5 Replies Latest reply: Jan 5, 2011 10:14 AM by 828758 RSS

    IAS 10.1.3.1 oc4j java application and SSO with Identity Management

    424825
      Hello,

      I've the following problem:

      I've deployed a java application on OC4J on a ias 10.1.3.1 server, and I configured the OC4J and the application for the SSO with identity management on another server.

      But when i call the application link via browser I obtain Internal Server error

      and in error log og of IAS Apache I get the following error:

      mod_oc4j: Response status=499 and reason=Oracle SSO, but failed to get mod_osso global context.
      mod_oc4j: request to OC4J alexander.amm.unibs.it:12501 failed: unknown


      what means "failed to get mod_osso global context"

      I think I've done all:

      associate the OC4J with idm server
      associate the application to the idm server with SSO enabling

      I've created the external application on the idm server for the SSO

      What could be the problem?
        • 1. Re: IAS 10.1.3.1 oc4j java application and SSO with Identity Management
          306937
          This error typically happens when mod_osso isn't included in the httpd.conf

          Did you register SSO using the registration tool?

          http://download-west.oracle.com/docs/cd/B31017_01/web.1013/b28957/configldap.htm#BEHCGHHF

          Can you verify mod_osso.conf is configured correctly?

          Stop infra http server.
          Take backup of \Apache\Apache\conf\httpd.conf file.
          Open the file and search for mod_osso.conf,you will find something like,

          # include "\Apache\Apache\conf\mod_osso.conf"

          This shows that mod_osso.conf has not been included because of the comment in front. Remove comment ( # ) and save the file

          include "\Apache\Apache\conf\mod_osso.conf"

          Reboot the machine, start all the services and check.
          • 2. Re: IAS 10.1.3.1 oc4j java application and SSO with Identity Management
            424825
            You're right.

            I've forgot to run the osso1013 script on the ias 10.1.3. server for update httpd.conf and mod_osso.conf

            Thanks!
            • 3. Re: IAS 10.1.3.1 oc4j java application and SSO with Identity Management
              640865
              Hi,

              I'm having the same problem, but I'm not able to fix it.
              I've Deployed OracleRetailWorkspace, that is a web application on Webcentersuite.

              When I try to acces the page, i got the mod_osso error. I've tried to follow the procedure registering the application using the ssoreg.sh script and using as parameters:

              -oracle_home_path ORACLE_HOME (of the Infrastructure installation)
              -site_name name localhost.localdomain
              -config_mod_osso TRUE
              -mod_osso_url http://localhost.localdomain:7777
              -remote_midtier
              -config_file path output_destination

              then i used the osso1013 path/osso.conf script exactly as specified in the link you posted.

              As result, I have the login paige of sso when I try to acces, but using the "orcladmin" and password credential, I'm not able to enter.

              Any Idea?

              Thanks a lot

              Claudio
              • 4. Re: IAS 10.1.3.1 oc4j java application and SSO with Identity Management
                user12174142
                Hi,

                To answer to our question, I prefer to summarize all operations to proceed to have a partner applications authentified by distant OID

                First, OID part :
                - Connect to the host of your OID & set your OS variables to use the ORACLE_HOME of your OID ( run oraenv & input the ORACLE_SID of our OID )
                - Generate the osso file :
                cd $ORACLE_HOME/sso/bin
                $ORACLE_HOME/sso/bin/ssoreg.sh -oracle_home_path $ORACLE_HOME -config_mod_osso TRUE -site_name SITENAME -remote_midtier -config_file OSSO_FILE.conf -mod_osso_url http://SITENAME
                with :
                SITENAME = hostname or virtualhost or reverse proxy entry
                OSSO_FILE = PATH & osso file

                Second, Apps part :
                - Connect to our host(s) where iAS is installed which has/have to be partner applications authentified by distant OID above
                - Copy OSSO_FILE from OID server to all hosts which has/have to be partner applications authentified by distant OID above in $OH/Apache/Apache/conf/osso, for instance
                - Update mod_osso.conf with all your locations ( applications mapping of OC4J instances ), for instance :
                <Location /APPS_MAPPING>
                require valid-user
                AuthType Basic
                Header unset Cache-Control
                </Location>

                Third, osso13 :
                - run the executable to update httpd.conf & mod_osso.conf
                AL> Beware, on unix, bug 5099452 ... You HAVE TO set the following unix variable BEFORE to run osso13
                export PERL5LIB=$ORACLE_HOME/perl/lib/5.8.3:$ORACLE_HOME/perl/lib/5.8.3/sun4-solaris-thread-multi

                Fourth, Enterprise Manager :
                - For each ORACLE_HOME installed,
                > Go to our OC4J_Instance which has to be partner apps
                > Administration
                > In Security Section, choose Identity Management
                > Configure
                > Oracle Internet Directory Host     : hostname or virtual host of the OID above
                > Oracle Internet Directory User DN : cn=orcladmin
                > Password : password of orcladmin of the OID above
                > Port : Port of your OID services

                FULL RESTART of your HTTP server apps & our OC4J instances to consider the configuration

                AL> Our apps is now authentified by distant OID

                Report Oracle docs even if there are not easy to find ;) ... And bug is a complement to the Oracle doc

                Antoine LIBLIN
                • 5. Re: IAS 10.1.3.1 oc4j java application and SSO with Identity Management
                  828758
                  Hey Cloudio,

                  Did you manage to get your Retail Workspace running? I'm facing a similar problem, could you help me out with the detailed solution.
                  my email id is joelgfernandes@gmail.com.


                  Thanks,
                  Joel