Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: access an sso partner application through an iframe without reauthenticating

Re: access an sso partner application through an iframe without reauthenticating

From: <danny.roach_at_oracle.com>
Date: 4 Jan 2007 01:29:54 -0800
Message-ID: <1167902993.972194.63540@v33g2000cwv.googlegroups.com>

On Jan 4, 8:23 am, "What's in a namespace" <x..._at_ns.com> wrote:
> <danny.ro..._at_oracle.com> schreef in berichtnews:1167832603.851662.227880_at_v33g2000cwv.googlegroups.com...
>
> >I have an application (written using apex) that is an sso partner app.
> > I want to be able to embed the application within a portlet (probably a
> > dynamic page portlet generating an iframe) in my portal. When a user
> > access the portal page that contains the iframe they are initially
> > forced to reauthenticate within the iframe.
>
> > The problem lies in the sso session. I think when you access an
> > application through an iframe it treats everything in the iframe as if
> > it were in a separate browser session. This means that when you try to
> > access the application in the iframe it still redirects you to the sso
> > server even though you are already authenticated via portal.
>
> > So this is the problem, has anyone got any ideas on what the solution
> > might be?Danny, just to check:
> 1) does your applciation work with SSO when not called from Portal? So if
> you type the app. link in your browser, log in, retype the link, do you have
> to login again then?
> 2) If yes, if you create an URL item in Portal with this link, click it,
> login, logout, click it again, does it work?
>
> Shakespeare

My application has a couple of public pages that the user can navigate to before logging in (It is a shopping cart application). Once they have made there choices from the catalogue (public - page 2) they navigate to the shopping cart page (requires login - page 3). The system then prompts for login and shows the sso login page. They log in and then can see the shopping cart.

I did this once and it worked fine if I then copied the link (page 3 - including session) it worked without logging in again. If i copied the link (page 3 - withou t session ) then it tried to redirect me to the sso login page and then failed with a page 404 not found error.

The access log entry from apache looks like this

192.168.197.1 - PUBLIC [04/Jan/2007:01:15:14 -0800] "GET /pls/orasso/orasso.wwsso_app_Admin.ls_login?site2pstoretoken=v1.2%7E9BC43B23%7E1D54FD1AAE1CC89BE87ED353FA937CB568FD93E06BF40633F8AF5849FE79F2C9B661BEB03425F1535BF858B928DCE9B208EFD647EB84F61349BB6AECCDE074FC3D36435913B2A8107FBC553739BC697C0AE43614DDE31493025917A2C46D306FD0DA4362532B4882942A7C004EEDA9A1F7EFD8D0F30E6D56AE43449404D20F2E3F2F5EB08A9F7B9EFA39B3ACB8E5A7D8B2F41E92FCCF00068E2E34A98E68EF999D1585B29179F0EE7FE1E118BD5B55F7859FBD5D40546D1C65A207523B1D1CC617B7F0DB3C50C80EEA062FF31EF18B9559629C6D0752358134F54FA1F421A9F1DB343D48266869046B8F6F6205DD70EEFFC49C9AF6C81A998032410D77B6D14C91F37CE90FF9C6611EA3E2F8F63C172B HTTP/1.1" 404 377 The error log entry looks like this

[Thu Jan 4 01:15:14 2007] [error] [client 192.168.197.1] [ecid: 1167902113:192.168.197.100:2057:0:15,0] mod_plsql: /pls/orasso/orasso.wwsso_app_Admin.ls_login HTTP-404 ORA-06502: PL/SQL: numeric or value error\nORA-06512: at "ORASSO.WWSSO_LS_PRIVATE", line 870\nORA-06512: at "ORASSO.WWSSO_VPD_PRIVATE", line 41\nORA-06512: at "ORASSO.WPG_SESSION", line 66\nORA-06512: at line 22\n

All this was done on apex stand alone without portal.

Thanks for looking at this for me.

Danny Received on Thu Jan 04 2007 - 03:29:54 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US