Who is registered on Oracle.com? Well, if you have ever asked or answered a question on the wildly popular Oracle Application Express discussion forum on OTN, then you already have an account.
To enable SSO authentication to Oracle.com in your application on apex.oracle.com, simply follow these steps:
- Shared Components -> Authentication Schemes
- Click Create button
- Choose “Based on a pre-configured scheme from the gallery” and click Next
- Choose “Oracle Application Server Single Sign-On (Application Express Engine as Partner App)” and click Next
- Give it a name like SSO and click Create Scheme
- In the subsequent report of authentication schemes, click the “make current” link for your newly created SSO one
- Click the Make Current button on the confirmation page
- Go get a beer (or coffee or tea) to celebrate
To see this in action, here's a very brief sample application with a public and non-public page, using SSO authentication.
Important note: As of August 2012, SSO is no longer available on apex.oracle.com.
When clicking on the sample link I get the "redirecting to login page" message, but then I get a HTTP 500 error page.
ReplyDeleteJoel,
ReplyDeleteI am having the same issue the prior poster has.. We are getting the following error when running your sample:
500 Internal Server Error..
Thank you,
Tony Miller
Webster, TX
Thanks for your feedback. Are you saying that you're not even getting to the application on apex.oracle.com? Or are you saying that once you run the application (on the public page) and you click on the link to go to the SSO authenticated page, that it results in HTTP-500?
ReplyDeleteJoel
If you click on the "Click Here" link, which points to
ReplyDeletehttps://apex.oracle.com/pls/otn/f?p=63701:2
, the server is giving the 500 Internal Server Error.
Here is the final URL:
https://login.oracle.com/pls/orasso/orasso.wwsso_app_admin.ls_login?site2pstoretoken=v1.2~7CF76FEC~13F692306B43E028064CC6CF41230C438BB101C7F1DE312926A7BBED2B1B7953E9E020F2C6D27D8A5A6209664A51CD67E13D0D34C1BC2307CBF22D63A52B583040079701DE984F54DC24B75E71CE67CCF9953070189F1A0127A4E7DFB286A56073954387CBF39C42581D5804B2AFDBA9DE6D4A08BF89884ABA5209D6AB1AFADFA57363D9E23B1E1ECC37B58D438C877E5D68CDDC733B7CD7D0C45F3B108B2E4649999B82B88776EB8FEF6B924573DBC6A507543A5C5B7E03CC3032EF76C85CCE95E0689ECA5DE2ABE621A9A3D0830FBAE0E1F9FDE10276BA375F83B3B6FDAF6E2D89C1A0251BEBA524C7D6027E97E05BF62DDE58ACE792E7
When clicking on the link in the application, that is supposed to re-direct to the sso secured page, that is when the is occurring..
ReplyDeleteThank you,
Tony Miller
Webster, TX
Thanks Tony and Rama (and Francis). I'm looking at the issue now. Everyone within Oracle hasn't had an issue.
ReplyDeleteSorry for the hassle. I contacted the necessary group within Oracle to have apex.oracle.com registered on the external Login Server (before yesterday, I never knew there was such a thing). I guess I pulled the trigger on this post a little too early.
ReplyDeleteI have now tested this both from within Oracle and externally to Oracle. All appears to function well.
Thanks for the feedback.
Works for me now.
ReplyDeleteHi,
ReplyDeleteHow do I register my APEX site as a Partner application with the SSO server?
Does anyone know who or which group should I contact?
I'm trying to set this up but whenever I test the LDAP with the LDAP test tool with the following configuration:
LDAP Host: ldap.oracle.com
Port:389
USE SSL: No SSL
Use exact DN: yes
DN String: cn=%LDAP_USER%,l=amer,dc=oracle,dc=com
But then, when clicking on the TEST button providing my SSO email and pass, a red message appears above stating that "Authentication Failed !"
What am I missing or doing wrong ?
Thank you very much.
Daniel Villegas.
PS: I'm within Oracle's network.
@Daniel,
ReplyDeleteRegistering your APEX instance with SSO has nothing to do with calling out to an LDAP server.
Joel
Hi,
ReplyDeleteI'm to use SSO to login to my APEX app. I used this guide but now when I run the application i get the following error:
ORA-06550: line 1, column 7: PLS-00201: identifier 'WWV_FLOW_CUSTOM_AUTH_SSO.PORTAL_SSO_REDIRECT' must be declared ORA-06550: line 1, column 7: PL/SQL: Statement ignored
Error Error executing wwv_flow_custom_auth_sso.portal_sso_redirect.
Hi Stephen,
ReplyDeleteEnsure you don't specify any for "Partner Application Name".
This flow has changed a little bit for Application Express 4.1 and later. It's now:
1) Shared Components -> Authentication Schemes
2) Click Create button
3) Choose “Based on a pre-configured scheme from the gallery” and click Next
4) Enter a name, like "SSO"
5) For Scheme Type, choose “Oracle Application Server Single Sign-On” and click Next. No need to specifying anything for "Partner Application Name".
6) This newly created authentication scheme will automatically become your current authentication scheme for your application. Go get a beer (or coffee or tea) to celebrate.
Joel
Hi Joel,
ReplyDeleteI followed your steps, but I still hit error:
Error processing SSO authentication.
ORA-06550: line 1, column 7: PLS-00201: identifier 'WWV_FLOW_CUSTOM_AUTH_SSO.PORTAL_SSO_REDIRECT' must be declared ORA-06550: line 1, column 7: PL/SQL: Statement ignored
I am using Apex4.2
Thanks for your help.
Maggie
Hi Maggie,
ReplyDeleteIs this on your instance or apex.oracle.com? If on apex.oracle.com, public availability of SSO is no longer available (a policy decision, not a software defect).
Joel
Hi,
ReplyDeleteWhen I am trying to run the application after performing all the steps to enable SSO, I am getting below error
Error processing SSO authentication.ORA-06550: line 2, column 1: PLS-00201: identifier 'WWSEC_SSO_ENABLER_PRIVATE' must be declared ORA-06550: line 1, column 45: PL/SQL: Statement ignored
Rajeev,
ReplyDeleteDo you have the SSO SDK installed and configured on your instance? It doesn't sound like it.
Joel