7 Replies Latest reply on Mar 24, 2013 12:12 AM by Hussein Sawwan-Oracle

    OAM 11.1.2 integration with Ebiz 12.1.1 throws framework error on login

    985385
      I have integrated Ebiz 12.1.1 with OID 11.1.1.6 and OAM 11.1.2 and Accessgate 1.2 and webgate 11.1.2

      OID Ebiz integration works perfect - bidirectional

      But http://ebizhost:port/AppsLogin throws too many redirects in Chrome and goes into a loop in IE after giving username/pwd.

      Everything works fine in firefox but in the end of the login process, I get the following Apps framework error instead of the home page :

      There was an error processing your request. The Login/Portal Server Installation may be incomplete. Please contact your System Administrator.

      Accessgate log shows

      oracle.apps.fnd.ext.sso.FndSsoException: FND-9930
      at oracle.apps.fnd.ext.sso.FndSsoLogin.doPost(Unknown Source)
      at oracle.apps.fnd.ext.sso.FndSsoLogin.doGet(Unknown Source)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)


      There are no FND,ICX invalids

      If i make user guid null in fnd_user, and try to login usinf http://ebizhost:port/OA_HTML/AppsLogin, I get the oam login screen and after i provide oid username/pwd and press submit, the guid gets populated in fnd_user table correctly. This means that authentication happens fine but in the end i am presented with an error SSWA page instead of showing responsibilities.

      Tried autoconfig, long_running_jvm=false, setrequestcachetype as FORM in oam, session_cookie_domain = actual domain value.

      Timestamps are same across the servers.

      Tablespace usage all good.

      No errors in alert log.

      No additional errors in oacore application.log

      increased timeout values for data sources in oam and accessgate

      All deployments in accessgate is alive and health = ok

      personal home page mode = framework only

      Authentication agent profile option set correctly to http://webgatehost:webgateport/<context_root>/

      Any idea what could be the fix?

      Thanks
      Subhajit
        • 1. Re: OAM 11.1.2 integration with Ebiz 12.1.1 throws framework error on login
          Hussein Sawwan-Oracle
          But http://ebizhost:port/AppsLogin throws too many redirects in Chrome and goes into a loop in IE after giving username/pwd.
          Chrome is not a supported browser -- Recommended Browsers for Oracle E-Business Suite Release 12 [ID 389422.1]
          Everything works fine in firefox but in the end of the login process, I get the following Apps framework error instead of the home page :

          There was an error processing your request. The Login/Portal Server Installation may be incomplete. Please contact your System Administrator.

          Accessgate log shows

          oracle.apps.fnd.ext.sso.FndSsoException: FND-9930
          Please see if (Firewall BLACKOUT and JDBC connections with Oracle Applications 11i and 12 [ID 276557.1]) helps.

          Thanks,
          Hussein
          • 2. Re: OAM 11.1.2 integration with Ebiz 12.1.1 throws framework error on login
            985385
            The FND-9930 error got trapped when I used FF.
            I checked on 276557.1 already in Metalink. No firewalls configured and fnd_jdbc_usable check and sqlnet.expire_time is set correctly.

            Thanks
            Subhajit
            • 3. Re: OAM 11.1.2 integration with Ebiz 12.1.1 throws framework error on login
              EBSDBA
              Hi,

              What is the time difference between OAM server instance and web gate instance?
              Please note that All Access Servers and their corresponding WebGates must be time-synchronized.

              And also Please check

              Redirect loop is encountered when SSO is configured with Oracle Access Manager (OAM) 11g [ID 1391778.1]

              Thanks
              • 4. Re: OAM 11.1.2 integration with Ebiz 12.1.1 throws framework error on login
                985385
                Time difference is less than a minute between OAM/Ebiz/Webgate servers.
                /etc/hosts has FQDN for all 3 servers and each can ping each other with FQDN.
                Only thing is it is a single suffix domain '.com'
                Could be a Potential problem. Thanks for the pointer. I will try to check on it.

                Thanks
                Subhajit
                • 5. Re: OAM 11.1.2 integration with Ebiz 12.1.1 throws framework error on login
                  Mzshaw-Oracle
                  I would recommend to raise SR with Oracle Support, as the investigations could get quite complex and specific to your environment

                  My initial thought would be to re-review "Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR2 (11.1.2) using Oracle E-Business Suite AccessGate" (Doc ID 1484024.1) and confirm that all the right hostname/ports have been used in the right places, as it is easy to mix up what is required at the different stages


                  Next would suggest to test your OAM setup using the Oracle Access Manager tester tool

                  Review "Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service 11g Release 1 (11.1.1)" (http://docs.oracle.com/cd/E21764_01/doc.1111/e15478/tester.htm#CACBEJDC) details of installing and using this tool

                  a. Test the protected resource URL

                  /ebsauth_[instance]/

                  where [instance] is the name of your Oracle E-Business Suite instance/

                  Enter Username and Password and select both the "Authenticate" and "Authorize" buttons

                  b. Save the status messages to a file and upload this (Disk icon at the bottom of the screen)

                  c. Also use the "save configuration" button (at the top of the screen) and upload the resulting configuration XML file (Remove the password from this file before uploading)

                  If the above does not work, then the issue is not eBiz specific so need to review the OAM/Webgate setup for sure


                  Hope that sets you on the right path

                  regards

                  Mike I would recommend to raise SR with Oracle Support, as the investigations could get quite complex and specific to your environment

                  My initial thought would be to re-review "Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR2 (11.1.2) using Oracle E-Business Suite AccessGate" (Doc ID 1484024.1) and confirm that all the right hostname/ports have been used in the right places, as it is easy to mix up what is required at the different stages


                  Next would suggest to test your OAM setup using the Oracle Access Manager tester tool

                  Review "Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service 11g Release 1 (11.1.1)" (http://docs.oracle.com/cd/E21764_01/doc.1111/e15478/tester.htm#CACBEJDC) details of installing and using this tool

                  a. Test the protected resource URL

                  /ebsauth_[instance]/

                  where [instance] is the name of your Oracle E-Business Suite instance/

                  Enter Username and Password and select both the "Authenticate" and "Authorize" buttons

                  b. Save the status messages to a file and upload this (Disk icon at the bottom of the screen)

                  c. Also use the "save configuration" button (at the top of the screen) and upload the resulting configuration XML file (Remove the password from this file before uploading)

                  If the above does not work, then the issue is not eBiz specific so need to review the OAM/Webgate setup for sure


                  Hope that sets you on the right path

                  regards

                  Mike
                  • 6. Re: OAM 11.1.2 integration with Ebiz 12.1.1 throws framework error on login
                    985385
                    I can see the following metalink notes have been released. Hope it helps.

                    Applications Login Using OAM Fails with 'The Login/Portal Server Installation may be incomplete' Caused by 'java.sql.SQLException: ORA-01465: invalid hex number' [ID 1538812.1]
                    OAM 11g does not send authorization responses to downstream application. [ID 1376402.1]

                    Thanks
                    Subhajit
                    • 7. Re: OAM 11.1.2 integration with Ebiz 12.1.1 throws framework error on login
                      Hussein Sawwan-Oracle
                      Subhajit C wrote:
                      I can see the following metalink notes have been released. Hope it helps.

                      Applications Login Using OAM Fails with 'The Login/Portal Server Installation may be incomplete' Caused by 'java.sql.SQLException: ORA-01465: invalid hex number' [ID 1538812.1]
                      OAM 11g does not send authorization responses to downstream application. [ID 1376402.1]

                      Thanks
                      Subhajit
                      Thanks for the update!

                      Regards,
                      Hussein