URL Decode SSO Token Flag Property IIS 6.0
I have the Policy Agent 2.2 for IIS 6.0 to install. I have been installing the agents before and all of them had the option of URL Decode SSO Token Flag Property (com.sun.identity.agents.config.sso.decode), but I can not find it here. Has it been disabled? I really needed it to get rid of some error. Thank you very much for you help!
Apparently there is no need for such an option. The agent works fine without it. The idea behind the scenes is that I used to get an invalid session and and thought that this could be the problem that the SSO Token does not get decode right, the problem was actually something else.
The time between the Access Manager machine and the Server where IIS is installed has to be in sync. And by that I mean day, year, hour, minutes and this is what I have missed - TimeZone!
Similar Messages
-
OnDemand Web Services, SSO, SSO Token
Hello,
We are working on a project that requires integration between an external application and Oracle CRM OnDemand. We are using the OnDemand web services for this and have got the integration going.
However we are currently using a fixed username/password for instantiating the web services sessions and would like to change that using SSO such that we pass the SSO Token and obtain a session id and then use that for the same integration.
Not sure how to get SSO going though. I've read the posts on this forum and have now gotten SSO enabled for our company and user. We also know that we need to pass on the URL a SSO Token instead of Username/Password.
However dont know where/how to get the SSO Token?
Any pointers will be appreciatd. If someone has the pseudo code of the 3-4 steps to getting the SSO token going would be appreciated.
ThanksOk got it. So I guess the SSO Token does not meet our use case then.
Here's our use case.
We have an custom web application that users log into. These users are also OnDemand users with a OD Username/Password but the values are not the same as the custom web app username/password.
What we need is, when these users log into the custom web app and perform certain tasks the web app behind the scenes creates a web service session with OD and inserts some data. We were currently using a common username/password to do inserts, but now we want to do it based on each users login, but do not want to locally store in the custom app the OD Uid/Pwd's. So we thought SSOToken would allow us to do this where since the users are logged into the custom web app that app would then use the SSO Token to create a session with OD and insert data.
Any ideas would be appreciated. -
Hi, I have Tomcat with opensso installed on the same machine with IIS 6 + agent.
While trying to browse any of pages in IIS pages get immediately that error after authentication:
2009-10-06 11:16:43.357 Error 3240:161bd38 AM_SSO_SERVICE: SSOTokenService::getSessionInfo(): Error 21 for sso token ID AQIC5wM2LY4SfczzPs5KzV6tcQMK0T1shHOpKmXvAr8vmSQ=@AAJTSQACMDE=#.
2009-10-06 11:16:43.357 Error 3240:161bd38 PolicyEngine: am_policy_evaluate: InternalException in Service::initialize() with error message:Session query failed during service creation. and code:21
2009-10-06 11:16:43.357 Error 3240:161bd38 PolicyAgent: HttpExtensionProc(): status: HTTP error (21)Any suggestion is welcome !
Thank You !
Edited by: AlexanderL on Oct 6, 2009 11:20 AMI think the problem is due to agent configuration...
What i did is to add the property (com.sun.am.ignore.naming_service = true) to the AMAgent.properties file to disable looking for the naming service url. The problem was solved but i am not sure if it's really the good solution or not.
Any suggestions? -
Hello everybody,
Here is the configuration i am trying to deploy:
- Apache server 2.0.55 secured with ssl
- Tomcat 6.0.14 also secured with ssl
- An fam-samples.war configured as IdP on tomcat
- Web agent installed on apache server
Now if a non authenticated user tries to access a resource on apache, the web agent redirect him to IdP for authentication. After giving the write login and password he's redirected to the resource initially requested. Here i got an "Internal server error" and when i looked in the amAgent file for error i found this:
<--
2007-09-17 15:17:06.594 Error 6447:98a16d8 all: LineBuffer::findEndOfLine():
2007-09-17 15:17:06.608 Error 6447:98a16d8 all: LineBuffer::findEndOfLine():
2007-09-17 15:17:06.617 Error 6447:98a16d8 all: LineBuffer::findEndOfLine():
2007-09-17 15:17:06.618 Error 6447:98a16d8 AM_SSO_SERVICE: SSOTokenService::getSessionInfo(): Error 12 for sso token ID AQIC5wM2LY4SfcxUl+Qrr8Za5tjVgKq5XRocwCegb79ttmE=@AAJTSQACMDE=#.
2007-09-17 15:17:06.618 Error 6447:98a16d8 PolicyEngine: am_policy_evaluate: InternalException in Service::initialize() with error message:Session query failed during service creation. and code:12
-->
I tried to look in the web agent configuration file AmAgent.properties for some properties to change but i didn't found the solution!
Does anyone please have an idea about this problem?
Note: If tomcat is not secured all works perfectly.
THANKSI think the problem is due to agent configuration...
What i did is to add the property (com.sun.am.ignore.naming_service = true) to the AMAgent.properties file to disable looking for the naming service url. The problem was solved but i am not sure if it's really the good solution or not.
Any suggestions? -
"Cannot obtain Application SSO token" error
Hello,
I configured my agent as follows:
Version: 3.0
Build Date: 20071212
Application Server Config Directory : C:\Sun\SDK\domains\domain1\config
Application Server Instance name : server
Access Manager URL : http://juno:6140/opensso
Domain Administration Server Host is remote : false
Agent URL : http://juno:8080
Deployment URI for the Agent Application : /agentapp
Encryption Key : J+KQLOM+s6gAQb1Y1H8uJoej3bzKBAEN
Agent Profile name : asagent
Agent Profile Password file name : c:\temp\password.TXT
Agent installed on the DAS host for a remote instance : false
The AM and the sample applications are both running on separate domains.
Following steps I performed:
1. I started my SSO domain (domain2) first and then the application domain where my agent is installed (domain1).
2. I deployed the agentsample.ear file after compilation through build.xml file
When I try to access the URL (http://localhost:8080/agentsample/index.html), it throw the following exception (recorded in amSSO log file located in the Agent_001
Caused by: com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:233)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.identity.common.PropertiesFinder.getProperty(PropertiesFinder.java:49)
at com.iplanet.am.util.SystemProperties.get(SystemProperties.java:255)
at com.iplanet.am.util.SystemProperties.get(SystemProperties.java:298)
at com.iplanet.dpro.session.SessionID.<clinit>(SessionID.java:90)
... 46 more
|#]
[#|2007-12-14T11:32:42.881-0500|SEVERE|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=15;_ThreadName=httpSSLWorkerThread-8080-1;_RequestID=30ba22ac-dd83-461b-a835-440480970033;|StandardWrapperValve[default]: PWC1406: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: Could not initialize class com.sun.identity.agents.filter.AmFilterManager
at com.sun.identity.agents.filter.AmAgentBaseFilter.initializeFilter(AmAgentBaseFilter.java:217)
at com.sun.identity.agents.filter.AmAgentBaseFilter.getAmFilterInstance(AmAgentBaseFilter.java:279)
at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:64)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask(PortUnificationPipeline.java:361)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
I spent lot of time refering the supporting document but could not find any solution.
Your assistance will be greatly appreciated.
Thanks,
VinitI tried to deploy "agentapp.war" in the "domain1" which I configured to install J2EE Agent. The "domain2" deployed opensso.war file. When I tried to invoke "http://test.domain.org:8080/agentapp", it threw the following error:
Caused by: com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:233)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.identity.common.configuration.ConfigurationBase.isLegacy(ConfigurationBase.java:180)
at com.sun.identity.common.configuration.ConfigurationObserver.createAttributeMapping(ConfigurationObserver.java:62)
at com.sun.identity.common.configuration.ConfigurationObserver.<init>(ConfigurationObserver.java:58)
at com.sun.identity.common.configuration.ConfigurationObserver.<clinit>(ConfigurationObserver.java:50)
... 35 more
|#]
[#|2007-12-17T21:24:21.453-0500|SEVERE|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=15;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=fde18bdd-a04f-48ba-b4f1-7a88a756c315;|StandardWrapperValve[default]: PWC1406: Servlet.service() for servlet default threw exception
java.lang.NoClassDefFoundError: Could not initialize class com.sun.identity.agents.filter.AmFilterManager
at com.sun.identity.agents.filter.AmAgentBaseFilter.initializeFilter(AmAgentBaseFilter.java:217)
at com.sun.identity.agents.filter.AmAgentBaseFilter.getAmFilterInstance(AmAgentBaseFilter.java:279)
at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:64)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
I do not understand why it is looking for AMConfig.properties file in domain1? This file exist in domain2 and not in domain1. Secondly, it also throws NoClassDefFoundError Exception. However, config.xml file sets classpath as :
<java-config classpath-suffix="${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/lib/agent.jar${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/lib/openssoclientsdk.jar${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/locale${path.separator}C:/tools/opensso/j2ee_agents/appserver_v9_agent/Agent_001/config" debug-enabled="false" debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9009" env-classpath-ignored="true" java-home="${com.sun.aas.javaRoot}" javac-options="-g" rmic-options="-iiop -poa -alwaysgenerate -keepgenerated -g" system-classpath="">
I am not sure whether both these problems are related or independent.
Thanks in advance,
Vinit -
How to get userID or name from SSO, SSO Token
How can I get the userID or name from the SSO token passed through a weblink/webtab to an external application?
That's Simple...
When you configure weblink or webtab you specify the custom application url along with SSO Token %%%SSO Token%%% similarly you can get User First Name, User Last Name, User Full Name and UserId from the same fashion..
Hope this helps...
Regards,
Deepak H Andeli -
Return the user detail after validate the SSO token
Hi all ,
Iam new to Oracle CRM on demand. I want to know is there a way to get user details when validating the SSO token. After SSO validation success then need to return the user detail (User first name, email, last name, etc ).
Please help meHi Vikas,
I have done the same setup as your sample application. I am using
<br>
Branch URL : <br>
f?p=&APP_ID.:&APP_PAGE_ID.:&APP_SESSION.::::::#&P1_ANCHOR.
<br>
Computation for P1_ANCHOR:<br>
case :REQUEST
WHEN 'P1_A_SCN' THEN 'P1_A_SCN'
ELSE NULL
end
<br>
Anchor Code in region header for item P1_A_SCN:<br>
< a name="P1_A_SCN">< /a >
<br>
When I use the select list it wont come back to the region where the select list P1_A_SCN is located. I checked for the value in P1_ANCHOR in the session state and it correctly shows as 'P1_A_SCN'. But the page URL after the submit does <b>not</b> show the anchor like<br>
......f?p=206:1:14418154115565883485::::::#P1_A_SCN it shows <br>
......f?p=206:1:14418154115565883485::::::
<br>
When I but the branch URL as <br>
f?p=&APP_ID.:&APP_PAGE_ID.:&APP_SESSION.::::::&P1_ANCHOR. without the '#' it shows the page URL as<br>
......f?p=206:1:14418154115565883485::::P1_A_SCN
<br>
Do you what is causing the anchor to not show up in the page URL and thereby the intra page branch to not work.
Thanks,
Swaroop -
PL/SQL URL decode function
I am looking for a pl/sql url decode function. Does not appear to be in owa_util or htp/htf. Does any one have one please?
You can use the utl_url package that provides public APIs for both encoding and recoding purposes.
-
I am in need of a URL decode function. Can not find one in owa_utl, htp or htf. Is there one available please?
Can you define "URL decode function"? Given the URL for this page
URL Decode function
what do you want the function to do?
Justin -
Policy Agent 3.0 for Tomcat - Cannot obtain Application SSO token
Hi
I am trying to configure Sun OpenSSO Enterprise Policy Agent 3.0 for Apache Tomcat Application Server 6.
After installing the Policy Agent, Tomcat is not starting.
The Error in the stack is :
=========
Jun 14, 2009 2:21:00 AM
org.apache.tomcat.util.digester.Digester startElement
SEVERE: Begin event threw error
java.lang.ExceptionInInitializerError
at
com.sun.identity.agents.arch.AgentConfiguration.bootStrapClientConfig
uration(AgentConfiguration.java:682)
Caused by:
com.sun.identity.security.AMSecurityPropertiesException:
AdminTokenAction: FATAL ERROR: Cannot obtain Application
SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at
com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:
258)
=========
There is no AMConfig.properties file. The Agent uses "OpenSSOAgentBootstrap.properties".
Is there a workaround for this issue ?
Cheers.Hi,
I have the same Problem, did you come up with a solution for it?
thanks
Matrius -
The 'Keep Flag' property -- How does it work? Why does it work?
Within my calculation views I had been encountering problems properly aggregating the measures, when certain attributes were excluded from the result set. An SAP consultant recommended setting the attributes' KeepFlag property to True; that resolved the problem, but I'm not sure why.
The help feature within HANA Studio doesn't mention the Keep Flag property. I haven't been able to find much information about this property online, either.
Exception aggregation modeling with Graphical Calc view states:"The Keep flag will always add [the specified] columns in the group by clause even if they are not selected in the query." This is a good start; however, is there any additional documentation regarding this property?Thanks, Jody. That explanation is helpful. So should Keep Flag be set to True for all of the columns that the user could potentially exclude from the result set? To illustrate: Given the following sample data:
PRODCODE LOCATION QUANTITY
12345 A 1
23456 B 10
34567 C 100
12345 A 1
If the result set excludes LOCATION, the aggregated results are incorrect; i.e.,
PRODCODE QUANTITY
12345 1
23456 10
34567 100
The second occurence of 12345 / A / 1 is inexplicably excluded. Setting LOCATION's Keep Flag property to True restores the second occurrence--resulting in the correct quantities; i.e.,
PRODCODE QUANTITY
12345 2
23456 10
34567 100
Of course, calculation views typically have many more attribute columns. Should the Keep Flag property be set to True for every one of the columns that the user could potentially exclude from the result set? -
Essbase SSO Token with OBIEE 11g
Has anyone had success is setting up SSO token security in OBIEE 11g for Essbase. I have followed the steps in the documents of 11.1.1.x and still am not getting users to authenticate against the cube I am using. When I log in as one of those users, and view the report I get a invalid user.
Hi J.A.M.
If you got this working, please can you share the steps?
Thanks! -
We are getting a 500 error on the web gates when logging in.
They have been working before, but are now reporting the error below.
2010/01/27@07:09:25.632239 18521 33 WEB ERROR 0x0000151F /export/build40/Oblix/coreid1014/palantir/commonlib/src/apache2_req_info.cpp:170 "WebGate Error Report" Message^The URL /access/sso is reserved for use by Oracle Access Manager and has been used with incorrect parameters. ReqReq^POST /access/sso HTTP/1.1 ReqProto^HTTP/1.1 ReqHost^p1uawbsv1.portal.internal ReqStatLine^ ReqStatus^200 ReqRawUri^/access/sso ReqUri^/access/sso ReqFilename^/u01/app/oracle/product/11.1.1/ohs1/instances/instance1/config/OHS/ohs1/htdocs/access ReqPath^/sso ReqArgs^
The configuration uses form based login
Details for Authentication Scheme
Level 1
Challenge Method Form
Challenge Parameter
creds:userid password
form:/oamsso/login.html
action:/access/sso
passthrough:no
SSL Required No
Challenge Redirect
Enabled Yesthanks,
the login post goes to /access/sso, but now i am getting 404 error /access/sso
Below is what I currently have the following in httpd.conf, which is the same as in a working environment.
The web gate policy resources include /portal and /public, but no mention of /access. How does web gate know how to intercept /access/sso?
[2010-01-28T10:50:42.9609+11:00] [OHS] [ERROR:32] [OHS-9999] [core.c] [host_id: p1uawbs02] [host_addr: 10.252.16.223] [tid: 18] [user: oracle] [ecid: 0000Pa_5qz3BP9s5Gj0Fyf0001rV00009_] [rid: 0] [VirtualHost: main] File does not exist: /u01/app/oracle/product/11.1.1/ohs1/instances/instance2/config/OHS/ohs1/htdocs/access
#*** BEGIN WebGate Specific ****
LoadFile "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/lib/libgcc_s.so.1"
LoadFile "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/lib/libstdc++.so.5"
LoadModule obWebgateModule "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/apps/webgate/bin/webgate.so"
WebGateInstalldir "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access"
WebGateMode PEER
<Location /access/oblix/apps/webgate/bin/webgate.cgi>
SetHandler obwebgateerr
</Location>
<Location "/oberr.cgi">
SetHandler obwebgateerr
</Location>
<LocationMatch "/*">
AuthType Oblix
require valid-user
</LocationMatch>
#*******Default Login page alias***
Alias /oamsso "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oamsso"
<LocationMatch "/oamsso/*">
Satisfy any
</LocationMatch>
#*** END WebGate Specific **** -
Identity 6.0 issues passing SSO token from JSP to web service
Hi,
Environment: Solaris 8, SunOne IS 6.0, SP1, Sun One WebServer
We're using a JSP (based on the samples) to pass an SSO token to a java based web-service (everthing is running locally on one server):
The token string resulting from calling mgr.createSSOToken is different from the value examined in the browser/JSP initial cookie and is practically useless when passed to the web-services for use as an SSO token (doesn't work and IS doesn't recognize it as a valid session/token).
Here's the code:
>>>>>>>
SSOTokenManager mgr = SSOTokenManager.getInstance();
SSOToken token;
if (request.getParameter("token") == null)
token = mgr.createSSOToken(request);
else
token = mgr.createSSOToken(request.getParameter("token"));
mgr.validateToken(token);
>>>>>>>>
What are we doing wrong?not resolved closed
-
IM Installation - FATAL ERROR: Cannot obtain Application SSO token
Hi Guys,
I am having a problem trying to install IM, I got the following error,
Registering services with Access Manager...exist exception - AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
I got the IM + DA+ AM 7.1 + AS 9.1 U2 installed in the same server with the DS 6.3 installed remotly. I installed the following components for the AM
*[X] 1. Access Manager Core Services
*[X] 2. Access Manager Administration Console
*[X] 3. Common Domain Services for Federation Management
*[X] 4. Access Manager SDK
yes, the Application server is up and running before I start the installation of IM and the access manager is working fine, do you know why I am getting this error?
p.s. i tried to set those variable in the following file (/etc/opt/SUNWam/config/AMConfig.properties) but i got the same error
com.sun.identity.agents.app.username=amadmin
com.iplanet.am.service.password=encrypted password
thanks a lot guysI give up finding the problem....i will re-install AM, these are the questions that the installer will ask, are my values ok ?
*[X] 1. Access Manager Core Services
*[X] 2. Access Manager Administration Console
*[X] 3. Common Domain Services for Federation Management
*[X] 4. Access Manager SDK
Specify Common Server Settings
Enter Host Name [convergence] {"<" goes back, "!" exits}
Enter DNS Domain Name [domain.com] {"<" goes back, "!" exits}
Enter IP Address [192.168.2.82] {"<" goes back, "!" exits}
Enter Server admin User ID [admin] {"<" goes back, "!" exits}
Enter Admin User's Password (Password cannot be less than 8 characters) []
{"<" goes back, "!" exits}
Confirm Admin User's Password [] {"<" goes back, "!" exits}
Enter System User [root] {"<" goes back, "!" exits}
Enter System Group [root] {"<" goes back, "!" exits}
Access Manager: Specify Configuration Information
Install type (Realm/Legacy) Mode [Legacy] {"<" goes back, "!" exits}:
Administrator User ID: amAdmin
Administrator Password [] {"<" goes back, "!" exits}:
Retype Password [] {"<" goes back, "!" exits}:
LDAP User ID: amldapuser
LDAP Password [] {"<" goes back, "!" exits}:
Retype Password [] {"<" goes back, "!" exits}:
Password Encryption Key [gdtrt576ythjgut7erehejr8] {"<" goes back,
"!" exits}:
Access Manager: Choose Deployment Container
1. Sun Java(TM) System Application Server
2. Sun Java(TM) System Web Server
Select the container to deploy the component and hit enter key [1] {"<" goes
back, "!" exits} 1
Access Manager: Specify Sun Java System Application Server
Installation Directory [opt/SUNWappserver/appserver] {"<" goes back, "!"
exits}: /opt/SUNWappserver
Instance Directory [var/opt/SUNWappserver/domains/domain1] {"<" goes back,
"!" exits}: /opt/SUNWappserver/domains/domain1
Access Manager Runtime Instance [server] {"<" goes back, "!" exits}:
Access Manager Instance Port [8080] {"<" goes back, "!" exits}: 80
Document Root [var/opt/SUNWappserver/domains/domain1/docroot] {"<" goes
back, "!" exits}: /opt/SUNWappserver/domains/domain1/docroot
Administrator User ID [admin] {"<" goes back, "!" exits}:
Administrator Password [] {"<" goes back, "!" exits}:
Master Password [] {"<" goes back, "!" exits}:
Administrator Port [4849] {"<" goes back, "!" exits}: 4848
Secure Server Instance Port [No] {"<" goes back, "!" exits}:
Secure Administration Server Port [Yes] {"<" goes back, "!" exits}:
Access Manager: Specify Web Container for Running Access Manager Services
Host Name [convergence.domain.com] {"<" goes back, "!" exits}:
Services Deployment URI [amserver] {"<" goes back, "!" exits}:
Common Domain Deployment URI [amcommon] {"<" goes back, "!" exits}:
Cookie Domain(Assure it is not a top level domain) [.domain.com] {"<" goes
back, "!" exits}:
Password Deployment URI [ampassword] {"<" goes back, "!" exits}:
1. HTTP
2. HTTPS
Console Protocol [1] {"<" goes back, "!" exits}:
Access Manager: Choose Access Manager Console
Administration Console [Yes] {"<" goes back, "!" exits}:
Console Deployment URI [amconsole] {"<" goes back, "!" exits}:
Access Manager: Specify Directory Server Information
Directory Server Host [] {"<" goes back, "!" exits}: mail.domain.com
Directory Server Port [389] {"<" goes back, "!" exits}:
Directory Root Suffix [dc=domain,dc=com] {"<" goes back, "!" exits}:
Directory Manager DN [cn=Directory Manager] {"<" goes back, "!" exits}:
Directory Manager Password [] {"<" goes back, "!" exits}:
Access Manager: Specify Directory Server Data
Is Directory Server provisioned with user data [No] {"<" goes back, "!"
exits}?
Ready to Install
Maybe you are looking for
-
Create an index on a huge table
hi gurus I am going to create an index on a very large table(194GB) with the temporary tablespace size is 80G. I am afraid that during the index creation the temporary tablespace is not enouth to hold the data needed to create the index,because i onl
-
Problem while creating INVOIC idoc
Dear All, I am facing a error messege while creating INVOIC(using MIRO transaction) idoc through EDI for a partner(vendor). In MIRO transaction after selecting one Item I clicked GoTo>Messege>Item Then I selected output type (Z output type) , Medium
-
Special Character Issue in Country Name Côte d'Ivoire encoding ISO-88509-1
soa suite 10.1.3.4 I am reading an xml file using file adapter. The file has encoding type ISO-88509-1 and the country name is coming as <country_name>Côte d'Ivoire</country_name>. When I see the BPEL instance, this character is converted to "C\234te
-
Hello, Thanks in advance for any and all assistance on this. In Captivate 1.0, the playbar for a SWF file was automatically embedded in the final SWF file. I'm now using Captivate 3, and while I generally enjoy having the separate skin SWF generated,
-
Hi when I add two tables in a page, in jsc, the generated javascript defines initAllRows() twice. this produces javascript errors. I think the element's name should be a parameter. function initAllRows() { var table = document.getElementById("form1