Web service functions in SSO without username and password

Similar Messages

• SOAP URL without username and password

  Hello Everyone,
  its a synchronous SOAP - PI -ECC scenario .
  I have created HTTP URL through sender agreement in integration for testing.
  However, customer now wants HTTPS URL without Username and password in  production URL. How do i create this .
  Regards,
  Ravi

  Hello,
  However, customer now wants HTTPS URL without Username and password in production URL. How do i create this .
  You can disable basic authentication for the sender SOAP Adapter by following William's reply in this thread
  http://forums.sdn.sap.com/thread.jspa?threadID=236507
  However, the authentication will be disabled for all SOAP Sender, so you should weigh-in the impacts of granting that request.
  Hope this helps,
  Mark
  Edited by: Mark Dihiansan on Feb 13, 2012 3:51 AM

• DAD without username and password

  I create a DAD without username and password.
  I want to pass this parameters when I call my page login.
  How can I do this?
  Thanks.

  Maybe the Oracle Application Express (APEX) guys know more about it ..

• Connecting Using SSL Authentication Without Username and Password

  Hi,
  We're on RedHat Linux 4.0 using 10.2.0.3 (server/client). We're trying to figure out a way to connect to the database using instantclient and JDBC-OCI and SSL authentication without using a username or password. According to the documentation this should be possible but no sample code is given.
  LD_LIBRARY_PATH is set /opt/app/oracle/product/10.2.0/db_1/lib:/usr/lib:/home/oracle/instantclient where the instantclient was installed from the 10.2.0.1 client software
  and we are using JDK version 1.6.0_03.
  We're also referencing the following paper:
  http://www.oracle.com/technology/tech/java/sqlj_jdbc/pdf/wp-oracle-jdbc_thin_ssl_2007.pdf
  We've got our client and server wallets configured and the sample code we tried looks like this:
  import java.sql.*;
  import java.sql.*;
  import java.io.*;
  import java.util.*;
  import oracle.net.ns.*;
  import oracle.net.ano.*;
  import oracle.jdbc.*;
  import oracle.jdbc.pool.*;
  import java.security.*;
  import oracle.jdbc.pool.OracleDataSource;
  public static void main(String[] argv) throws Exception {
  DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
  Security.addProvider(new oracle.security.pki.OraclePKIProvider());
  System.setProperty("oracle.net.tns_admin", "/opt/app/oracle/product/10.2.0/db_1/network/admin");
  String url = "jdbc:oracle:thin:@orcl";
  java.util.Properties props = new java.util.Properties();
  props.setProperty("oracle.net.authentication_services","(TCPS)");
  props.setProperty("javax.net.ssl.trustStore",
  "/opt/app/oracle/product/10.2.0/db_1/admin/wallet/server/cwallet.sso");
  props.setProperty("javax.net.ssl.trustStoreType","SSO");
  props.setProperty("javax.net.ssl.keyStore", "/opt/app/oracle/product/10.2.0/db_1/admin/wallet/client/cwallet.sso");
  props.setProperty("javax.net.ssl.keyStoreType","SSO");
  props.put ("oracle.net.ssl_version","3.0");
  props.put ("oracle.net.wallet_location", "(SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=/opt/app/oracle/product/10.2.0/db_1/admin/wallet/client)))");
  System.out.println("At Here...");
  OracleDataSource ods = new OracleDataSource();
  //ods.setUser("scott");
  //ods.setPassword("tiger");
  ods.setURL(url);
  ods.setConnectionProperties(props);
  System.out.println("At Here1...");
  Connection conn = ods.getConnection();
  System.out.println("At Here2...");
  Statement stmt = conn.createStatement();
  ResultSet rset = stmt.executeQuery("select 'Hello Thin driver SSL "
  + "tester ' from dual");
  while (rset.next())
  System.out.println(rset.getString(1));
  rset.close();
  stmt.close();
  conn.close();
  When this code is compiled and run, the following error is thrown:
  Exception in thread "main" java.sql.SQLException: invalid arguments in call
  at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
  If a username and password is supplied, the code works. So does anyone have a working of using SSL to authenticate without supplying username/password?
  Thanks
  mohammed

  Hi,
  I just solved this. I noticed from another thread that I was not using the OCI driver (see below):
  String url = "jdbc:oracle:thin:@pki14";
  Once I changed it to:
  String url = "jdbc:oracle:oci:@pki14";
  The code worked perfectly. One more setting that you'll have to do is to create the user you want to connect as externally:
  create user scott identified externally as
  'CN=acme, OU=development, O=acme, C=US';
  grant connect,create session to scott;
  Note that the DN should be the same as the SSL certificate that you created in your wallet.
  hth
  mohammed

• Web reports prompts me to input username and password in bw

  Hi all.
    When I access web reports from bw.
    It will open a IE, then go to one url ( which is located in ITS ), and IE prompts me to input a valid username and password.
    Its very strange, because I have already logged on that BW.
    Is it possible to avoid this prompt ?

  Gu,
  Can you give us the URLs that you are using , is it that the URLs are different ?
  The URL is usually
  http://<yourserver>:port/sap......
  assuming that the URLs are
  URL 1 ( which is currently opening in IE )
  http://<yourserver1>:port/sap......
  URL 2 ( for which the login is being asked for)
  http://<yourserver2>:port/sap......
  if yourserver1 and yourserver2 are different , then a logon is required.
  Hope it helps..
  Arun
  Assign points if useful

• Imqcmd without username and password everytime ...

  hi *,
  does anyone knoe how to use imqcmd without having to type username and password everytime?
  when i do imqcmd -help i amgetting the following hint:
     -passfile       : Specify a file containing the administrator password.but i cant find anywhere (in sun documentation) how this pwd file must be structured.
  regards chris
  Edited by: cbrennsteiner on Oct 6, 2008 11:01 AM

  There is a sample password file (password.sample) in the /etc directory. Depending on your install that is in:
  <MQ_HOME>/etc
  or
  /etc/imq

• Accessing a web service defined in XI with login and password

  Hello,
  I've configured a web service on XI and made it available. I want to use it from a NWDS portal object. Accessing the page needs authentication.
  If I use XMLSpy to make a request I get an enter user login/password screen. But I don't know where i should  tell the login and password in my NWDS request.
  I tried to add the stuff in the url like this http://user:pass@host:port/... without success
  Does anyone know what is to be made in order to let me access my web service ?
  In NDWS I get my service ...
  (Service) myservice = PortalRuntime.getRuntimeResources().getService("MY/Service");
  MyResult myResult = myservice.makeRequest()
  Thx,
  mejj

  Check out
  http://hcc.musc.edu/research/shared_resources/xml_complex_types_to_cf_structure_notes.cfm
  The last part of that link is .cfm - not sure why its getting
  cut off.

• Connection string without username and password

  Hi,
  I need to use DriverManager.getConnection() to connect to sql2000 use only dsn name; no user name and password allowed.
  how do I do it?

  the main reason is we do not want to put password as clear text on the java code. the customer does not want to put the password at registry either.
  Is there a way that we can store the password on the client side and just use the dsn name to connect to sql server?Still doesn't explain the problem.
  As I already said, there are only two ways to connect to MS SQL Server, with a user/pwd or via windows authentication.
  So if you must use the first then you must have a user/pwd somewhere. In that case it doesn't matter what the user wants unless they want to convince Microsoft to re-engineer MS SQL Server.
  Windows authentication should solve the problem but you do need a windows user then. And you must use a driver that supports windows authentication.
  If you must use the usr/pwd then the solution is to encrypt or other obfuscate the actual password. One way is to use an encrypted configuration file which contains the user and password. Then your application loads the file, decrypts it and extracts the values at run time. You will need to provide a separate encryption tool to create the file in the first place.

• Web service username and password problems

  Hi,
  I am trying to create a client to consume webservices exposed on a secure .net platform that is SSL protected (https).
  I am using netbeans 6 with WSIT support. When I create the web service and add the WSDL file - it comes up with the certificate that I then approve, but then just displays a IO Exception. When I access the WSDL through a browser, it requests a username and password (which I supply) and it works fine.
  I've tried on Netbeans 5.5 but with no luck - it asks for a username and password (at least) but doesn't accept them.
  How can I connect to an https web service that requires a LDAP username and password?
  Thanks,
  Brendan

  I'm guessing that you are trying to call an EBS API and are using FND_WEB_SEC to test that the user account is valid in FND_USER first before executing the API call. In that instance, you'll likely need to use the Oracle Applications Adapter for EBS if you want to authenticate the user through FND_USER.
  If you've not purchased that adapter, you could use a simple BPEL process, with a regular database adapter to firstly call the FND_WEB_SEC package to authenticate. Pass the response from eBS into a bpel variable, add a bpel switch based on the outcome of that variable either execute the API call or  throw an authentication error if the call failed.
  You can wrap all this up into one web service that then calls this bpel process, taking the username and password as as input parameters.
  Phil

• Default username and password Oracle Hyperion workspace/shared services

  Hi Friends,
  I had installed Install Oracle Hyperion Planning, Fusion Edition Release 11.1.1.3.0 (foundation services and planning)
  but i am unable to login to workspace,shared services
  what is the default username and password for these.Please let me know?
  Regards,
  DB

  Hi,
  Default Admin user is: admin and default PW: password.
  If you have not yet changed.
  Thanks
  Focusthread Hyperion Trainer
  [http://focusthread.com/training]

• Avoid using Username and password in SOAP Envelope

  Hi Team
  I am working on calling the sercured web-service from PLSQL and able to call it successfully and get the response.
  In the SOAP envelope, I have header and body.
  Header contains the WS Security which includes username and password to authenticate the web-service and body contains the actual input pay load for service.
  Currently, header has username and password as 'hard-coded', is there a way to avoid the usage of username and password.
  We already tried to SIF for EBS methodology where in following steps are done:
  1) Create and event in EBS.
  2) Pass the event along with payload to SOA.
  3) SOA receives the event and triggers web-service and gets the response.
  4) Pass the response to EBS.
  This technique does avoid usage of username and password but takes 20 seconds to do the job. However, the appraoch above takes hardly 1 second.
  Please let me know in case any one has any idea on how to avoid credentials usage in SOAP envelope.
  Thanks
  Mirza Tanzeel

  How about doing away with that approach entirely?
  Password authentication requires one to keep a secret, secret. And that is the primary problem as how does one safely guard the secret, and manage the secret (by regularly changing)?
  Relying on secrets is a problem. I have never been a fan of password based security.
  Instead:
  a) use HTTPS to secure communication between sender and receiver
  b) use robust firewall rules to ensure that only sender is allowed to communicate with receiver
  c) implement sound network management and exception reporting (to detect and prevent violations on network infrastructure level)
  If you lack in the network infrastructure and administration areas, then:
  a) make the web service endpoint on server on localhost only (do not expose it to the outside world)
  b) establish a trusted ssh connection between sender and receiver using strongly encrypted RSA/DSA keys
  c) configure sender with a service that opens a reverse tunnel to target, exposing the web service as a local port on its localhost

• How to configure JMS-Server to use username and password

  Hi
  Maybe this is a real stupid question, but please help me, I'm not very experienced using JMS:
  I'm using JMS (provided by OC4J / Application Server 10.1.3). I configured a ConnectionFactory (without username and password) and a Queue and there is also a application, which successfully opens the JMS-Connections.
  This works well as long as I do not provide a username und password in the ConnectionFactory (EnterpriseManager: OC4J/Admin/Services/JMS-provider...). If I do this, my application terminates with the following stacktrace:
  javax.jms.JMSSecurityException: JMSServer[aplora2:12602]: failed to authenticate "myuser/mypassword", no such user.
       at com.evermind.server.jms.JMSUtils.make(JMSUtils.java:1034)
       at com.evermind.server.jms.JMSUtils.toJMSSecurityException(JMSUtils.java:1090)
       at com.evermind.server.jms.JMSServer.getJMSServer(JMSServer.java:1237)
       at com.evermind.server.jms.JMSServer.getJMSServer(JMSServer.java:1213)
       at com.evermind.server.jms.InContainerProxy.getJMSServer(InContainerProxy.java:93)
       at com.evermind.server.jms.EvermindConnection.<init>(EvermindConnection.java:103)
       at com.evermind.server.jms.EvermindQueueConnection.<init>(EvermindQueueConnection.java:62)
       at com.evermind.server.jms.EvermindQueueConnectionFactory.unprivileged_createQueueConnection(EvermindQueueConnectionFactory.java:98)
       at com.evermind.server.jms.EvermindQueueConnectionFactory.access$000(EvermindQueueConnectionFactory.java:42)
       at com.evermind.server.jms.EvermindQueueConnectionFactory$1.execute(EvermindQueueConnectionFactory.java:78)
       at com.evermind.server.jms.InContainerProxy.doSecureOp(InContainerProxy.java:157)
       at com.evermind.server.jms.EvermindQueueConnectionFactory.createQueueConnection(EvermindQueueConnectionFactory.java:75)
       at com.evermind.server.jms.EvermindQueueConnectionFactory.createQueueConnection(EvermindQueueConnectionFactory.java:66)
       at sam.model.messages.MessageManager.<init>(MessageManager.java:74)
  where "myuser" and "mypassword" are the username and password I entered in the ConnectionFactory. (My Application certainly uses the same username and password)
  I expected, that by entering username and password here I would configure my Queue to be protected by them. But obviously there are some very basic things I didn't understand. Can anyone give me a hint, how I can protect the (OC4J-) JMS-Server or the Queue by username and password?
  Thanks for your help
  Frank Brandstetter

  Hey Frank -
  Assuming you've set up users in the "Security Manager" for your application, you can specify what JNDI resources they can "read" (and thus also connect to) via the orion-application.xml file. Look at the following snippet from the orion-application.xml file:
       <namespace-access>
  <read-access>
  <namespace-resource root="jms/firstQueue">
  <security-role-mapping impliesAll="false" name="jmsSecurity">
  <user name="scooter"/>
  </security-role-mapping>
  </namespace-resource>
  </read-access>
  <read-access>
  <namespace-resource root="delme">
  <security-role-mapping impliesAll="false" name="jmsSecurity">
  <group name="messagingUsers"/>
  </security-role-mapping>
  </namespace-resource>
  </read-access>
  </namespace-access>
  This would say that only the user "scooter" that you've set up would have access to the Queue whose JNDI name begins with jms/firstQueue. Anyone you've set up and added to a messagingUsers group would have access to any Queues whose JNDI name begins with "delme". (I'm honestly not sure what exactly this line does: <security-role-mapping impliesAll="false" name="jmsSecurity">)
  This is the only way I've found to limit access to a particular Queue.
  HTH.
  Scott

• I'm being asked for a password with the following statement: The proxy moz-proxy://192.168.30.5:800 is requesting a username and password. The site says: "moz-proxy://192.168.30.5:800"

  Here's an example of what happens when I cancel the username and password request:
  ERROR: Cache Access Denied
  Sorry, you are not currently allowed to request:
  http://cben.net/?
  from this cache because your username and password are incorrect or your user group does not have permission to web browse. Please check your username and password. They are case sensitive so make sure Caps Lock is not on.
  This happens 100% of the time.

  I have the same problem. It ask for all elements that proxt detects ("NetworkError: 407 Proxy Authentication Required").
  Solution "No proxy" not works because i aslo require internet.
  I have version 10.0.2 on windwos XP, and this happens to me since I update it. On chrome and ie works without prompt.
  I upload and example, this page calls facebooks elements (i can't acces facebook) and others, for each element prompt proxy is shown.

• How do I pass username and password to the Citrix client via netlet

  I have managed to call a Citrix managed application from the portal via netlet (via InitialProgram within citrix_start.html) - thankyou William Geurts.
  How do I use the Portal's single sign-on functionality to pass the username and password through to Citrix via netlet?

  Hi,
  This can be done by writing a small application that will pull session/user info from Portal and then pass it on to another app as needed.
  Thanks,
  Raj_indts
  Developer Technical Support
  Sun Microsystems
  http://www.sun.com/developers/support

• How-to access username and password protected Java EE Web services from ADF

  The title of this post is exactly the same as this article by Frank Nimphius:
  http://www.oracle.com/technology/products/jdev/howtos/1013/protectedws/access_protected_web_services_from_adf.htm
  The article addresses the problem of securing web services using usernames and passwords, when those web services are accessed through a proxy or a data control. In the examples, the user names and passwords are specified, whether in the code or the definition of data controls. (SKING/SKING).
  In a very common scenario, users login to reach a page, for example, A.jspx, which contains a button that calls a web service, for example displayDate. Suppose that user has logged in by username/pass of (AHUNOLD/AHUNOLD) and AHUNOLD has access to the service and the page. Is there any way to pass the logged in user name and password to the webservice ? Of course we can hard-code the username in the data control definition or proxy code, but this is just one of the thousands of users who have access to the service and the authentication is not dynamic this way.
  Hope my question is clear. Wishing you all a great Christmas.
  Farbod

  Hi Frank, and happy new year.
  Are you implying that it couldn't be done declaratively? What is your suggestion for this problem? You know the problem... As I described:
  - I need to secure my web services, so when exposed, no one from inside network or the internet, can access the web service without proper permission
  - The web services are shown as web controls on jspx pages. The user has logged in before reaching the page. It is irrelevant to ask him to enter user name and password again.
  - I have user names, passwords and roles in Oracle Internet Directory (Identity Management). It provides some APIs and I can retrieve the usernames and attempt logging in programmically. But how can I get username and password from the session in ADF application?
  I guess using SAML or certificate could be the solution, but I have a problem with SAML, described here:
  Re: Webservices Security, SAML, and Identity Management (OID)
  Best Regards,
  Farbod