ssosdk307 can not work correctly on portal 3.0.9 (session cann't be authenticated) - Oracle Application Server Portal

i have been building some jsp application with sso integrated
using ssosdk307.(my jsp application registered as partner
application).
for the first time,my jsp application tested on portal+sso
v.3.0.8,my protected page was succesfully got authentification
from sso,
But... when i am trying on portal+sso v.3.0.9.*, my protected
page cann't be authenticated by sso,so...my application redirect
agains to sso login url (non stop looping).
What's wrong ?
Is it possible to use ssosdk on portal v.3.0.9.* ?

you should use ssosdk307_032101
it is included in the JPDK.
hope this helps.

Related

Create partnet Apps session without redirect to SSO

I have portal 10 set up with 2 portlets from applications instance say A. Now when user log s into portal (via SSO) the application session is created. That works fine. But while loggin out the application session still lingers because the partner application did not hit SSO directly. Can any one suggest a way to establish partner app session with sso with actually redirecting to SSO. I am using SSO SDk based registration. 
Could you please clarify your question! Are you calling the Partner application from the Portal or exposing it via a Portlet, in which case the Username is requested from the Portal Framework (and hence is not a partner application per-se as it has delegated to the Portal and not the SSO server directly). In this case the init session would be used to create the session for the portlet.
When accessing a partner application you are always redirected to the SSO server as it is only the SSO server that is able to read/write the SSO cookie. Hence when called from Portal you will be bounced to the SSO server which will determine your session details, this information is then passed back to the partner application as an encrypted parameter on the URL (URLC).

Retrive SSO user from JSP

I want to know if it's possible to retrieve in a JSP the user who has logged in Oracle SSO. JSP is part of an application secured by SSO through mod_osso.
Thanks.

SSO SDK and portal

Does anyone know how to setup the SSO SDK so that I can validate my JSP pages against the Portal30 application? All the examples of the SSO SDK have you setting up a partner application in your own schema. What I want is a simpler solution that directly queries the Portal application and lets me know if someone is logged into portal.
Currently the SSO SDK doesn't allow me this. It logs me in fine and validates me against th SSO server, but if I leave my JSP page and go to a Portal PAge, I am still seen as a public user.(until I click the login link). I am planning on having an application that needs to be secure, that is going to have a mix of custom JSP pages, JSP portlets, standard Portal components and Portal pages.

SSO 902 How to login users programatically ?

We need to authenticate to SSO programmatically.
Could anyone share an example of a call to login a user?
Our current JSP/Java application authenticates against OID/LDAP directly using JDNI/oracle.ldap.util API,
sets cookie, httpSession, etc, but users authenticated in this way are not part of SSO.
We then tried converting this to partner application that integrate it with SSO (portal and other applications) following JSP example from Oracle9iAS Single Sign-On Application Developer's Guide Release 2 (9.0.2)
We need to have custom login page for only this application (customizing general login page is not an option since it will impact portal and other applications). This login page needs to do some custom checking (submits userid_type instead of userid) before authenticate against SSO.
We crated custom login page - myLogin.jsp, following example from Single Sign-On admin guide.
When registering application we have set followign using wwsec_sso_enabler.create_enabler_config ...
l_login_url :=http://myserver.com:7778/sso1/myLogin.jsp';
instead of :
l_login_url :=http://myserver.com:7778/pls/orasso/orasso.wwsso_app_admin.ls_login';
If user is not authenticated, we get redirected to myLogin.jsp, but it keeps getting errors[i]Long postings are being truncated to ~1 kB at this time. 
'This page can not be called directly'
My questions are:
a) Can l_login_url pointing to custom login page ?
b) myLogin.jsp needs to submit to p_submit_url=WWSSO_APP_ADMIN.LS_LOGIN
Can this be customized to let say MY_LS_LOGIN
What are requirements for custom MY_LS_LOGIN ?
c) Is there a way to set what page to redirect to after successful login ?
d) How to programmatically logout ?
e) Does anybody have something similar working ?
(I will share my code if I get it working)
To Oracle SSO team :
It would be nice if there is published API, and how-to's for programatic login and logout, and application specific login page.
SSO is good solution, but it should be more (per application) customizable, there are many cases where vanilla SSO is not good enough.
Regards, Radomir 
Set this app up as an external app, not a partner app.

Java SSO Partner application

Hello,
I configured and deployed a Java Partner Application as specified in the demo (ssosdk902.zip). I created an OC4J container and deployed all beans and jsp pages. When I try to access papp.jsp page, it presents me with sso login page but when i try to access other jsp pages under the same container like (index.jsp), it does not ask present with a sso login page. I want to protect all JSP pages under that container. Should I change home url for the SSO Partner application?
Any help is appreciated.
Thanks.

Categories

Resources