Leave a Comment:
16 comments
Hi, I cannot even get R12 to redirect to the OAMLogin.jsp page, after following EBS:R12- OID/OAM Integration eBook (excellent book). I can see from LiveHTTP Headers that R12 mid tier issues redirect to ebsauth_xxxxx/ssologin and OHS gives 404 page not found to that. What is this ssologin resource? Is it some intermediate redirect prior to OAMLogin.jsp? Thanks for any help.
Reply@ oamadminuser,
Glad that you liked the book and finding it useful.
For your issue, please confirm that profile options are set as defined in book and middle tier bounced after that.
What is value of application authentication agent in EBS ?
Is EBS Access Gate application up and running ?
If you don’t know how to check this please drop a mail to ebook [at] onlineappsdba.com using ID from which you used to pay and our team should be able to help you.
ReplyHi Atul, I’ve actually cross-posted this in http://onlineappsdba.com/index.php/2011/01/10/part-ix-install-oam-agent-11g-webgate-with-oam-11g/#comment-169158. Sorry about that.
EBIS R12 database SID=XXXX
OHS with webgate host = YYYY
Application Authentication Agent profile option is http://YYYY.domain.com:7777/ebsauth_XXXX/
I’ve also emailed your ebook address.
Thanks.
Reply@ OAMADMINUSER,
When you access EBS it should redirect to login page like http://YYYY.domain.com:7777/ebsauth_XXXX/yyyy , as this page (/ebsauth_XXXX/yyyy) is protected in OAM , it should redirect to Authentication Page http://YYYY.domain.com:7777/ebsauth_XXXX/OAMLogin.jsp
If you don’t see this longin page then verify that /ebsauth_XXXX/OAMLogin.jsp is public and you can access it by typing URL http://YYYY.domain.com:7777/ebsauth_XXXX/OAMLogin.jsp
If you can’t access this page then check under deployments (from OAM console) that state of this application is active. Also check managed server logs (server on which AccessGate apps is deployed) for any errors.
Log should be in $DOMAIN_HOME/servers//logs/
ReplyHi Atul, Yes the http://YYYY.domain.com:7777/ebsauth_XXXX/OAMLogin.jsp *does* appear in a browser when the url is typed in manually, even though the weblogic console shows deployment ebsauth_XXXX is in state “prepared”, not Active.
So I re-deployed as ant -f txkEBSAuth.xml deployApplication … same parameters … Now ebsauth_XXXX is “Active”. But, user still gets HTTP 404 in AppsLogin.
From HTTP headers I can see that E-Bis mid tier is redirecting to /ebsauth_XXXX/ssologin and then oam_server1-diagnostic.log gets “result DENY”:
privilege OAM11gApplication!GET resource //app/policy/OAM11gApplication/HTTP/..long string..%COLON%%2Febsauth_XXXX%2Fssologin result DENY
I don’t know what is this /ssologin; perhaps it should be defined as a protected resource (not a documented step anywhere) and see what happens.
Also, when we try to login manually as ASADMIN to OAMLogin.jsp, get messages like,
OAMSSA-14003: Policy Runtime failed.
OAMSSA-06191: The runtime request contains no resource.
Very much appreciated yr comments.
Reply@ oamadmin,
What happens when you activate application ?
Can access gate contact EBS database ?
Check logs of server on which Accessgate is deployed to find if there is any error
ReplyHi Atul! After adding /ebsauth_XXXX/ssologin as a protected resource through the oamconsole, user login does get redirected to OAMLogin.jsp! Then entering the credentials of a user in OID that is linked to fnd_user gives the R12 homepage – so it’s working. Even the logout works (goes back to OAMLOgin.jsp)
I don’t see this step documented anywhere, so it may just be a fix for something unique in my environment, but it definitely made it work straight away.
About the app activation: ebsauth_XXXX changes to “Prepared” every time weblogic managed and admin servers are bounced. I have to redeploy to get it Active again. But before declaring ssologin as “protected”, user logins were not getting redirected to OAMLogin.jsp.
Very much appreciate all your help and suggestions!
Reply@ oamadminuser,
Do you have a resource like /ebsauth_XXXX and /ebsauth_XXXX/…/* ?
(Second one i.e. * should cover /ebsauth_XXXX/ssologin as well)
Q: About the app activation: ebsauth_XXXX changes to “Prepared” :
AK: It should change state to ACTIVE, Check if there is any error message in managed/admin server on which EBSAccessGate is deployed.
Hi Atul / Neha
I did buy your book 2nd Edition Beta) and did like it a lot. It just makes first stab at the product very easy and comfortable.
I have successfully been able to get the login page for everything I expect , Access tester is also shows everything is fine.
Problem is after I login, it keeps looping back to Login page, So for any resource or EBS Login, I cannot go past login page, it gets sent back to login page as soon as I click “Login”
Is there anything else being called which should have been public and not protected and thus keeps sending me back to login??
Thanks
IK
@ irfankhan, Good to hear that you liked the eBook. Could you please enable debug in AccessGate .
I am pasting content from book
ant -f txkEBSAuth.xml \
-Dwlshosturl=innowave12.com:7001 \
-Dwlsuser=weblogic \
.
.
.
-DlogConfigfile=/u02/oracle/oam/appsutil/accessgate/prdr12/sample/LogConfig.properties
Once done , restart everything and reproduce error then check log file mentioned in LogConfig.properties
ReplyHi Atul,
Integrated IDAM 11.1.1.5.0 with EBS r12 the sso was working fine but suddenly throwing error while accessing it Unable to redirect to sso login page. while accesing ebs sso loging page throwing following error
Error 500–Internal Server Error
java.lang.NoSuchMethodError: oracle.apps.fnd.ext.common.EBiz.getConnection()Ljava/sql/Connection;
at oracle.apps.fnd.ext.common.server.EBizHelper.getEBizInstance(Unknown Source)
at jsp_servlet.__oamlogin._jspService(__oamlogin.java:321)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178
Can you please help me how to resolve, where to check any pointers.
Thanks in advance…
“
ReplyHi Atul,
Please help me how to resolve the above issue as its critical for us.
Thanks
ReplyHi Atul,
I have integrated OAM11gr1 with EBS12.1.3 but while testing it redirect to custom login page but after entering the redential it redirect to OAM system error page.
Checked the oam server log –
Caused by: AuthorizationException: OAMSSA-14003: Policy runtime failed
oracle.security.am.common.policy.runtime.PolicyEvaluationException: OAMSSA-06191: The runtime request contains no resource.
I do not find any error in access gate server log.
Please help me to identity what could be wrong ?
Thanks
Reply@oamadminuser
@santosh
Please verify if the browser is configured to allow cookies.
The WebGate sets a cookie with the target resource. If it fails to set the cookie e.g. because the browser does not allow cookies you end up with OAMSSA-06191.
Regards
Oliver
@ oamadminuser
@santosh
As oliver mentioned this could be either cookies allowed in browser or
– User end dated in EBS or disabled
– Unable to retireive GUID from user session (created by OAM)
– Unable to contact EBS database after OAM authentication to get an assertion from EBS for user authenticated via OAM
Hi all,
I have a doubt I can’t figure on the book. EBS-OID integration should work after registering EBS with IAs and OID, or it begins working after profile options are configured at site/user level?
After synchronization, does existing EBS users be created on OID or I have to make a first load plan?
Thanks.
Reply