2 Replies Latest reply on Sep 11, 2015 9:27 AM by D.C

    ORDS (NO APEX)   TOMCAT   Active Directory-SSO + OAUTH2

    D.C

      Hi ORDS experts.

       

      I really hope someone may be able to assist.

       

      I have an ORDS 3.01 installation on Windows Server 2012 running as a tomcat 7 webapp.

      I have some services protected by OAUTH2.

       

      ORDS + Standalone User Database login = Perfectly works (json document returned) .

      ORDS + Tomcat Users.xml = Perfectly Works (json document returned).

      When I use ORDS + Waffle (negotiate) to access ORDS services, I get the standard ORDS 401 unauthorised page..

       

      Tomcat is definately authenticating correctly and accessing with authenticated user.

      The logs are showing full negotiate token access.

      I am wondering whether ORDS is having a problem with a DOMAIN prefixed username?

       

      I cannot seem to find much information on how to set up ORDS with AD SSO on tomcat, so not sure how people have done it out there...

       

      From the localhost access log:

      10.141.203.129 - testuser1 [10/Sep/2015:18:12:39 +0100] "GET /ords/service1/ HTTP/1.1" 200 418 -- WORKS

      10.141.203.129 - DOMAIN\userxxx [10/Sep/2015:18:19:51 +0100] "GET /ords/service1/ HTTP/1.1" 401 11574  -- FAILS