SSO with BW - webi / BOE / Windows AD

Similar Messages

• Sample code for SSO with ucm10gR3

  hi all,
  I am using ucm10gr3 and want to implement sso with my web application running on wls, I don't have OAM, I need to implment sso with ucm by my code, reading the following statement in metalink:
  REMOTE_USER is a computed Common Gateway Interface (CGI) variable that is used by the web server to indicate that the current acting request has been successfully authenticated as acting as the user identified by the value of this CGI variable. Getting the web server to set this variable for you is highly dependent on the particular APIs and data structures available in that web server. This may also require some customization and code be written within the web server, such as a custom web server plugin. This should not require additional code or components to be written on the UCM side.
  In other words, This is not specially a content server configuration issue. If you can get any standard 3rd party web application (such as PHP -- for example a Wiki application) to get the SSO solution to work using standard webserver authentication techniques and doing nothing special in the application, then it should work without needing any additional UCM specific code.
  All web servers have a built in understanding that the current request can act at the behest of a particular user. When web servers execute CGI applications, such as PHP, the standard CGI specification specifies that this user name be used to populate a parameter called REMOTE_USER. The mechanism by which this parameter is propagated to the script or plugin that is executing the request tends to be implementation specific. This parameter can be picked up by the CS web server plug-in.
  Per my understanding, I need to use CGI to produce a variable named REMOTE_USER, and save username in it, but I am not a CGI guy, who can give me a demo for this?
  Or is there any other solution to implement sso with ucm?
  Thanks a lot!
  Best regards

  While, seems one way is to use stream to bypass login.

• SSO with SAP logon tickets to non-SAP web app

  I am trying to implement SSO to an oracle portal based web application using SAP logon tickets, but can't seem to find a way for it to work.  I thought maybe it would be a web server filter, but am unsure if this would work for oracle portal.  Anyone tried similar?
  Cindy

  Hi Cindy,
  If it is EP6 SP2 probably you can checkout the following document.
  http://service.sap.com/ep60
  Go to Documentation Help>How-To-Guides>Current How To Guides section.
  checkout the following how to guide.
  Perform Cross Domain SSO with SAP Logon tickets zip file.
  If you want the zip file please send an e-mail to
  [email protected]
  Regards
  -Venkat Malempati

• Jabber for Windows SSO with CWMS

  We've configured our WebEx Meetings Server 2.0 for SSO with ADFS 3.0 and it works in various browsers.  The docs for Jabber for Windows say that it can do SSO to WebEx Meetings Server but there are no details in the configuration guide and I haven't been able to get it to work. After I turn on SSO, Jabber won't authenticate with the Meetings Server.  All the guide says is
  If you configure SSO with Cisco WebEx Meetings Server, Cisco Jabber can seamlessly integrate with the SSO environment. In this case, you do not need to specify credentials in order for users to authenticate with Cisco WebEx Meetings Server.
  Any ideas?

  Hi Eric,
  No specific configuration is done on CWMS for Jabber for Windows integration. All this is done on Jabber side. I would advise you to reach out to Jabber Clients community or open a TAC ticket with Jabber for Windows team.
  -Dejan

• BO XI 3.1 SP3 SSO with CMC and Webi Rich Client

  Hello,
  Is it possible in BO XI 3.1 SP3 to use SSO with CMC and Webi Rich Client ?
  It works fine with InfoView, Designer and Desktop Intelligence.
  Regards

  Hi,
  What kind of SSO authentication are you trying to set up? (AD, LDAP,...)
  I think it's AD regarding your command line.
  But be aware that in SSO, you don't need to configure the command line to run the client.
  Have a look at the following guide.
  [Configuring Manual Kerberos Authentication and-or SSO in Distributed Environments with XI 3.1 SP3.pdf|https://bosap-support.wdf.sap.corp/sap/support/sapnotes/public/services/attachment.htm?iv_key=002007204200000183782010&iv_version=0005&alt=2BCE4CB10DF674B172F4F3F7B32A284F49333135358877720E883731B332AF34CACD2AB52C0A2C8DCACA09084EF4CB494E4E0F2ECE8E2F89772908C9CE70CD2DF77675F7F2D1750C09514BCECFCFCE4C8DCF4BCC4DB5F575F4F4F3F57771F571F6F70B01B25D83D4120B0A722092A599504EB16D715E3E00&iv_guid=DF838310BFAAE8F1B486001A64C54696]
  Regarding accessing CMC with SSO, it's not recomended at all as if you break this access, than you can't connect anymore to the CMC and modify settings.
  Regards,
  Philippe
  Edited by: Philippe Tavares on Feb 15, 2011 4:11 PM

• How configure Windows 8.1 Clients with IE11 for SSO with Kerberos SPNEGO

  We are using BI Publisher OBIEE 11.1.1.7 with SSO Kerberos SPNEGO.
  The Weblogic Server Version is WLS_PRODUCT_VERSION=10.3.5.0
  The SSO is working very well with Clients that are Windows XP or Windows 2003 R2. We had testet wit IE7,IE8 Firefox.
  Now as we become Windows 8.1 Clients with IE11 the Kerberos SPNEGO SSO is not working.
  Please give us advice or a HOW TO Document about the configuration on Windows 8.1 Cllients with IE11 Browser.
  I find many Dokuments related to older Windows Versions for example
  http://www.oracle.com/technetwork/articles/idm/weblogic-sso-kerberos-1619890.html
  but nothing for Windows 8.1 Clients
  Thanks in advance.

  The location for tabs in IE11 browser might be different but the steps are the same :
  Configure Local Intranet Domains
     1. In Internet Explorer, select Tools > Internet Options.
     2. Select the Security tab.
     3. Select Local intranet and click Sites.
     4. In the Local intranet popup, ensure that the Include all sites that bypass the proxy server and Include all local (intranet) sites not listed in other zones options are checked.
     5. Click Advanced.
     6. In the Local intranet (Advanced) dialog box, add all relative domain names that will be used for Oracle WebLogic Server instances participating in the SSO configuration (for example, myhost.example.com) and click OK.
  Configure Intranet Authentication
     1. Select Tools > Internet Options.
     2. Select the Security tab.
     3. Select Local intranet and click Custom Level... .
     4. In the Security Settings dialog box, scroll to the User Authentication section.
     5. Select Automatic logon only in Intranet zone. This option prevents users from having to re-enter logon credentials, which is a key piece to this solution.
     6. Click OK.
  Verify Proxy Settings
  If you have a proxy server enabled:
     1. Select Tools > Internet Options.
     2. Select the Connections tab and click LAN Settings.
     3. Verify that the proxy server address and port number are correct.
     4. Click Advanced.
     5. In the Proxy Settings dialog box, ensure that all desired domain names are entered in the Exceptions field.
     6. Click OK to close the Proxy Settings dialog box.
  What is the error reported by the browser / wls logs ?
  -- Puneeth

• Identity SSO API with non-web based appilcations

  hi,
  i can appreciate hwo this works with cookies etc for web based applications that use the api or one of the agents on apache etc.
  but how does it go with non web based java and say windows applications?
  can anyone point me to some docs?
  thanks

  I don't work for Sun but here are my thoughts
  1. Yes, if you don't want to use the AM SDK then the
  XML auth service is the way to go.
  2 & 3. dunno
  4. I think if you pass around the SSOToken ID
  generated by AM then any application can issue a SAML
  query to see if the session is still valid and get
  identity/auth attributes back
  5. I think SAML 2.0 supports authentication and
  single signoff
  6. If you are doing a lot of thick client apps you
  should use kerberos instead of AM web based
  Authentication. AM supports kerberos authentication,
  most modern browsers support SPEGNO for passing
  credentials to web server, AD supports Kerberos, and
  even Solaris 10 comes with a free KDC built into the
  OS. There is plenty of documentation around kerberos
  and the JDK out of the box supports GSS-API for
  Kerberos authenticationThank you for your feedback.
  We looked at the use of kerberos as well, but this is not really an option as we are dealing with fat clients installed on desktops of clients. So these desktops do not fall within our span control (multiple domain controllers etc.).
  Regards,
  Thomas

• 10g - how to configure sso with iis-

  hi, experts, I have followed Oracle® Business Intelligence Enterprise Edition Deployment Guide to configure SSO with IIS.
  but I always meet this message.
  Not Logged In
  You are not currently logged in to the Oracle BI Server.
  If you have already logged in, your connection might have timed out, or a communications or server error may have occurred
  what steps are missing?
  how to check?

  hi, experts,
  I checked C:\OracleBIData\web\log\sawlog0.log on the obi server (windows server 2003 standard).
  at Thu Feb 17 14:48:46 2011 , I logined OBI on another machine (not via the browser on the obi server).
  however, the log shows the login user is the administrator of the obiserver (obiserver\administrator ).
  any setup on IIS are wrong? thank you very much!
  =========================================================================================
  Running job 'MinutelyMonitor' took 7422 milliseconds, 12.3% of job's frequency (60 seconds).
  Type: Error
  Severity: 40
  Time: Thu Feb 17 14:48:46 2011
  File: project/webodbcaccess/odbcconnectionimpl.cpp Line: 371
  Properties: ConnId-1,1;ThreadID-1796
  Location:
       saw.odbc.connection.open
       saw.connectionPool.getConnection
       saw.subsystem.security.checkAuthenticationImpl
       saw.threadPool
       saw.threads
  Odbc driver returned an error (SQLDriverConnectW).
  State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused.
  [nQSError: 43001] Authentication failed for obiserver\administrator in repository Star: invalid user/password. (08004)
  Type: Error
  Severity: 42
  Time: Thu Feb 17 14:48:46 2011
  File: project/webconnect/connection.cpp Line: 276
  Properties: ThreadID-1796
  Location:
       saw.connectionPool.getConnection
       saw.subsystem.security.checkAuthenticationImpl
       saw.threadPool
       saw.threads
  Authentication Failure.
  Odbc driver returned an error (SQLDriverConnectW).
  ---------------------------------------

• SSO with Logon Ticket to non-SAP Unix based application

  Hi all,
  Anyone has implemented SSO with Logon Ticket to a Unix box ?
  We need to achieve Single Sign On between our EP5.0 SP5 Portal and a third-party web application with a front-end on a Unix AIX machine with Apache.
  We achieved SSO with non-SAP applications with Logon Tickets, but one was to an IIS system in another domain (we therefore used the standard Web Filter for IIS and declared it in usermanagement for cross-domain support) and another one running on Windows platform (we used the C libraries provided in the "Logon Ticket Toolkit": NT or Linux only).
  From what we understand and found on the web sites, we cannot reuse any standard web filter (none for Unix, am I correct ???) and want to implement custom code using SAP libraries, if possible using Java
  -> Are there any Java libraries that are available to both:
  . verify the logon ticket with the deployed Portal public key
  . decrypt/extract the authenticated username from this ticket ??
  I've seen a mention of Java libraries, and Unix, in a SAP EP 6.0 document but I'm not sure where to find them...
  Is the SAP Logon Ticket issued the same way in EP 5.0 and EP 6.0 ?
  I managed to find something called SAPSSOEXT, for AIX, which contains some partial library and a sample, but it is dated 2000 !! Anyone has more information about this ?
  Any hint is very much appreciated.
  Thanks a lot
  Olivier

  Check these links for reference regarding AIX and Apache using X.509 certificates:
  http://publib16.boulder.ibm.com/pseries/en_US/aixbman/security/cas_pki.htm
  And just using cookies -
  http://forums.devshed.com/archive/t-105611 (perl based)
  You can also use mod_ssl built into your Apache to facilitate both certificate based authentication as well as encryption.
  The mod_ssl route is most secure (because of the encryption), the IBM link is comprehensive but requires extra infrastructure (LDAP).
  Nick
  Nick

• SSO with Custom LDAP

  This is the landscape :-
  Web Application / Portal at Oracle Web Center Suite (WCS).
  SAP BO 4.0
  Authentication using Custom LDAP & SSO with Trusted Authentication.
  Used OpenLDAP for authentication via RadiantOne VDS as the proxy.
  Activities :
  Authenticate the BO users with OpenLDAP via RadiantOne.
  Synchronize the BO user group from OpenLDAP via RadiantOne.
  Used openDocument.jsp to open WEBI reports.
  Problems :
  We configure the LDAP as Custom. Attributes mapping as default.
  When BOE trying to connect the RadiantOne VDS & create user u201Cuser01u201D which already exists in the OpenLDAP server. It throws the exception :
  "An internal error has occurred in the secLdap plugin.u201D
  When trying to create user that does not exist in LDAP. It throws the exception :
  u201CThe secLdap plugin failed to get the dn for the user notuser.u201D
  Please advise us how to resolved this internal error if we want to SSO with custom LDAP !!
  Thanks & regards,
  Herries E

  Hi,
  Herrie, Roland is correct, OpenLDAP is not supported and you can run into problems if you want to escalate issues in the future. The customer must have that into account.
  However, LDAP is pretty standard and usually you just need to make sure that the attribute mappings is correct.
  Are users correctly created when you map an LDAP group?
  Are you able to manually authenticate using LDAP? You can use the CMC page and select authentication LDAP
  When you have confirmed that LDAP manual authentication is working, you can set up Trusted Authentication. Check first that the system is working just using QUERY_STRING:
  https://service.sap.com/sap/support/notes/1593628
  When trusted auth is confirmed to work, you can configure the parameters that Radiant users to pass the user: cookies, web session, etc.
  Regards,
  Julian

• OBIEE  SSO  with authorization

  Hi Gurus,
  1)I have instance configured the SSO with windows Active Directory and OBIEE.
  2)I also have another instance ( without SSO configured) with external table authentication( user name and password verification) and authorization( groups , which populate the session variables for data filtering) .
  Now my question is , i want a combination of Scenario 1 and Scenario 2. I want to have OBIEE SSO with Active directory
  and external table groups.
  The reason being , my groups are custom groups in external table, i do not want to maintain users in repository.
  can you please give me pointers if the scenario is possible . Thanks in Advance
  Thanks and Regards
  Satya

  Now my question is , i want a combination of Scenario 1 and Scenario 2. I want to have OBIEE SSO with Active directory and external table groups.I don't what your issue is? Just do SSO with AD and then load the groups in the GROUP init block via SQL. What is your actual issue?
  In order to filter the data in reports you need to have the same group structure in Web Cat i guess ( correct me if i am wrong).Yes, although you don't need to use the same group names. Inm fact I prefer to have completely separate groups names, some for RPD security some for Web Catalog security. As long as the the groups exist in the proper location (RPD or Web Catalog) and they get assigned in the GROUP init block then OBIEE will be happy, they don't need to exist in both places.
  2) Will not SSO populate the Remote_User variable rather than the USER variable by default.No, you have to tell OBIEE where to put the REMOTE_USER value. You can simply do SELECT ':USER' FROM DUAL or if you have your users defined in a table you can also authenticate that the user exists in this table SELECT ':USER' FROM USER_TABLE WHERE USER_ID = ':USER' which adds another layer of authentication to your SSO solution.

• Setting up SSO with SNC/Kerberos

  I'm trying to setup SSO for SAPGui with backend ECC5 on Windows 2003. I have followed the section of the install guide called SAP WebAS 6.40 SR1 because I can't find a ECC5 version so possibly what I am trying to do is not possible?
  Steps that I did...
  1. I've downloaded the gsskrb5.dll and put in c:\windows\system32
  2. Added the profile parameters:
  snc/enable = 1
  snc/identity/as = p:SAPServiceIDS{at symbol}sscit.com.au
  snc/gssapi_lib = C:\WINDOWS\system32\gsskrb5.dll
  3. I'm still using the local account at this stage because I'm not sure how to create a domain account that can start the sap instance on this machine. I also have played with Service Principle but again I'm not sure really what I am doing.
  So anyhow, after I made the parameter changes and restarted the sap instance the dispatcher soon failed with the following errors in all the wp logs...
  rdisp/reinitialize_code_page -> 0
  M  icm/accept_remote_trace_level -> 0
  M  rdisp/no_hooks_for_sqlbreak -> 0
  N  SncInit(): Initializing Secure Network Communication (SNC)
  N        PC with Windows NT (mt,ascii,SAP_UC/size_t/void* = 8/32/32)
  N  SncInit():   found snc/data_protection/max=3, using 3 (Privacy Level)
  N  SncInit():   found snc/data_protection/min=2, using 2 (Integrity Level)
  N  SncInit():   found snc/data_protection/use=9, using 3 (Privacy Level)
  N  SncInit(): found  snc/gssapi_lib=C:\WINDOWS\system32\gsskrb5.dll
  N    File "C:\WINDOWS\system32\gsskrb5.dll" dynamically loaded as GSS-API v2 library.
  N  *** ERROR => SncPDLInit(): gss_indicate_mechs() failed
  N   [sncxxdl.0457]*** ERROR => SncPDLInit(()==SNCERR_INIT  [sncxxdl.c 452]
  N        GSS-API(maj): Miscellaneous Failure
  N        GSS-API(min): Kerberos SSPI not usable with this User account
  N      STOP! -- initial call to gss_indicate_mechs() failed
  M  *** ERROR => ErrISetSys: error info too large [err.c        931]
  M  Wed Oct 08 10:06:29 2008
  M  LOCATION    SAP-Server redback_IDS_11 on host redback (wp 15)
  M  ERROR       GSS-API(maj): Miscellaneous Failure
  M  GSS-API(min): Kerberos SSPI not usable with this User account
  M  STOP! -- initial call to gss_indicate_mechs() failed
  M  TIME        Wed Oct 08 10:06:29 2008
  M  RELEASE     640
  M  COMPONENT   SNC (Secure Network Communication)
  M  VERSION     5
  M  RC          -1
  M  MODULE      sncxxdl.c
  M  LINE        452
  M  DETAIL      SncPDLInit(
  M  SYSTEM CALL gss_indicate_mechs
  M  ERRNO      
  M  ERRNO TEXT 
  M  DESCR MSG NO
  M  DESCR VARGS GSS-API(maj): Miscellaneous Failure;;;;
  M  ;;;;GSS-API(min): Kerberos SSPI not usable with this User account;;;;
  M  ;;;;STOP! -- initial call to gss_indicate_mechs() failed
  M  DETAIL MSG N
  M  DETAIL VARGS
  M  COUNTER     1
  N  *** ERROR => SncPDLInit()==SNCERR_INIT, Adapter (#0) C:\WINDOWS\system32\gsskrb5.dll not loaded
  N   [sncxxdl.0604]<<- ERROR: SncInit()==SNCERR_INIT
  N           sec_avail = "false"
  M  ***LOG R19=> ThSncInit, SncInitU ( SNC-000001) [thxxsnc.c    223]
  M  *** ERROR => ThSncInit: SncInitU (SNCERR_INIT) [thxxsnc.c    225]
  M  in_ThErrHandle: 1
  M  *** ERROR => SncInitU (step 1, th_errno 44, action 3, level 1) [thxxhead.c   9461]
  I also tried the gsstest and got the following log file...
  TEST: acquiring default initiating credentials (simple)
  RESULT  OK
  TEST: acquiring default initiating credentials (query)
  RESULT  OK
  TEST: acquiring initiating credentials (gss_name_t)
  RESULT  OK
  TEST: acquiring initiating credentials (printable name)
  RESULT  OK
  TEST: acquiring initiating credentials (can. printable name)
  RESULT  OK
  TEST: acquiring accepting credentials for target (printable name)
    for identity "SAPServiceIDS{at symbol}sscit.com.au"
  Status:  gss_acquire_cred Acc() == (GSS_S_NO_CRED)
           gss_display_status(0x00070000,GSS_S_GSS_CODE) =
             "No valid credentials provided (or available)"
           gss_display_status(0x1360000d,GSS_S_MECH_CODE) =
             "SSPI::AccSctx#1()==Logon attempt failed"
  RESULT  NOT ok (rc=1)
  TEST: acquiring accepting credentials for target (can. printable name)
  Status:  gss_acquire_cred Acc() == (GSS_S_NO_CRED)
           gss_display_status(0x00070000,GSS_S_GSS_CODE) =
             "No valid credentials provided (or available)"
           gss_display_status(0x1360000d,GSS_S_MECH_CODE) =
             "SSPI::AccSctx#1()==Logon attempt failed"
  RESULT  NOT ok (rc=1)
  Note: I've changed the @'s to {at symbol} to get message posted.
  I hope somebody is able to help me progress past this.
  Thank you.

  Hello all,
  I'm sorry if someone has invested time looking into this for me. I have resolved it. Basiscally as per OSS Note 352295, "Kerberos authentication is only available for Domain Accounts that are managed by Microsoft Active Directory, NOT for local computer users". So I went through the excercise of changing the sap services to start with a domain account instead of the local account, this also required setting up the new ops$ account in oracle, then it all seamed to work pretty much as the doco said it would.

• Sorry, something went wrong - Open Office File from Search Results Page with Office Web Apps

  Hi,
  I'm getting "Sorry, something went wrong" error when I'm trying to open any office document from inside Search Results Page with Office Web Apps, the same error is appearing in the document preview as well.
  The error in SharePoint logs says that the file cannot be found.
  Please note that this error is coming only when the "Filename" of the document is not written in English (in my case its written with Arabic characters).
  If I try to open it from the document library, its opening properly with no errors.
  The only difference between two URLs (document URL in Search Results and in Document Library) is the value for "sourcedoc" attribute;
  In the case of Search Results page, the filename in "sourcedoc" attribute is kept as is with Arabic characters.
  While in the Document Library, the filename in "sourcedoc" attribute is converted into different characters (something like: "B9%D9%85%D9%8").
  Anybody have an idea on how to overcome this issue, implement a workaround or modify the "sourcedoc" behavior?
  Thanks in Advance.
  Hamza AlSughier

  Dear Wendy,
  Thanks for your efforts, I already tried your last suggestion before, but this didn't solve my problem.
  Actually my end users are accessing this portal using ADFS and HTTPS.
  Finally I got this solved, I have done below to get my overall solution working perfectly:
  - First I have configured Windows Authentication and ADFS Authentication on the same zone which is the default zone.
  - The issue when opening office documents with Arabic file name has disappeared as a result of first change.
  - Then I have faced an issue where we are not able to crawl content under Default zone, however we have to do so, after too many efforts, I found that its related to the Load-balancer/proxy, I have made the crawler server
  to crawl himself (http://CrawlServerName:PortNumber).
  - Also a change on Alternate Access Mapping was needed, I have set one of the extended zones (which is running Windows Authentication only) as Internal URL for the Default Zone, and this is was the URL I used for Crawling.
  I have configured Server Name Mappings to make sure we got proper URLs in Search Results.
  - Then we faced another issue, which is Authentication selection on login page (How to bypass this page, and authenticate using ADFS auto), I used this solution (Set Custom Sign In Page):
  http://0ut0ftheb0x.wordpress.com/2014/01/04/skip-the-authentication-selection-page-at-_logindefault-aspx-in-a-mixed-authentication-environment/.
  - I faced one more issue as a result of above workaround; Sign Out functionality wasn't working well; users get logged in automatically whenever I click on Sign Out. I solved this by modifying the "Sign Out" Control under _layouts;
  I made it to redirect users to ADFS Sign Out Page instead of SharePoint Sign Out Page (I know its not recommended, but I don't have any other option).
  Hamza AlSughier

• SSO with ITS & Webenabling WEBGui

  Hello,
  We have configured SSO with R/3 system. It works fine.
  The requirement is, we have to webenable R/3 system thru SAP GUI For Windows and SAP GUI For HTML.
  We are able to do both on developement environment where both R/3 and portal has got the same host names.
  But in the qa environment, we are able to webenable R/3 with SAP GUI For Windows and the SSO also works fine. But when we try to using SAP GUI For Html, it asks for the username and pwd again. Here the portal and R/3 has different host names.
  Otherwise the settings in dev and test are exactly the same. Has anybody got a clue why is it not working?
  Regards,
  Rukmani

  Hi all,
  it is always good to start with a good checklist. Here is probably the best one: https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/sso checklist.html
  My suggestion is: do not skip even simple steps, sometimes problem appears there
  Regards,
  Pavol

• Unable to launch application with java web start (OILOM)

  I'm connecting to a remote Oracle console from a server, using "oracle integrated lights out manager". I go to "Remote Control" and click on "Launch Console". After that, it download a JNLP file, called "jnlpgenerator-16". I open it with Java7 -web starter- update 5.
  After a while hanging I get this error:
  Error: Unable to load resource: https://XXX.XXX.XXX.XX:443/Java/JavaRConsole.jar.
  In Exception:
  com.sun.deploy.net.FailedDownloadException: Unable to load resource: https://XXX.XXX.XXX.XXX:443/Java/JavaRConsole.jar
       at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getCacheEntry(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getCacheEntry(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getResourceCacheEntry(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getResourceCacheEntry(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getResource(Unknown Source)
       at com.sun.javaws.LaunchDownload$DownloadTask.call(Unknown Source)
       at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
       at java.util.concurrent.FutureTask.run(Unknown Source)
       at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
  In Wrapped Exception:
  java.net.SocketException: SOCKS server general failure
       at java.net.SocksSocketImpl.connect(Unknown Source)
       at java.net.Socket.connect(Unknown Source)
       at sun.security.ssl.SSLSocketImpl.connect(Unknown Source)
       at sun.security.ssl.BaseSSLSocketImpl.connect(Unknown Source)
       at sun.net.NetworkClient.doConnect(Unknown Source)
       at sun.net.www.http.HttpClient.openServer(Unknown Source)
       at sun.net.www.http.HttpClient.openServer(Unknown Source)
       at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
       at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
       at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(Unknown Source)
       at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
       at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
       at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
       at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
       at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
       at com.sun.deploy.net.BasicHttpRequest.doGetRequest(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getCacheEntry(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getCacheEntry(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getResourceCacheEntry(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getResourceCacheEntry(Unknown Source)
       at com.sun.deploy.net.DownloadEngine.getResource(Unknown Source)
       at com.sun.javaws.LaunchDownload$DownloadTask.call(Unknown Source)
       at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
       at java.util.concurrent.FutureTask.run(Unknown Source)
       at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
       at java.lang.Thread.run(Unknown Source)
  It happens the same under Windows 7 and Linux -using openJRE and icedtea as substitution of Java Web Start-.
  I'm behind a proxy. In my browser -Chrome, IE and FF- putted the info of the proxy and I can browse. Aldo tried to put the info in the Java "Network Settings". It did not work -the launching of the console-.
  I installed the last Java Web Start in Windows 7 -Java7 Update5-. I disabled my anti-virus and firewall. Always the same result.
  Could you help me please. I don't have idea of what is going on.
  Greetings.
  PD: I tested from other machines of the company and it works. So, I guess is my laptop. I exported the oracle certificates from those machine and imported them into mine.

  AndrewThompson64 wrote:
  I am not used to seeing references to a local server that do not include a port number.
  E.G. http://localhost:8080/LottoMadness/
  I have deployed the following HTML (HelpMe.html) to the web server:
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
  <html>
  <head>
       <title>Untitled</title>
  </head>
  <body>
  Help Me!
  </body>
  </html>When I attempt to render the URL in IE, I see the page just fine. The URL is use is:
  http://localhost/LottoMadness/HelpMe.htmlSo, I think my web server setup and usage is ok.
  >
  As an aside, what happens if (your MS IIS is running and) you click a direct link to..
  [http://localhost/LottoMadness/LottoMadness.jnlp|http://localhost/LottoMadness/LottoMadness.jnlp]
  When I click this link I get the error and exception I cited in my previous post.