cancel
Showing results for 
Search instead for 
Did you mean: 

SSO between SAP Portal and Oracle APEX application

Former Member
0 Kudos

Hi All,

We have a requirement where in we need to achieve SSO between SAP Portal and Oracle apex application.

Both the applications are using the same userid's.

Can you pls share your expertise on this.

regards

Bharat

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi all,

Can you please let me know if it can achieved via URL iview and user mapping if the number of users are less.

If i create a http system in system admin and user mapp the userid of the oracle apex application towards a portal user in user admin and then create a url iview of the application by passing the parameters (mapped user and mapped password).

But i wouldlike to know the naming convention of the username and password to be given as parameters in url iview . Does it has to be taken from oracle application.

Please let me know this workaround easy solution for SSO.

regards

Bharat

Former Member
0 Kudos

Hi Bharath,

Yes this is an option, so long as the APEX application supports basic authentication (e.g. passing a username and password, using either a HTTP POST or GET). I would recommend that you also make sure you use SSL to protect the user credentials in transit over the network.

As you state there are some annoying management overheads associated with this approach such as users having to maintain a mapping (password change on the APEX side means they have to update their mapping and may no longer remember their old password since they haven't used it since the created the mapping to start with), this may result in quite a few "password reset" calls to the help desk!

I have used this method before and wrote a bit of logic to check if the target site returned a valid login or not and if not redirected the user to update their mapping with their new password.

I hope this helps,
Simon

Former Member
0 Kudos

Hi ,

As a work around i am trying to integrate SAP Portal with the oracle apex  application via an URL iview.

1. I create a HTTP system in System admin and gave the oracle application url.

2. Then i create a url iview out of this oracle application url

3. Did a user mapping towards my userid in Portal user admin

4. In url parameters passing the username passwd as mapped Username and mapped passwd

but when i preview the url iview i get "webpage can't be found error".

Please let me know if i need to change any system properties or url iview properties.

regards

Bharat

Former Member
0 Kudos

Hi Bharat,

I suggest you use a tool like HTTP Watch (IE) or Firebug (firefox) to take a look at the http traffic and see what is happening. It should give you more insight into what is going on and you should be able to see the http requests and parameters being sent to the url... what method are you using POST or GET?

Simon

Former Member
0 Kudos

Hi,

I enabled the app integrator iview and system in portal and then tried to configure the third party url in the appintegrator system.

Then followed all the required appintegrator settings in iview and system.

I defined the name of the server with IPADDRESS as the third party application doesn't have the hostname.

But when tried to call the application in portal i get the following error msg.

It says invalid system attribute. I never defined the system as SAP_local system.

System alais defined is "appintegrator".

Pls let me know where do i need to make the changes.

This is the third party url to be integrated in portal.

http://IPADDRESS:9090/apex/f?p=104:112:4395142453700421

Following are the properties defined in appintegrator system in portal system admin.

NAME OF THE SERVER : IPADDRESS

PORT NUMBER : 9090

URL OF THE WEB APPLICATION : /apex/f?p=104:112:4395142453700421

PROTOCAL OF THE TARGET SYSTEM : HTTP

still i get the below error msg.

Pls note that the third party application is not in the same domain as portal. Does it has to do anything with the domain.

Also in the http watch the url is captured till http://IPADDRESS:9090/apex/f and rest part

?p=104:112:4395142453700421 is not being called.

Full Message Text

02:40_06/06/12_0003_14910850
[EXCEPTION]
com.sapportals.portal.prt.runtime.PortalRuntimeException: Exception in SAP Application Integrator occured: Unable to parse template '<System.protocol>://<System.server><System.uri>?reseller_check=1&<Authentication>'; the problem occured at position 20. Cannot process expression <System.server> because Invalid System Attribute:
System: 'SAP_LocalSystem',
Attribute: 'server'.
at com.sapportals.portal.appintegrator.AbstractIntegratorComponent.doContentPass(AbstractIntegratorComponent.java:125)
at com.sapportals.portal.appintegrator.AbstractIntegratorComponent.doContent(AbstractIntegratorComponent.java:98)
at com.sapportals.portal.prt.component.AbstractPortalComponent.doPreview(AbstractPortalComponent.java:240)
at com.sapportals.portal.prt.component.AbstractPortalComponent.serviceDeprecated(AbstractPortalComponent.java:168)
at com.sapportals.portal.prt.component.AbstractPortalComponent.service(AbstractPortalComponent.java:114)
at com.sapportals.portal.prt.core.PortalRequestManager.callPortalComponent(PortalRequestManager.java:328)
at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:136)
at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:189)
at com.sapportals.portal.prt.component.PortalComponentResponse.include(PortalComponentResponse.java:215)
at com.sapportals.portal.prt.pom.PortalNode.service(PortalNode.java:645)
at com.sapportals.portal.prt.core.PortalRequestManager.callPortalComponent(PortalRequestManager.java:328)
at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:136)
at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:189)
at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:753)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:235)
at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:541)
at java.security.AccessController.doPrivileged(AccessController.java:246)
at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:430)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:219)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

Former Member
0 Kudos

Hi,

Any inputs on this issue will be very helpful as i am struck on this.

Former Member
0 Kudos

In the error message you posted it seems to be saying that the system attribute "server" is invalid. Did you define that attribute in your system definition? Also in your iView do you set the system property to use the system you created via the alias? Also make sure that the user you execute with has Administrator = READ and End User permission on the system definition.

BRgds,

Simon

Former Member
0 Kudos

Hi Simon,

Thanks for the reply. I checked the user permissions and the enduser permissions for the userid for both iview and system object. All seems to be fine.

The system.server is the object id of the system field in the app integrator system object.

The proper convention is like below.

<System.protocol>://<System.server><System.uri>?reseller_check=1&<Authentication>

Here i defined the system.server with the ip address of the third party application as the url of the oracle apex application is like below.

http://IPADDRESS:9090/apex/f?p=104:112:4395142453700421

Following are the properties defined in appintegrator system in portal system admin.

NAME OF THE SERVER : IPADDRESS

PORT NUMBER : 9090

URL OF THE WEB APPLICATION : /apex/f?p=104:112:4395142453700421

PROTOCAL OF THE TARGET SYSTEM : HTTP

i am wondering if this has something to do with the security premissions or the request not being allowed from oracle apex side as the error return type is 404.

regards

Bharat

Former Member
0 Kudos

Hi Bharat,

Two ideas come to mind...

  1. Have you tried using a host name instead of an IP address? (Just create a dummy one in your hosts file for that IP if one doesn't exist in the DNS).
  2. Where do you see the 404 error? Have you tried using HTTP Watch or Firebug in Firefox to track down the 404?

Thanks,
Simon

Former Member
0 Kudos

Hi Simon,

Thanks for the reply.

On Oracle apex application side we manually hardcoded single userid passwd and passed the same from portal via URL iview and it is working fine. Which i feel is that the ipaddress is not an issue at all.

404 error is seen in the httpwatch trace.

regards

Bharat

Former Member
0 Kudos

Hi Simon,

Thanks for the reply.

On Oracle apex application side we manually hardcoded single userid passwd and passed the same from portal via URL iview and it is working fine. Which i feel is that the ipaddress is not an issue at all.

404 error is seen in the httpwatch trace.

regards

Bharat

Former Member
0 Kudos

Hi Bharat,

I am just trying to help you out. Please try what I suggest regarding using a host name instead of IP address - URL iView isn't exactly the same as as reading the System.server property from the App Integrator system.

Also what is the URL that causes the 404 error as seen in HTTP Watch? Does the URL actually work if you copy and paste it into the browser directly?

Thanks,

Simon

Former Member
0 Kudos

Hi,

If Oracle APEX doesn't support SAML then you might want to look at using the SAP Logon Ticket here is some more information:

[This FAQ content was deleted: visit for help]

I believe you could integrate this in MS and Java environments quite easily.

Hope this helps,

Simon

Message was edited by: Jason Lax

SandipAgarwalla
Active Contributor
0 Kudos

Simon,

just curious - if APEX would support SAP logon Ticket out of the box???

Of course, we can do a work around by using custom development...

Regards

Sandip

Former Member
0 Kudos

Hi Sandip,

Yes, I have to say I am not familiar with APEX, so I really don't know.

BRgds,

Simon

SandipAgarwalla
Active Contributor
0 Kudos

Bharath

You can look at implementing SSO using SAML (1.0/2.0) ..Its a industry standard and used widely.

I am hoping Oracle APEX supports SAML.

Sandip