SAML WSRP

Similar Questions

• WSSE WSRP missing in the SOAP header element

  Hello
  
  I have a wlp 9.2.3 producer and consumer, I implement the SAML security between these 2 areas, and it worked very well. Now suddenly wsse: Security section is missing in the soap headers that are passed from the consumer to the producer. What could be the reason for the missing WSSE... How to add them
  
  soapenv:envelope xmlns:soapenv = "http://schemas.xmlsoap.org/soap/envelope/" >
  * < header xmlns = "http://schemas.xmlsoap.org/soap/envelope/" / > *.
  < soapenv:Body >
  < xmlns:urn urn: initCookie = "urn: oasis: names: tc: wsrp:v1:types" >
  < urn: registrationContext >
  < urn: registrationHandle > 24002 < / urn: registrationHandle >
  < / urn: registrationContext >
  < / urn: initCookie >
  < / soapenv:Body >
  < / soapenv:Envelope
  
  
  
  Thank you
  Jesh

  The most likely cause is that the user is not connected.
  Other issues include the SAML Credential Mapper or a misconfiguration of the WSDL strategy in the field of consumer safety.

  Hope this helps,

  Nate

• Web SSO SAML 2.0 with webcenter content

  Hi all

  We have a requirement to set up the profile of SAML 2.0 Web SSO for Webcenter content server. SAML 2.0 certified against Webcenter content? I couldn't locate the documentation for the configuration of SAML 2.0 with Webcenter content.

  Any help would be appreciated.

  Configuration

  LDAP: AD and ADFS 2.0,

  SAML 2.0.

  WebCenter content 11.1.1.8 (UCM)

  Kind regards

  Shan

  Hi Shan,

  SAML is not currently supported with Webcenter content.

  Thank you

  Srinath

• Authenticator SAML

  Hi all

  trying to let authenticator SAML in connection settings of the server I m a 404:

  Error HTTP 404 data recovery of https://view_connection_server_fqdn/SaaS/API/1.0/get/metadata/IDP.XML

  I need to enable to work with Identity Manager, clues?

  Thank you.

  Could you please put what measures have you taken? You must add Horizon Workspace /vIDM broker for connections view details.

• Resource of transmission by proxy error in WSRP Portlet - invalid soap message.

  Hello

  We strive to use portlet WebCenter Portlan (11.1.1.7).

  In a simple application with jsr-286 Portlet on WSRP, we are facing the problem to send embedder resource binary (as picture) in the method of serveResource, using OutputStream of ResourceResponse.

  If the resources are simple text (javascript file) - successfully transmitted.

  
  

  Example:

  View.jsp

  <img src="<portlet:resourceURL id="image"/>"/>
  

  Portlet1.Java

      @Override
      public void serveResource(ResourceRequest request, ResourceResponse response)
                                          throws PortletException, IOException {
          String resourceID = request.getResourceID();
          System.out.println("Serving resources, resourceId = " + resourceID);
  
          InputStream is = Portlet1.class.getClassLoader().getResourceAsStream("test.png");
          System.out.println("inputStream = " + is);
          ByteArrayOutputStream buffer = new ByteArrayOutputStream();
          int nRead;
          byte[] data = new byte[16384];
          while ((nRead = is.read(data, 0, data.length)) != -1) {
                          buffer.write(data, 0, nRead);
          }
          OutputStream outStream = response.getPortletOutputStream();
          outStream.write(buffer.toByteArray());      
          outStream.flush();        
          System.out.println("end of serveResource");
      }
  

  When open portal page located portlet, not loaded image. And exception in the server log is:

  Serving resources, ResourceID = image
  inputStream = java.io.BufferedInputStream@3dd981
  end of serveResource
  < PortletResourceServlet > < _process > transmission error proxy resources.
  oracle.portlet.client.container.PortletRemoteException: oracle.portlet.wsrp.WSRPRemoteException: java.rmi.RemoteException: envelope parsing error: probably because of an invalid SOAP message. : illegal character (CTRL-CHAR, code 26))
  [row, col {source unknown}]: [3.1]; nested exception is:
  javax.xml.soap.SOAPException: parse envelope error: probably because of an invalid SOAP message. : illegal character (CTRL-CHAR, code 26))
  [row, col {source unknown}]: [3.1]
  at oracle.portlet.client.techimpl.wsrp.WSRPBaseTerminalPipe.processException(WSRPBaseTerminalPipe.java:119)
  at oracle.portlet.client.techimpl.wsrp.WSRPResourceOperationPipe.execute(WSRPResourceOperationPipe.java:309)
  at oracle.portlet.client.techimpl.wsrp.WSRPResourceOperationPipe.pre(WSRPResourceOperationPipe.java:55)
  at oracle.portlet.client.service.pipeline.PipeContext.internalExecute2(PipeContext.java:650)
  to oracle.portlet.client.service.pipeline.PipeContext.access$ 000 (PipeContext.java:48)
  to oracle.portlet.client.service.pipeline.PipeContext$ 1.run(PipeContext.java:498)
  at java.security.AccessController.doPrivileged (Native Method)
  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)
  at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccActionExecutor.java:74)
  to oracle.security.jps.internal.jaas.AbstractSubjectSecurity$ ActionExecutorWrapper.execute (AbstractSubjectSecurity.java:242)
  to oracle.security.jps.internal.jaas.CascadeActionExecutor$ SubjectPrivilegedExceptionAction.run (CascadeActionExecutor.java:83)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
  at weblogic.security.Security.runAs(Security.java:61)
  at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecutor.java:51)
  at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(CascadeActionExecutor.java:56)
  to oracle.security.jps.internal.jaas.AbstractSubjectSecurity$ ActionExecutorWrapper.execute (AbstractSubjectSecurity.java:242)
  at oracle.security.jps.internal.jaas.AbstractSubjectSecurity.executeAs(AbstractSubjectSecurity.java:196)
  at oracle.portlet.client.service.pipeline.PipeContext.internalExecute(PipeContext.java:502)
  at oracle.portlet.client.service.pipeline.PipeContextRunnable.run(PipeContextRunnable.java:23)
  to java.util.concurrent.Executors$ RunnableAdapter.call (Executors.java:441)
  to java.util.concurrent.FutureTask$ Sync.innerRun (FutureTask.java:303)
  at java.util.concurrent.FutureTask.run(FutureTask.java:138)
  to oracle.portlet.client.service.pipeline.ModifiedThreadPoolExecutor$ Worker.runTask (ModifiedThreadPoolExecutor.java:391)

  
  to oracle.portlet.client.service.pipeline.ModifiedThreadPoolExecutor$ Worker.run (ModifiedThreadPoolExecutor.java:416)
  at java.lang.Thread.run(Thread.java:662)
  Caused by: oracle.portlet.wsrp.WSRPRemoteException: java.rmi.RemoteException: envelope parsing error: probably because of an invalid SOAP message. : illegal character (CTRL-CHAR, code 26))
  [row, col {source unknown}]: [3.1]; nested exception is:
  javax.xml.soap.SOAPException: parse envelope error: probably because of an invalid SOAP message. : illegal character (CTRL-CHAR, code 26))
  [row, col {source unknown}]: [3.1]
  at oracle.portlet.wsrp.v2.WSRP_v2_Markup_PortTypeJaxbToSoap.getResource(WSRP_v2_Markup_PortTypeJaxbToSoap.java:333)
  at oracle.portlet.wsrp.v2.ServerToWSRPv2.getResource(ServerToWSRPv2.java:6146)
  at oracle.portlet.client.connection.wsrp.ActivityServerWrapper.getResource(ActivityServerWrapper.java:236)
  at oracle.portlet.client.techimpl.wsrp.WSRPResourceOperationPipe.execute(WSRPResourceOperationPipe.java:141)
  ... 24 more
  Caused by: java.rmi.RemoteException: envelope parsing error: probably because of an invalid SOAP message. : illegal character (CTRL-CHAR, code 26))
  [row, col {source unknown}]: [3.1]; nested exception is:
  javax.xml.soap.SOAPException: parse envelope error: probably because of an invalid SOAP message. : illegal character (CTRL-CHAR, code 26))
  [row, col {source unknown}]: [3.1]
  at oracle.portlet.wsrp.v2.soap.runtime.WSRP_v2_Markup_Binding_SOAP_Stub.getResource(WSRP_v2_Markup_Binding_SOAP_Stub.java:567)
  at oracle.portlet.wsrp.v2.WSRP_v2_Markup_PortTypeJaxbToSoap.getResource(WSRP_v2_Markup_PortTypeJaxbToSoap.java:229)
  ... more than 27
  Caused by: javax.xml.soap.SOAPException: parse envelope error: probably because of an invalid SOAP message. : illegal character (CTRL-CHAR, code 26))
  [row, col {source unknown}]: [3.1]
  at oracle.j2ee.ws.saaj.soap.AbstractSOAPImplementation.createEnvelope(AbstractSOAPImplementation.java:137)
  at oracle.j2ee.ws.saaj.soap.SOAPPartImpl.getEnvelope(SOAPPartImpl.java:95)
  at oracle.j2ee.ws.saaj.soap.SOAPPartImpl.getEnvelope(SOAPPartImpl.java:64)
  at oracle.j2ee.ws.saaj.soap.MessageImpl.getSOAPBody (MessageImpl.java:1586)
  at oracle.j2ee.ws.client.StubBase._preHandlingHook(StubBase.java:887)
  at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:275)
  at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:148)
  at oracle.portlet.wsrp.v2.soap.runtime.WSRP_v2_Markup_Binding_SOAP_Stub.getResource(WSRP_v2_Markup_Binding_SOAP_Stub.java:507)
  ... 28 more
  Caused by: com.ctc.wstx.exc.WstxUnexpectedCharException: illegal character (CTRL-CHAR, code 26))
  [row, col {source unknown}]: [3.1]
  at com.ctc.wstx.sr.StreamScanner.throwInvalidSpace(StreamScanner.java:639)
  at com.ctc.wstx.sr.BasicStreamReader.readTextSecondary(BasicStreamReader.java:4624)
  at com.ctc.wstx.sr.BasicStreamReader.finishToken(BasicStreamReader.java:3661)
  at com.ctc.wstx.sr.BasicStreamReader.safeFinishToken(BasicStreamReader.java:3615)
  at com.ctc.wstx.sr.BasicStreamReader.getText(BasicStreamReader.java:845)
  at oracle.j2ee.ws.saaj.util.ResettableXMLStreamReader.getText(ResettableXMLStreamReader.java:153)
  at oracle.j2ee.ws.saaj.soap.StaxHandler.staxParse(StaxHandler.java:124)
  at oracle.j2ee.ws.saaj.soap.StaxHandler.staxParse(StaxHandler.java:66)
  at oracle.j2ee.ws.saaj.soap.AbstractSOAPImplementation.getStaXParsedEnvelope(AbstractSOAPImplementation.java:207)
  at oracle.j2ee.ws.saaj.soap.AbstractSOAPImplementation.createEnvelope(AbstractSOAPImplementation.java:58)
  ... 35 more

  What I am doing wrong?

  Solved: required to set the correct content for the response type.

  response.setContentType("image/png");
  

• Workspace 2.1 - Incorrect transmitter in AuthnRequest of SAML.

  Hello

  I was wondering if anyone knows how I can fix this problem.

  After the initial Setup on the workspace 2.1, I get the following error when I access the page in the main workspace. I don't not even a chance to get prompt for the name of connection etc.

  Error
  

  Incorrect transmitter in AuthnRequest of SAML.

  
  

  I can get to the following URL fine

  https://workspacefqdn:8443

  
  

  I also have the Configurator device and fine Admin connector services page.
  

  When you run the command hostname on the console as root, it returns the name abbreviated as myhostname, or it returns the name of the complete domain like myhostname.mydomain? She is supposed to return myhostname.mydomain and not myhostname. If it returns myhostname, please change the host name to myhostname.mydomain by running yast.

• How to acquire a SAML token

  Hello

  We know how to acquire a SAML SSO API token by using the username/password VC name, but could not find a way to get these.

  Is it possible for the web client retrieve the username and password, so it can pass them on to the java function which will use them to get the token?

  Is there an alternative - to other data that the web client can get and could be used to get the token?

  Thank you

  Eitan

  samlTokenXml was added in 5.5 SDK.  It's the current version so I guess always is what people refer to unless otherwise stated.

  I'm sorry that I don't have a solution for 5.1.

• VMware View Horizon Workspace (credentials invalid SAML)

  I get this error for access to a desktop computer using Horizon Workspace...

  Failed to launch the desktop view. Please contact your administrator for help (credentials invalid SAML).

  You know the solution to this problem?  Thank you

  Connect to VC and check if all vms and notice Broker Vms VAPP they are invited with the host time synchronization.

  VM > Settings > Options > VMware Tools > synchronize the time of comments with the host.

  This should take care teenager derivatives.

• SAML 2.0 + ADF | Based on Frank Nimphius safety for everyone

  Hi all
  
  I took Frank Nimphius security for everyone and enabled to work with a Cluster of WLS + eDirectory LDAP. I was able to make it work on a pre-production (Cluster, HA, LBS, etc) environment.
  The way I did was:
  Configure the WLS to LDAP
  * Let JAAS to do the rest of the security
  * Follow the advice of Frank when I have the application was sent
  
  But now I need to implement single sing and Sign Out. on each ADF Applications that I will develop.
  To do this, I choose to SAML 2.0.
  Over the years I have another supplier is, I don't have to really worry about implementation of SSO, I just modify the WLS and "speaking with my new provider of security."
  
  I've worn to a point where I am able to set up a Standalone WLS + unit of Novell Access Manager 3.2 on my laptop and ran a Servelt demo that comes with Novell. This servlet must be able to read some statements.
  
  Now I'm stuck on two things:
  
  1. I am not able to configure application of Frank and make it work for SAML 2.0
  2. a RDM are need when WLS is clusted and SAML 2.0 want to be configured. I have no documentation of fürthen to configure WSL + ADF in order to be able to work according to the standards of SAML 2.0.
  
  If anyone of you has a few entries, I'll be very grateful.
  
  I can share my notes about how I configured Access Manager from Novell and do work the example provided by Novell.
  
  Thanks in advance,
  
  Hector.

  Check if this may help:
  http://Biemond.blogspot.com/2009/09/SSO-with-WebLogic-1031-and-Saml2.html

• Encrypt a SAML Assertion using toBase64

  I have a SAML assertion pretty generic I need to encrypt so I can pass it as a URL variable. The problem is when I use the toBase64 tag he adds the <? XML version = "1.0" encoding = "UTF-8"? > line up the encrypted string.

  That's what my code looks like:

  < CFSET MyDate = DateFormat (Now (), "yyyy-mm-dd") & TimeFormat (Now (), 'HH') & 't' & '.343Z' >

  < cfxml variable = "samlAssertionXML" >

  < samlp:AuthnRequest IssueInstant = "" #MyDate # "ID ="_kdls_testing_application_for_single_sign_on"Version ="2.0"xmlns:samlp =" urn: oasis: names: tc: SAML:2.0:protocol ">"

  < saml:Issuer SAML = "urn: oasis: names: tc: SAML:2.0:assertion" > https://localhost/SDE < / saml:Issuer >

  < samlp:NameIDPolicy AllowCreate = "true" / >

  < / samlp:AuthnRequest >

  < / cfxml >

  < CFSET MySML = toBase64 (toString (samlAssertionXML)) >

  
  

  When I decipher the MySML variable by using a debugger online this is what I get:

  <? XML version = "1.0" encoding = "UTF-8"? >

  < samlp:AuthnRequest IssueInstant = "" #MyDate # "ID ="_kdls_testing_application_for_single_sign_on"Version ="2.0"xmlns:samlp =" urn: oasis: names: tc: SAML:2.0:protocol ">"

  < saml:Issuer SAML = "urn: oasis: names: tc: SAML:2.0:assertion" > https://localhost/SDE < / saml:Issuer >

  < samlp:NameIDPolicy AllowCreate = "true" / >

  < / samlp:AuthnRequest >

  
  

  My question is how to encode my rope without getting this annoying XML header included?  Unfortunately the XML header confuses the ADFS server, I send my channel SAML to so it must go.  Any ideas?

  
  

  I suspect the CFXML tag automatically as to make it a valid XML code.  As you try to create an XML fragment, you have more luck with CFSAVECONTENT instead of CFXML.

  -Carl V.

• Exception: "could not validate SAML token.

  We have a configuration of rating system that we use to generate a PDF of Psalm we you connect through the EJB client and usually have had no problems. Until today. At some point today we started seeing some exceptions are thrown on the client:

  Caused by: com.adobe.idp.um.api.UMException | [com.adobe.idp.um.api.impl.AuthenticationManagerImpl] errorCode:16421 errorCodeHEX:0 x 4025 message: SAML - Assertion impossible to validate the token has expired and therefore not valid for user [administrator@DefaultDom]. Its valid until time [kill Feb 04 10:58:45 MST 2014] turns out to be before the current time [kill Feb 04 16:04:41 MST 2014]

  Bounce just the application server running the client code has solved the problem, but we would like to better understand what is happening and why. Nothing of what I can find in the docs seems to indicate the cause/solution and possible solutions have links which seem to no longer work: http://cookbooks.adobe.com/post_Renewing_the_context_to_handle_session_expiry-16410.html

  Any suggestions or insight would be greatly appreciated. Thank you!

  PROBLEM

  Using the same instance of ServiceClientFactory to call remote services exposed by the LiveCycle container can lead to

  exceptions related to the expiration of the assertion

  Solution

  To handle the timeout use the ThrowHandler mechanism provided by the ServiceClientFactory framework

  Detailed explanation

  LiveCycle provides a client sdk for java-based client call its services remotely.

  An invocation involves the creation of an instance of ServiceClientFactory setting user credentials in thefactory instance passes this factory to a customer of service or creating an InvocationRequest directly

  Use the client to perform the actual request.

  For more details, see Invoking

  LiveCycle ES using the Java API .

  An instance of ServiceClientFactory once created is valid for a certain

  period of time that is default 120 min., if the same instance is used to call beyond that period, while he leads to an exception indicating that

  the session has expired [com.adobe.idp.um.api.impl.AuthenticationManagerImpl]

  errorCode:16421 errorCodeHEX:0 x 4025 message: could not validate SAML

  Token - Assertion has expired and therefore not valid for the user

  [administrator@DefaultDom]. Its valid until time [Thu Oct 22

  17:07:53 IST

  2009] turns out to be before the current [Thu Oct

  [22 17:58:18 2009 IST]

  This isn't a problem if the ServiceClientFactory instance is used for a short time. However if you want to make a long

  the task as great conversion number of documents to PDF, applying the policies their etc., then it would be a problem.

  Session time-out

  Before fxing the question some info on what is session time-out.

  • When you use an instance of ServiceClientFactory to invoke service suite fow arrives
  • You set credentials in the properties and call the service
  • LiveCycle server side validates the credentials and issues a context. It's the kind of a ticket which can be reused later rather than the actual credentials.
  • After receiving the response from the server the ServiceClientFactory instance deletes its own copy of credentials and instead stores the context for calls more later on that this instance of context is passed instead of the credentials of the user
  • This fow everything is done to ensure that the credentials of the user are not sent for each remote call, thus improving security.

  For more information about the context, refer to

  Identity of the user in LiveCycle .

  Solution

  Fx this problem you need to re authenticate to LiveCycle and get the context new draw. the best way to do this is to use the ThrowHandler provided by the ServiceClientFactory framework

  Step 1 - create a Throwhandler

  ______________________________________________________________________ ______________________________________________

  /**

  * This ThrowHandler caches the credentials of the user and use them

  to update the framework in the

  * ServiceClientFactory to expiration.

  */

  private public static class SimpleTimeoutThrowHandler implements

  {ThrowHandler}

  private String username;

  private String password;

  public SimpleTimeoutThrowHandler (String username, String

  {password)

  me.username = username;

  This.password = password;

  }

  public boolean handleThrowable (Throwable t, ServiceClient

  SC,

  ServiceClientFactory EFC, MessageDispatcher md,

  IR InvocationRequest, int numTries) survey

  {DSCException}

  {if (timeoutError (t))}

  The call to AuthenticationManager does not require

  the authentication if the default properties

  are the people

  AuthenticationManager am =

  New

  AuthenticationManagerServiceClient (ServiceClientFactory.createInstance (getDefaultProperties()));

  AuthResult ar = null;

  try {}

  AR =

  AM. Authenticate (username, Password.GetBytes ());

  } catch (UMException e) {}

  throw new IllegalStateException (e);

  }

  Context ctx = new Context();

  ctx.initPrincipal (ar);

  Refresh the ServiceClientFactory instance with

  the new context

  scf.setContext (ctx);

  Logger.info ("refresh the related context

  ServiceCLientFactory");

  Now say CFS to try again, the invocation

  Returns true;

  }

  Check so that we do not again wrap the exception

  If (t instanceof DSCException)

  throw (DSCException) t;

  If (t instanceof RuntimeException)

  throw (RuntimeException) t;

  How is it possible to get that much?

  throw new IllegalStateException (t);

  }

  Private boolean timeoutError (Throwable t) {}

  If (!) () t.getCause () instanceof UMException)) {}

  Returns false;

  }

  UMException EU = t.getCause ((UMException));

  Check that UMException is due to the

  expiry of the assertion/context

  if(UMConstants.errorCodes.E_TOKEN_INVALID ==)

  {ue.getErrCode ()}

  Returns true;

  }

  Returns false;

  }

  }

  ______________________________________________________________________ __________________________________________

  This ThrowHandler would be invoked by the ServiceClientFactory to receipt of any exception. The manager would then determine if it's a timeout on the exception and then update the context associated with the instance of the factory and told him to retry the invocation.

  STEP - 2 record Manager

  ______________________________________________________________________ __________________________________________

  ServiceClientFactory.installThrowHandler (new

  SimpleTimeoutThrowHandler (username, password));

  ______________________________________________________________________ __________________________________________

  Note: the Manager should be listed only once in the application

  STEP 3 - make your invocation

  Following example would try to apply policies to all the fles present in a directory

  ______________________________________________________________________ __________________________________________

  Properties p = getDefaultProperties();

  p.setProperty (DSC_CREDENTIAL_USERNAME, username);

  p.setProperty (DSC_CREDENTIAL_PASSWORD, password);

  EFC ServiceClientFactory =

  ServiceClientFactory.createInstance (p);

  Now, to make a long running operation

  String inputDirName = "path-of-entry-dir";

  String outDirName = "path - to the-out-dir";

  String policyName = "the-policy-name ';

  Download the file = new File (inputDirName);

  Folder outDir = new queue (outDirName);

  RightsManagementClient rmClient = new

  RightsManagementClient (CFS);

  DocumentManager docManager = rmClient.getDocumentManager ();

  Iterate over all in the inDir pdf and apply the

  policies. If it takes a

  {for (file pdfFile: {inDir.listFiles ())}

  The inDoc document = new Document (pdfFile, false);

  Document securedDoc = docManager.applyPolicy (inDoc,

  pdfFile.getName (), policyName, null, null, null);

  securedDoc.copyToFile (new

  File (outDir, pdfFile.GetName ()));

  }

  ______________________________________________________________________ __________________________________________

  Now the invocation would end even if it takes a lot of time. If any session time-out occurs then our ThrowHandler would take care of it.

  Here's a sample:

  TimeOutSample.zip

• Handle HttpRequest and RESPONSE in the WSRP Portlets

  Hi all
  
  I have deployed an application ADF of fusion as a WSRP webcenter Portal portlet.
  In my portlet application code I want to perform certain manipulations (like open a file in the browser) file using the ADF table components.
  I used Http sevlet request and response but portlet throws a next exception.
  
  java.lang.ClassCastException: org.apache.myfaces.trinidadinternal.config.dispatch.DispatchResourceResponse cannot be cast to javax.servlet.http.HttpServletResponse
  
  Anyone has an idea on how to handle the http request and response in the WSRP portlets.

  Hello

  Portlets use HttpServletRequest and HttpServletResponse.

  Use instead of them: PortletRequest & PortletResponse

  Kind regards.

• OSB: Change of the SAML Assertions

  Hello
  
  I looked up the configuration that changes the default time to live headers SAML generated in OSB.
  
  I found that to change the name of the SAML sender, it is made by the oracle/wss10_saml20_token_client_policy in Enterprise Manager by changing the following:
  
  Property set: standard-security-properties
  Name: saml.issuer.name
  Value: www.oracle.com (change)
  
  I thought that there is also a set of properties that change SAML TTL. Found this document but no mention on the configuration of TTL
  
  http://docs.Oracle.com/CD/E28271_01/Web.1111/b32511/assertion_schema.htm#CHDEBGGF
  
  Pass, has concluded that it can be configured in the Mapping SAML Credential Provider. Ironically, I checked the WLS console and there was just no SAML Credential Provider mapping not created in the weblogic server as shown below.
  
  http://docs.Oracle.com/CD/E12840_01/WLS/docs103/secmanage/providers.html#SAML_cred
  
  I suspect it is configured elsewhere, but I could not find. Could someone please throw some lights?
  
  Here is the SAML sample header that I generated. The part that I would change is part TTL (NotOnOrAfter). Currently set by default at 5 minutes.
  
  < soapenv:Header >
  < soapenv:mustUnderstand wsse: Security = "1" xmlns:wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" >
  < saml:Assertion Version = "2.0" ID = "SAML-Kr4iE8Cl6zzQKsiEjF64Hg22" IssueInstant = "2012-06 - 07 T 12: 01:02Z ' SAML =" urn: oasis: names: tc: SAML:2.0:assertion ">" "
  < saml:Issuer > www.oracle.com < / saml:Issuer >
  < saml:Subject >
  < saml:NameID Format = "urn: oasis: names: tc: SAML:1.1:nameid - format: unspecified" > CBA < / saml:NameID >
  < saml:SubjectConfirmation method = "urn: oasis: names: tc: SAML:2.0:cm:sender - vouches" / >
  < / saml:Subject >
  < saml:Conditions = NotBefore "" 2012-06 - 07 T 12: 01:02Z ' NotOnOrAfter = "2012-06 - 07 T 12: 06:02Z" / > "
  < saml:AuthnStatement AuthnInstant = "2012-06 - 07 T 12: 01:02Z" >
  < saml:AuthnContext >
  < saml:AuthnContextClassRef >
  urn: oasis: names: tc: SAML:2.0:ac:classes:Password
  < / saml:AuthnContextClassRef >
  < / saml:AuthnContext >
  < / saml:AuthnStatement >
  < / saml:Assertion >
  < / wsse: Security >
  < / soapenv:Header >
  
  Thank you.

  I think that he is setting "agent.expire.time".

  Look here:
  http://docs.Oracle.com/CD/E14571_01/Web.1111/b32511/managing.htm#BABHIFDD

  Published by: AigarsP on June 8, 2012 02:01

• Free Samles of icons DPS?

  Most of the magazines created by using tool DPS have a certain amount of icons to use the guide and navigation.

  Find free samles of icons for this?

  Nina storm

  Nina,

  There are tons of free icons on the web. Just search around them.

  Bob

• WebLogic Portal, coherence * Web, WSRP, Remote Portlets

  WebLogic Portal 10.3.2
  Coherence * Web 3.6.1
  
  Hi all
  Integrate the coherence * Web 3.6.1 with Weblogic Portal 10.3.2.
  After all goes through various documents and with much more able to integrate these two products.
  EAR Scoped (Coherence.jar in APP-INF/LIB), the shared library of coherence-web-spi, a reference library of coherence-web-spi at WAR - Weblogic.xml
  Change Management HttpSession Coherence * Web Session management
  
  Development of WSRP
  Created WEB producer, .portlet Hello World created and exposed throguh Web Services
  Created the consumer WAR, created for portlet remote to access the "Hello World" portlet producer
  
  When accessing remote portlet, I am getting following error:
  
  The source of this error is:
  java.lang.IllegalArgumentException: session for the name 'com.bea.wsrp.userContext' attribute does not implement serializable; class:
  Class Com.bea.wsrp.bind.markup.UserContextImpl (ClassLoader class = java .net .URLClassLoader, hashCode = 12898381)
  Interface com.bea.wsrp.model.markup.IUserContext (ClassLoader class = java .net .URLClassLoader, hashCode = 12898381)
  Interface com.bea.wsrp.model.INillable (ClassLoader class = java .net .URLClassLoader, hashCode = 12898381)
  Interface com.bea.wsrp.bind.IMarshallable (ClassLoader class = java .net .URLClassLoader, hashCode = 12898381)
  The class java.lang.Object (System ClassLoader)
  at com.tangosol.coherence.servlet.AbstractHttpSessionModel.setAttribute(AbstractHttpSessionModel.java:309)
  at com.tangosol.coherence.servlet.api23.HttpSessionImpl.setAttribute(HttpSessionImpl.java:407)
  to weblogic.servlet.internal.session.CoherenceWebSessionData$ HttpSessionImpl.setAttribute (CoherenceWebSessionData.java:465)
  at weblogic.servlet.internal.session.CoherenceWebSessionData.setAttribute(CoherenceWebSessionData.java:358)
  at com.bea.wsrp.producer.handlers.ProfileFilter.doFilter(ProfileFilter.java:96)
  at com.bea.wsrp.producer.handlers.AbstractServiceHandler.preprocess(AbstractServiceHandler.java:103)
  at com.bea.wsrp.producer.handlers.AbstractServiceHandler.service(AbstractServiceHandler.java:63)
  at com.bea.wsrp.producer.container.ProducerEndPoint.processNow(ProducerEndPoint.java:333)
  at com.bea.wsrp.producer.wsee.ProducerEntryPoint.handleResponse(ProducerEntryPoint.java:90)
  at weblogic.wsee.handler.HandlerIterator.handleResponse(HandlerIterator.java:287)
  at weblogic.wsee.handler.HandlerIterator.handleResponse(HandlerIterator.java:271)
  at weblogic.wsee.ws.dispatch.server.ServerDispatcher.callHandleResponse(ServerDispatcher.java:341)
  at weblogic.wsee.ws.dispatch.server.ServerDispatcher.dispatch(ServerDispatcher.java:189)
  at weblogic.wsee.ws.WsSkel.invoke(WsSkel.java:80)
  at weblogic.wsee.server.servlet.SoapProcessor.handlePost(SoapProcessor.java:66)
  at weblogic.wsee.server.servlet.SoapProcessor.process(SoapProcessor.java:44)
  to weblogic.wsee.server.servlet.BaseWSServlet$ AuthorizedInvoke.run (BaseWSServlet.java:285)
  at weblogic.wsee.server.servlet.BaseWSServlet.service(BaseWSServlet.java:169)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
  to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at com.bea.content.manager.servlets.ContentServletFilter.doFilter(ContentServletFilter.java:178)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at com.bea.p13n.servlets.PortalServletFilter.doFilter(PortalServletFilter.java:336)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at com.bea.wsrp.producer.WsrpLocalProxyFilter.doFilter(WsrpLocalProxyFilter.java:72)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.run (WebAppServletContext.java:3592)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2202)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2108)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1432)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  
  Is there a problem with the Configuration or something else... ?
  
  Your help is greatly appreciated... ?
  
  Thank you
  
  Ravi

  The portal app tries to put a session attribute not serializable in a coherence * Web http session, which is not allowed by default. Add the following configuration to the web.xml file in your WAR file:

  
  consistency-preserve-attributes
  true
  
  
  consistency-distributioncontroller-class
  com.tangosol.coherence.servlet.AbstractHttpSessionCollection$ HybridController
  

  This will allow the attributes not serializable to be stored in the local http sessions. These attributes them will not be distributed on the cluster.