This discussion is archived
5 Replies Latest reply: May 9, 2012 12:18 PM by 609390 RSS

4.1 SSO Integration Issue with Oracle Portal

Gaétan Francoeur Newbie
Currently Being Moderated
Hi,

In our actual Apex 3.2 environment, we have SSO linked with Oracle Portal.
We have groups in Oracle Portal and we can secure our Apex applications based on which group you're part of.

In 4.1, it doesn't work. When we add the SSO, we have the following error :
ORA-06550: line 2, column 1: PLS-00201: identifier 'WWSEC_SSO_ENABLER_PRIVATE.GENERATE_REDIRECT' must be declared ORA-06550: line 1, column 45: PL/SQL: Statement ignored 

Any idea how to resolve that problem?

Thanks.
  • 1. Re: 4.1 SSO Integration Issue with Oracle Portal
    Udo Guru
    Currently Being Moderated
    Hi Gaétan,
    In 4.1, it doesn't work. When we add the SSO, we have the following error [...]
    You could have provided some details on what exactly you did to add SSO. To start blind, it's a bunch of questions for each step you may or may not have executed correctly:
    First, it would be interesting to know if your 4.1 is a fresh install or an upgrade from the previous 3.2 you've mentioned.
    If it's the latter: Did you (re-)ran the SSO-integration steps for APEX after the upgrade?
    Either way: Do you have a separate schema "APEX_SSO" or did you install into the APEX Flows-Schema (e.g. APEX_040100)?

    You need to install needed add-ons (like SSO SDK) again to that schema and (at least to be sure) redo the grants.
    Concerning the SSO-SDK-Installation steps, the following questions aim at common mistakes:
    - Did you actually use the "custom_auth_sso_902.sql" from the APEX 4.1 installation package or could it be it has been the one you used with APEX 3.2 before?
    - Did you (re)create the public synonym for 'wwv_flow_custom_auth_sso' and did you grant execute on this object to 'APEX_PUBLIC_USER' or public?
    - Did you grant to execute 'wwsec_sso_enabler_private' for the parsing schema of your application?

    If everything seems to be in place, it would be nice to now at which point of the authentication process you receive that error...

    -Udo
  • 2. Re: 4.1 SSO Integration Issue with Oracle Portal
    Gaétan Francoeur Newbie
    Currently Being Moderated
    Hi Udo,

    I checked with our DBA :

    1. Fresh new install
    2. SSO in a separate schema
    3. SSO SDK installed
    4. custom_auth_sso_902.sql run from new install 4.1
    5. wwv_flow_custom_auth_sso granted to public
    6. wwsec_sso_enabler_private granted to execute to the parsing schema

    In Shared Components/Authentication Schemes, we chose Oracle Application Server Single Sign-on and put APEX4_SSO in the Partner Application Name.

    In our tests, the error occurs as soon as we try to run the application directly from Apex.

    Do you need more information?

    Thanks
  • 3. Re: 4.1 SSO Integration Issue with Oracle Portal
    Christian Neumueller Expert
    Currently Being Moderated
    Hi Gaétan,

    there seems to be a problem with name resolution of WWSEC_SSO_ENABLER_PRIVATE and WWSEC_ENABLER_CONFIG_INFO$. I suspect it can not be seen from the Apex schema. We have private synonyms in the APEX_040100 workspace pointing to the SSO schema. This is the recommended setup, see also doc 562807.1, section "D.4".

    Regards,
    Christian
  • 4. Re: 4.1 SSO Integration Issue with Oracle Portal
    Gaétan Francoeur Newbie
    Currently Being Moderated
    Thanks Christian, I'll send these links to our DBA.
  • 5. Re: 4.1 SSO Integration Issue with Oracle Portal
    609390 Newbie
    Currently Being Moderated
    Please see the solution from this thread:
    Single Sign-On Bug With APEX Release 4.1.0.00.32

    +"This has been identified as BUG 12973090 - SSO WITH SPECIFIED PARTNER APPLICATION NAME FAILS WITH PLS-00201+

    +Workaround:+
    +The work around is to leave the “Partner Application Name” field blank in your authentication scheme. To do this go to: Application Builder > Your Application > Shared Components > Authentication Schemes > Click the Edit Icon on your authentication scheme that uses Single Sign-On > set the “Partner Application Name blank as follows > Apply Changes."+

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points