Before starting with the below mentioned steps, make sure you have configured 10.1.3.x Mid-tier Instance to Use Oracle Single Sign On Server.
Step 1. Protect URL/Web Context Root (Statically)
Now, you can protect URLs with mod_osso by applying directives to the mod_osso.conf file.
This file is found at $ORACLE_HOME/Apache/Apache/conf.
<IfModule mod_osso.c>
<Location /integration/worklistapp >
AuthType Basic
require valid-user
</Location>
</IfModule>
Step 2. Configure SSO Realm Information
Navigate to the following file.
$ORACLE_HOME/bpel/system/services/config/wf_client_config.xml Change jazn.com to the realm name in SSO.
<portal>
<realmmapping>
your_realm
</realmmapping>
</portal>
Step 3:Modification of Servlet Code under worklistapp
Step 3a:
Open the $ORACLE_HOME\j2ee\oc4j_soa\applications\hw_services\worklistapp\src\worklistapp\ser vlets\BaseServlet.java file.
Remove the following code fragment that begins on line 218 in the validateSession() method:
else
{ // forward request to login page, if user session is null
//(not if session store or wfCtx is null, as login servlet will set them)
if ( userSession == null )
{
RequestDispatcher rd = getServletContext().getRequestDispatcher(WorklistappConstants.PAGE_LOGIN_JSP);
if (rd != null)
{
rd.forward(request,response);
return false;
}
}
}
Step 3b:
Open the Login.java file in the same directory. Replace the code up to the end of the try{} block in the handleRequest() method with the following:
user = getParameter(request,WorklistappConstants.PARAM_LOGIN_USER);
String password = getParameter(request,WorklistappConstants.PARAM_LOGIN_ PASSWORD);
String realm = getParameter(request,WorklistappConstants.PARAM_LOGIN_REALM);
String redirectURL = getParameter(request,WorklistappConstants.PARAM_REDIRECT_ URL);
HttpSession userSession = request.getSession(true);
SessionStore sessStore = new SessionStore(userSession);
String remoteUser = request.getRemoteUser();
if ((user == null) && (password == null) && (remoteUser == null))
{
pageRedirect(request, response, WorklistappConstants.PAGE_LOGIN_JSP);
return;
}
try
{
IWorkflowContext wfCtx = null;
if ( user != null )
{ //Authenticate the supplied credentials
wfCtx = wfSvcClient.getTaskQueryService().authenticate(user, password, realm, null);
}
else
{ //Create context using remoteUser in request (pre-authenticated request)
wfCtx = wfSvcClient.getTaskQueryService().createContext(request);
}
initSessionAttributes(sessStore, wfCtx);
initRequestStatus(sessStore);
if (redirectURL != null)
response.sendRedirect(redirectURL);
else
response.sendRedirect(WorklistappConstants.SERVLET_TASK_LIST);
}
Step 3b:
After making the entry, restart the Mid-tier Instance: $ORACLE_HOME/opmn/bin/opmnctl stopall $ORACLE_HOME/opmn/bin/opmnctl startall
Now, when a user accesses the Worklist application from the mid-tier host like the one shown below, http://hostname: 7778/integration/worklistapp/TaskList, the default SSO page shows up & login as oc4jadmin (any valid OID user). It should login successfully & reach TaskList Homepage.
Hi! I have a problem relationship with this:
ReplyDeleteI had soa 1.3.3.1 and I login to oid, without sso.
I change the configuration to logon using sso.
but I cant see the tasks assignee to user.
the problem is what now worklistapp is case sensitive. before the tasks, was registered in lower case (table wftask of orabpel) and now are case sensitive.
I have tasks assignee to user FabiaA00 (sso), and I have tasks assignee to user fabiaa00 (without sso).
In the oid the user is FabiaA00.
The tasks assignee to user fabiaa00 I cant see
Sorry for my English
Best Regards
Maxi