DSC_NETWORK_GUY
Member
Hi,
Single Sign-On not working. Newby, never seen it work. Looking for config feedback and help.
I get JDE Menu Sign-in page error (after SSO redirect) with "invalid User ID or Password". The error in the JAS log is interesting "user nullSecurityToken", but is the problem JAS to JDE Enterprise, or OID login redirect to JAS, or both?
I have included most of the config, I am sure I am doing something wrong, just not sure what.
Attached: E1Menu screenshot.
ERROR in target JAS Log:
------------------------
22 Mar 2009 15:47:28,864 [SEVERE] - [JAS] User nullSecurityToken is not Validated.Security Server return error status: 1/Unknown User
------------------------
Current Environment:
-----------------------------
JDE Enterprise 8.12 / AS400
Tool Set 8.97
#
OID 10.1.4.3 on RHEL4.7 Standalone server
OAS - JAS/HTTP 10.1.3 on RHEL4.7
#
JDE Security Server enabled / AS400
-----------------------------
JDE SSO Config:
-----------------------------
JDE USer ID mapping is configured for test users
_LocalNode setup in Nodes, with timeout setting.
No Trusts
-----------------------------
TokenGen.ini :
---------------------------
NodeName=_GLOBALNODE
NodePwd=_GLOBALPWD
# 1=ENTERPRISE CLIENT
CLIENTTYPE=1
# 0=UNICODE, 1=UTF8
CODEPAGE=0
VERSION=700
TOOLSVERSION=8.10
SIGNATURETYPE=N
MNRD=0
---------------------------
Virtual Host: OAS_8084
---------------------------
# The following configuration was added by the JD Edwards
# Server Configuration Framework
Listen 8084
<VirtualHost *:8084>
Oc4jMount /jde oas20_8084
Oc4jMount /jde/* oas20_8084
OssoConfigFile /opt/oracle/jdeoas/Apache/Apache/conf/osso/8084_osso.conf
OssoIpCheck off
OssoIdleTimeout off
</VirtualHost>
---------------------------
mod_osso.conf
----------------------------
LoadModule osso_module libexec/mod_osso.so
<IfModule mod_osso.c>
# OssoConfigFile /opt/oracle/jdeoas/Apache/Apache/conf/osso/8084_osso.conf
OssoIpCheck off
OssoIdleTimeout off
</IfModule>
Note:http.conf has mod_osso.conf included, not commented out.
----------------------------
Jas.ini
---------------------------
[SECURITY]
NumServers=1
SecurityServer=DSCBLT
SecurityServer1=NONE
SecurityServer2=NONE
SecurityServer3=NONE
SecurityServer4=NONE
UseLogonCookie=false
CookieLifeTime=7
SSOEnabled=false
OracleAccessSSO=false
OracleSSO=true
StrictVersionSecurity=0
OracleAccessSignOffURL=
OracleSignOffURL=http://jdeoid21.mydomain.net/sso/pages/login.jsp
----------------------------
OID Registration:
-----------------------------
$ORACLE_HOME/sso/bin/ssoreg.sh
-oracle_home_path $ORACLE_HOME
-update_mode MODIFY
-config_mod_osso TRUE
-mod_osso_url http://jdeoas20.mydomain.net:8084/
-remote_midtier
-virtualhost
-site_name jde8084.mydomain.net
-config_file /home/oracle/oas20_8084_osso.conf
-home_url http://jdeoas20.mydomain.net:8084/jde
-success_url http://jdeoas20.mydomain.net:8084/jde
-logout_url http://jdeoas20.mydomain.net:8084/jde
note: config file was copied to JAS/HTTP and renamed 8084_osso.conf
-----------------------------
Single Sign-On not working. Newby, never seen it work. Looking for config feedback and help.
I get JDE Menu Sign-in page error (after SSO redirect) with "invalid User ID or Password". The error in the JAS log is interesting "user nullSecurityToken", but is the problem JAS to JDE Enterprise, or OID login redirect to JAS, or both?
I have included most of the config, I am sure I am doing something wrong, just not sure what.
Attached: E1Menu screenshot.
ERROR in target JAS Log:
------------------------
22 Mar 2009 15:47:28,864 [SEVERE] - [JAS] User nullSecurityToken is not Validated.Security Server return error status: 1/Unknown User
------------------------
Current Environment:
-----------------------------
JDE Enterprise 8.12 / AS400
Tool Set 8.97
#
OID 10.1.4.3 on RHEL4.7 Standalone server
OAS - JAS/HTTP 10.1.3 on RHEL4.7
#
JDE Security Server enabled / AS400
-----------------------------
JDE SSO Config:
-----------------------------
JDE USer ID mapping is configured for test users
_LocalNode setup in Nodes, with timeout setting.
No Trusts
-----------------------------
TokenGen.ini :
---------------------------
NodeName=_GLOBALNODE
NodePwd=_GLOBALPWD
# 1=ENTERPRISE CLIENT
CLIENTTYPE=1
# 0=UNICODE, 1=UTF8
CODEPAGE=0
VERSION=700
TOOLSVERSION=8.10
SIGNATURETYPE=N
MNRD=0
---------------------------
Virtual Host: OAS_8084
---------------------------
# The following configuration was added by the JD Edwards
# Server Configuration Framework
Listen 8084
<VirtualHost *:8084>
Oc4jMount /jde oas20_8084
Oc4jMount /jde/* oas20_8084
OssoConfigFile /opt/oracle/jdeoas/Apache/Apache/conf/osso/8084_osso.conf
OssoIpCheck off
OssoIdleTimeout off
</VirtualHost>
---------------------------
mod_osso.conf
----------------------------
LoadModule osso_module libexec/mod_osso.so
<IfModule mod_osso.c>
# OssoConfigFile /opt/oracle/jdeoas/Apache/Apache/conf/osso/8084_osso.conf
OssoIpCheck off
OssoIdleTimeout off
</IfModule>
Note:http.conf has mod_osso.conf included, not commented out.
----------------------------
Jas.ini
---------------------------
[SECURITY]
NumServers=1
SecurityServer=DSCBLT
SecurityServer1=NONE
SecurityServer2=NONE
SecurityServer3=NONE
SecurityServer4=NONE
UseLogonCookie=false
CookieLifeTime=7
SSOEnabled=false
OracleAccessSSO=false
OracleSSO=true
StrictVersionSecurity=0
OracleAccessSignOffURL=
OracleSignOffURL=http://jdeoid21.mydomain.net/sso/pages/login.jsp
----------------------------
OID Registration:
-----------------------------
$ORACLE_HOME/sso/bin/ssoreg.sh
-oracle_home_path $ORACLE_HOME
-update_mode MODIFY
-config_mod_osso TRUE
-mod_osso_url http://jdeoas20.mydomain.net:8084/
-remote_midtier
-virtualhost
-site_name jde8084.mydomain.net
-config_file /home/oracle/oas20_8084_osso.conf
-home_url http://jdeoas20.mydomain.net:8084/jde
-success_url http://jdeoas20.mydomain.net:8084/jde
-logout_url http://jdeoas20.mydomain.net:8084/jde
note: config file was copied to JAS/HTTP and renamed 8084_osso.conf
-----------------------------