine as Partner App" was for integrating the whole APEX with SSO and not just one application; Therefore, I thought that the other one was for integrating just one APEX application. Isn't that true? As a I read from your post I can see it's more than this but it's not clearly enough for me, could you, please, provide me a link with further information? By now, we just need to integrate one APEX application with a previous Portal & SSO environment, should we use "Oracle Application Express Engine as Partner App" instead of "My Application as Partner App"?
  I finally managed to solve that error and my schema now recognizes WWV_FLOW_CUSTOM_AUTH_SSO perfectly. By now I'm having the following error: Error      Unable to run portal_sso_redirect procedure as schema:
  PROVES with partner app name: MY_PARTNER_NAME
  Many thanks for your time & help!
  Josep
  Message was edited by:
  [email protected]

• Problem with apex sso

  Hi all,
  I installed Oracle 11g, apex is 2.0
  then i updraded to apex 3.1.
       I want to enable sso for apex applications,
  for that i followed the below steps:
  step 1) Created authentication scheme for the application
  step 2) in flows_030100 schema i ran loadsdk.sql script.
  After that i ran regapp.sql script, but it is giving error : "numeric or value error; character buffer too small"
  can you pls tell me how to fix this problem.regards
  K M
  Edited by: [email protected] on Apr 17, 2009 10:53 PM

  Hi,
  See also at metalink note
  Note 562807.1
  Configuring an APEX Application to Use SSO With SDK in
  Kind regards,
  Iloon

• Oracle Apex - SSO with IBM Tivoli Access Manager WebSeal - filters out Files with Server Error 500

  Hi,
  We are using IBM Tivoli Access Manager for SSO to authenticate users to access our APEX application. The authentication works but...
  When the application is being accessed with the WebSeal JS/CSS files are randomly not loaded and show up with either HTTP 400 or HTTP 500 error in the FF Toolbar Console. Of course without certain CSS / JS files the application can't be used by the user.
  If the application is accessed without WebSeal all files are loaded successful.
  Our set up:
  There are two APEX Applications using the WebSeal - the first one apparently works
  Apex Listener on Tomcat7.0
  Apex 4.2.6
  We tried all kind of different WebSeal configurations but nothing worked so far.
  I found the following:
  interactive report problem with SSO
  ==> Does anyone know how to use mapping tables and does it help?
  Interactive report javascript error due to proxy
  ==> The solution is for EPG but we use Tomcat as Listener so the solution does not apply
  Does anyone know how to configure the WebSeal ?
  Thanks

  I have same issue with Apex 4.2.6 and Webseal,  but only on Mobile Application.  Desktop Application is ok.
  I have raise a SR on supportweb, but SR engineer tell me it's may be the Webseal issue, they can't reproduce it with Oracle Access Manger.
  It's really a tough issue.

• SSO in APEX 4.1

  Hi!
  Can anybody tell me if there any difference in configuring SSO for APEX 4.1 depending on which HTTP Server it is using (Embedded PL/SQL Gateway or Oracle HTTP Server).
  And also, if I have several applications in the same domain and I have created a custom authentication scheme that checks user credentials against LDAP, would that allow me to have a true SSO experience, whem user doesn't have to re-enter his credentials after having signed-in to the first application?
  Or I will have to add some procedure that creates and stores user cookies and deletes them on logout?

  After upgrading to APEX release 4.1.0.00.32 we received the following errors when attempt to authenticate to an application setup to use "Oracle Application Server Single Sign-On" as the Scheme Type.
  Error message:
  Error processing SSO authentication.
  ORA-06550: line 2, column 1: PLS-00201: identifier 'WWSEC_SSO_ENABLER_PRIVATE' must be declared ORA-06550: line 1, column 45: PL/SQL: Statement ignored
  ORA-06550: line 2, column 1: PLS-00201: identifier 'WWSEC_SSO_ENABLER_PRIVATE.GENERATE_REDIRECT' must be declared ORA-06550: line 1, column 45: PL/SQL: Statement ignored
  This has been identified as BUG 12973090 - SSO WITH SPECIFIED PARTNER APPLICATION NAME FAILS WITH PLS-00201
  Workaround:
  The work around is to leave the “Partner Application Name” field blank in your authentication scheme. To do this go to: Application Builder > Your Application > Shared Components > Authentication Schemes > Click the Edit Icon on your authentication scheme that uses Single Sign-On > set the “Partner Application Name blank as follows > Apply Changes.
  Oracle support says development is currently working the issue and the bug will not be fixed until APEX release 4.1.1.
  Sean
  Edited by: Sean Harris on Nov 2, 2011 7:59 AM

• 10g - how to configure sso with iis-

  hi, experts, I have followed Oracle® Business Intelligence Enterprise Edition Deployment Guide to configure SSO with IIS.
  but I always meet this message.
  Not Logged In
  You are not currently logged in to the Oracle BI Server.
  If you have already logged in, your connection might have timed out, or a communications or server error may have occurred
  what steps are missing?
  how to check?

  hi, experts,
  I checked C:\OracleBIData\web\log\sawlog0.log on the obi server (windows server 2003 standard).
  at Thu Feb 17 14:48:46 2011 , I logined OBI on another machine (not via the browser on the obi server).
  however, the log shows the login user is the administrator of the obiserver (obiserver\administrator ).
  any setup on IIS are wrong? thank you very much!
  =========================================================================================
  Running job 'MinutelyMonitor' took 7422 milliseconds, 12.3% of job's frequency (60 seconds).
  Type: Error
  Severity: 40
  Time: Thu Feb 17 14:48:46 2011
  File: project/webodbcaccess/odbcconnectionimpl.cpp Line: 371
  Properties: ConnId-1,1;ThreadID-1796
  Location:
       saw.odbc.connection.open
       saw.connectionPool.getConnection
       saw.subsystem.security.checkAuthenticationImpl
       saw.threadPool
       saw.threads
  Odbc driver returned an error (SQLDriverConnectW).
  State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused.
  [nQSError: 43001] Authentication failed for obiserver\administrator in repository Star: invalid user/password. (08004)
  Type: Error
  Severity: 42
  Time: Thu Feb 17 14:48:46 2011
  File: project/webconnect/connection.cpp Line: 276
  Properties: ThreadID-1796
  Location:
       saw.connectionPool.getConnection
       saw.subsystem.security.checkAuthenticationImpl
       saw.threadPool
       saw.threads
  Authentication Failure.
  Odbc driver returned an error (SQLDriverConnectW).
  ---------------------------------------

• SSO with Logon Ticket to non-SAP Unix based application

  Hi all,
  Anyone has implemented SSO with Logon Ticket to a Unix box ?
  We need to achieve Single Sign On between our EP5.0 SP5 Portal and a third-party web application with a front-end on a Unix AIX machine with Apache.
  We achieved SSO with non-SAP applications with Logon Tickets, but one was to an IIS system in another domain (we therefore used the standard Web Filter for IIS and declared it in usermanagement for cross-domain support) and another one running on Windows platform (we used the C libraries provided in the "Logon Ticket Toolkit": NT or Linux only).
  From what we understand and found on the web sites, we cannot reuse any standard web filter (none for Unix, am I correct ???) and want to implement custom code using SAP libraries, if possible using Java
  -> Are there any Java libraries that are available to both:
  . verify the logon ticket with the deployed Portal public key
  . decrypt/extract the authenticated username from this ticket ??
  I've seen a mention of Java libraries, and Unix, in a SAP EP 6.0 document but I'm not sure where to find them...
  Is the SAP Logon Ticket issued the same way in EP 5.0 and EP 6.0 ?
  I managed to find something called SAPSSOEXT, for AIX, which contains some partial library and a sample, but it is dated 2000 !! Anyone has more information about this ?
  Any hint is very much appreciated.
  Thanks a lot
  Olivier

  Check these links for reference regarding AIX and Apache using X.509 certificates:
  http://publib16.boulder.ibm.com/pseries/en_US/aixbman/security/cas_pki.htm
  And just using cookies -
  http://forums.devshed.com/archive/t-105611 (perl based)
  You can also use mod_ssl built into your Apache to facilitate both certificate based authentication as well as encryption.
  The mod_ssl route is most secure (because of the encryption), the IBM link is comprehensive but requires extra infrastructure (LDAP).
  Nick
  Nick

• SSO with KRB/ADS on Enterprise Portal 7

  Dear All
  while i am trying to configure SSO with KRB/ADS on Enterprise Portal 7 i am getting this on the trace file..completed the configuration through SpNego and when i try to log in its promting for user name password..
  i have attched the trace file extract for  your advice..
  Regards
  Buddhike
  #1.5 #001CC45E6DA0008000000004000054FC00044F76844D9013#1213270351029#com.sap.engine.services.security.authentication.logincontext#
  sap.com/com.sap.security.core.admin
  #com.sap.engine.services.security.authentication.logincontext#Guest#0####3e642d50387311ddc2a0001cc45e6da0#Thread[Thread-110,5,SAPEngine_Application_Thread[impl:3]_Group]#
  #0#0#Error#1#/System/Security/Authentication#Plain###
  LOGIN.FAILED User:N/A Authentication Stack:com.sun.security.jgss.accept
  *Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details*1. com.sun.security.auth.module.Krb5LoginModule                            OPTIONAL    ok          exception             false      null#
  #1.5 #001CC45E6DA0006E00000029000054FC00044F76844D95C5#1213270351029#com.sap.engine.services.security.authentication.loginmodule.spnego.SPNegoLoginModule#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.authentication.loginmodule.spnego.SPNegoLoginModule#Guest#0####3e669e50387311dda053001cc45e6da0#SAPEngine_Application_Thread[impl:3]_2##0#0#Error##Java###Acquiring credentials for realm KEELLS.INT failed
  [EXCEPTION]
  #1#GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new ACCEPT credentials failed!)     at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:189)
       at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.java:80)
       at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:75)
       at sun.security.jgss.GSSManagerImpl.getCredentialElement(GSSManagerImpl.java:149)
       at sun.security.jgss.GSSCredentialImpl.add(GSSCredentialImpl.java:334)
       at sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:44)
       at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
       at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentialsInCurrentThread(ConfigurationHelper.java:236)
       at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:29)
       at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:337)
  Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: Access Denied.     at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:297)
       at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
       at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
       at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
       at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
       at sun.security.jgss.LoginUtility.run(LoginUtility.java:57)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:186)
       ... 9 more
  Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID [001CC45E6DA0008000000001000054FC00044F76844D8A3F] is created. For more information contact your system administrator.
       at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:156)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
       ... 23 more

  Hi,
  please check if the options defined in the KRB5LoginModule are correct.
  First of all check for the option prinicpal. Did you provide this option and also provided the correct value?
  This error often occurs if you provided a wrong value for option prinicpal
  Cheers

• SSO with ITS & Webenabling WEBGui

  Hello,
  We have configured SSO with R/3 system. It works fine.
  The requirement is, we have to webenable R/3 system thru SAP GUI For Windows and SAP GUI For HTML.
  We are able to do both on developement environment where both R/3 and portal has got the same host names.
  But in the qa environment, we are able to webenable R/3 with SAP GUI For Windows and the SSO also works fine. But when we try to using SAP GUI For Html, it asks for the username and pwd again. Here the portal and R/3 has different host names.
  Otherwise the settings in dev and test are exactly the same. Has anybody got a clue why is it not working?
  Regards,
  Rukmani

  Hi all,
  it is always good to start with a good checklist. Here is probably the best one: https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/sso checklist.html
  My suggestion is: do not skip even simple steps, sometimes problem appears there
  Regards,
  Pavol

• SSO with EP 6.0 and R/3 as backened not working

  Hi , 
      I am implementing ESS in EP 6.0 and r/3 4.7c as backend. SSO is working with UIPWD. but when I try with LogonTickets it does not work.
  I tried with ordinary SAP transaction SSO with logon tickets works. But through ITS if I call a ESS transaction service It asks me for login user and password.
  What are the setting to be done in ITS for SSO towork. I have set the parameter
  msapcomusesso2cookie = 1 in the global.svrc file.
  I do not know what is wrong. Please help.
  Regards,
  Ramesh

  Hi,
    I am using a standalone ITS for a R/3 4.7 system.
  How should I maintain a FQDN for ITS?
  You are right,
  now it is not of the format hostname.domain.com:port format. It is of the format hostname:port.
  But where should I change this format. The host name of the system where the ITS is setup is <hostname> only.
  can you please tell me as to where should I maintain the FQDN as the specific format you suggested.
  Regards,
  Ramesh

• SSO with SAP logon tickets to non-SAP web app

  I am trying to implement SSO to an oracle portal based web application using SAP logon tickets, but can't seem to find a way for it to work.  I thought maybe it would be a web server filter, but am unsure if this would work for oracle portal.  Anyone tried similar?
  Cindy

  Hi Cindy,
  If it is EP6 SP2 probably you can checkout the following document.
  http://service.sap.com/ep60
  Go to Documentation Help>How-To-Guides>Current How To Guides section.
  checkout the following how to guide.
  Perform Cross Domain SSO with SAP Logon tickets zip file.
  If you want the zip file please send an e-mail to
  [email protected]
  Regards
  -Venkat Malempati

• APEX Listener with APEX 3.0 on 11gR2

  Yes, I am crazy.
  We have many many APEX applications in APEX 3.0 running on a 10.2.0.4 database that needs desperately to be upgraded. As a test, I've set up a clean 11gR2 database and copied the production APEX database into it via datapump. I set up APEX Listener, as I don't have any OAS sitting around and the EPG doesn't seem to be supported for APEX 3.0... the Listener doesn't say one way or the other.
  When trying to log in, I get the login page, but it tries to reference files such as apex_get_3_1.js while I only have files such as htmldb_get.js in my images directory in production. I noticed it is looking for what appears to be 3.1 files instead of 3.0 files... which concerns me.
  The APEX listener appears to be more than just a Java PL/SQL gateway.
  Is there a minimum version of APEX the APEX Listener supports?
  Interested in pointers!
  Rob

  Hi Rob,
  Yes, I am crazy.Why would that be? ;)
  We have many many APEX applications in APEX 3.0 running on a 10.2.0.4 database that needs desperately to be upgraded. As a test, I've set up a clean 11gR2 database and copied the production APEX database into it via datapump. I set up APEX Listener, as I don't have any OAS sitting around and the EPG doesn't seem to be supported for APEX 3.0... the Listener doesn't say one way or the other.APEX 3.0 is supprted by EPG. See the [url http://docs.oracle.com/cd/B32472_01/doc/install.300/b32468/post_inst.htm#CHDBEJDA]APEX 3.0 Installation Guide for details.
  APEX Listener is capable of hosting APEX 3.0 as well, though APEX 3.0 wasn't supported anymore when APEX Listener was initially released. The current APEX release at that time was 4.0, so this would be the first version to be known as really stable, whereas you won't get any support for older releases anymore. From personal experience I know that there are now issues with APEX 3.1 and APEX Listener, so it'll probably also work with 3.0.
  Concerning your database release, the minimum for APEX Listener is 10.2.0.3, so you're definetly safe on that part, though I'd recommend to upgrade as regular support for 10.2 databases ended.
  When trying to log in, I get the login page, but it tries to reference files such as apex_get_3_1.js while I only have files such as htmldb_get.js in my images directory in production. I noticed it is looking for what appears to be 3.1 files instead of 3.0 files... which concerns me.This indicates that your APEX would actually be a 3.1 and you should update you images directory.
  The APEX listener appears to be more than just a Java PL/SQL gateway.It is, but this has nothing to do with your 3.1 JS files, if this is why you stated this.
  Is there a minimum version of APEX the APEX Listener supports?As mentioned above, 4.0 would be a safe approach, but 3.1 will definetly work, 3.0 probably will as well. I'd recommend you find out which APEX version is actually installed on your database before you consider any upgrade operations. Run the following query as privileged user:
  SELECT comp_name, version, status
    FROM dba_registry
  WHERE comp_id = 'APEX';-Udo

• SSO with XI 3.1

  I have BO XI 3.1 SP3 installed on a Windows 2008 4 bit server. I enabled SSO with Tomcat, it is working but not all the times.
  I configured SSO, when users go to Infoview it dosen't prompt them for user credentials but this is not happening all the time. I would say 50% it doesn't, 50% it does prompt, it is not consistent. Any one has seen this problem.
  Thanks.

  What documentatin are you using, also what are the desktop OS's? SSO occurs on the client workstation and when intermittent issues occur usually it's the client however their are some best practices that are in the current documentation. KB 1483762 should be used if possible.
  Regards,
  Tim