Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: access an sso partner application through an iframe without reauthenticating

Re: access an sso partner application through an iframe without reauthenticating

From: <danny.roach_at_oracle.com>
Date: 4 Jan 2007 03:03:19 -0800
Message-ID: <1167908599.457075.3490@31g2000cwt.googlegroups.com> 







On Jan 4, 10:19 am, "What's in a namespace" <x..._at_ns.com> wrote:


> <danny.ro..._at_oracle.com> schreef in berichtnews:1167902993.972194.63540_at_v33g2000cwv.googlegroups.com...

>

>

>

>

>

>

>

> > On Jan 4, 8:23 am, "What's in a namespace" <x..._at_ns.com> wrote:

> >> <danny.ro..._at_oracle.com> schreef in

> >> berichtnews:1167832603.851662.227880_at_v33g2000cwv.googlegroups.com...

>

> >> >I have an application (written using apex) that is an sso partner app.

> >> > I want to be able to embed the application within a portlet (probably a

> >> > dynamic page portlet generating an iframe) in my portal.  When a user

> >> > access the portal page that contains the iframe they are initially

> >> > forced to reauthenticate within the iframe.

>

> >> > The problem lies in the sso session.  I think when you access an

> >> > application through an iframe it treats everything in the iframe as if

> >> > it were in a separate browser session.  This means that when you try to

> >> > access the application in the iframe it still redirects you to the sso

> >> > server even though you are already authenticated via portal.

>

> >> > So this is the problem, has anyone got any ideas on what the solution

> >> > might be?Danny, just to check:

> >> 1) does your applciation work with SSO when not called from Portal? So if

> >> you type the app. link in your browser, log in, retype the link, do you

> >> have

> >> to login again then?

> >> 2) If yes, if you create an URL item in Portal with this link, click it,

> >> login, logout, click it again, does it work?

>

> >> Shakespeare

>

> > My application has a couple of public pages that the user can navigate

> > to before logging in (It is a shopping cart application).  Once they

> > have made there choices from the catalogue (public - page 2) they

> > navigate to the shopping cart page (requires login - page 3).  The

> > system then prompts for login and shows the sso login page.  They log

> > in and then can see the shopping cart.

>

> > I did this once and it worked fine if I then copied the link (page 3 -

> > including session) it worked without logging in again.  If i copied the

> > link (page 3 - withou t session ) then it tried to redirect me to the

> > sso login page and then failed with a page 404 not found error.

>

> > The access log entry from apache looks like this

>

> > 192.168.197.1 - PUBLIC [04/Jan/2007:01:15:14 -0800] "GET

> > /pls/orasso/orasso.wwsso_app_Admin.ls_login?site2pstoretoken=v1.2%7E9BC43B2­3%7E1D54FD1AAE1CC89BE87ED353FA937CB568FD93E06BF40633F8AF5849FE79F2C9B661BEB­03425F1535BF858B928DCE9B208EFD647EB84F61349BB6AECCDE074FC3D36435913B2A8107F­BC553739BC697C0AE43614DDE31493025917A2C46D306FD0DA4362532B4882942A7C004EEDA­9A1F7EFD8D0F30E6D56AE43449404D20F2E3F2F5EB08A9F7B9EFA39B3ACB8E5A7D8B2F41E92­FCCF00068E2E34A98E68EF999D1585B29179F0EE7FE1E118BD5B55F7859FBD5D40546D1C65A­207523B1D1CC617B7F0DB3C50C80EEA062FF31EF18B9559629C6D0752358134F54FA1F421A9­F1DB343D48266869046B8F6F6205DD70EEFFC49C9AF6C81A998032410D77B6D14C91F37CE90­FF9C6611EA3E2F8F63C172B

> > HTTP/1.1" 404 377


>

> > The error log entry looks like this

>

> > [Thu Jan  4 01:15:14 2007] [error] [client 192.168.197.1] [ecid:

> > 1167902113:192.168.197.100:2057:0:15,0] mod_plsql:

> > /pls/orasso/orasso.wwsso_app_Admin.ls_login HTTP-404 ORA-06502: PL/SQL:

> > numeric or value error\nORA-06512: at "ORASSO.WWSSO_LS_PRIVATE", line

> > 870\nORA-06512: at "ORASSO.WWSSO_VPD_PRIVATE", line 41\nORA-06512: at

> > "ORASSO.WPG_SESSION", line 66\nORA-06512: at line 22\n

>

> > All this was done on apex stand alone without portal.

>

> > Thanks for looking at this for me.

>

> > DannyDanny,

>

> I get a bit confused here (but it's still morning). The problem you describe

> now doesn't seem to have anything to do with iframes, am I correct? For your

> not using Portal now...

>

> I presume your logs are from the infrastructure server (where OID resides),

> correct?

> By the way: what version and edition (express, standard, enterprise) DB is

> your APEX on? I know SSO has problems with APEX on Oracle Express Edition.

>

> Apparently, your redirect is working, but is redirecting to a page that is

> not found because of an error in buidling the page in plsql.

> For what I can see, your site2pstoretoken is longer than in my logfiles.

>

> Did you change anything in your SSO-configuration on the SSO-server between

> success and failure?

>

> Shakespeare- Hide quoted text -- Show quoted text -




Hi Shakepeare



Sorry for the confusion.  I had corrupted my apex logout url.  I have
put that right and the app now works fine stand alone as you describe
above (i.e. login, copy/paste url etc).



I have then bounced the server and connected to portal and attempted to
access the app through the iframe.  The public pages worked fine but as
soon as I clicked on a page requiring authentication it didnt even
redirect to the sso login page it just gave a 'The page cannot be
found' error.



The access and error log entries are



access log



192.168.197.1 - PUBLIC [04/Jan/2007:02:48:07 -0800] "GET
/pls/orasso/orasso.wwsso_app_Admin.ls_login?site2pstoretoken=v1.2%7E9BC43B23%7E0F334AC4B696604A9EF79B10AB204E534960904A5F99B4F4CD0556967A3A790913D89C7031320174524C60435A40016B5213FA08D49F567E0BC839E1B0C077A6AAF1FBE8F328F33B5267402FBBE98B1BCA49F21BD7E8E40F35E9CD20C0B319420B83DF032220F46289F80A965B863361C42471CED83352F8DD1A984EA0252259E8F7B9F8E093F6C9770244B2EC368A997BE76821F42380AEAC7F3B0D553AB150B2074DB24B70453E88098C7F8E36302EE077923D67003BEEB35D26D81EAB5E2F9D5BA68D244D74BB345121391A31763316638F6CEE79519F258AD88F553C76B5ADEC64AB18F9AD04D6B3E97B41F5ACD61F9F2D70467AAC17E5121574048D9BDAC02600F54424A938C739F71398ED5228
HTTP/1.1" 404 377


error log



[Thu Jan  4 02:48:07 2007] [error] [client 192.168.197.1] [ecid:
1167907687:192.168.197.100:3929:0:14,0] mod_plsql:
/pls/orasso/orasso.wwsso_app_Admin.ls_login HTTP-404 ORA-06502: PL/SQL:
numeric or value error\nORA-06512: at "ORASSO.WWSSO_LS_PRIVATE", line
870\nORA-06512: at "ORASSO.WWSSO_VPD_PRIVATE", line 41\nORA-06512: at
"ORASSO.WPG_SESSION", line 66\nORA-06512: at line 22\n



Logs are indeed from the infrastructure server.



Apex version is 2.2


Portal 10.1.4


Database 10g R1 Enterprise



No I have not touched the SSO configuration.



Thanks,



Danny
Received on Thu Jan 04 2007 - 05:03:19 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US