Home » Fusion Middleware & Colab Suite » Weblogic & Application Server » How to secure password entry during SSO authentication (Oracle Application Server 10g (10.1.2))
How to secure password entry during SSO authentication [message #398522] Thu, 16 April 2009 09:15 Go to next message
naglaa_amer
Messages: 2
Registered: April 2009
Junior Member
Dear All,

I have successfully installed Oracle Application Server 10g (10.1.2), and deployed a form on it,
users call the form and are authenticated by username/password using SSO.

What I need to do is to secure their password, that is to say use https (only during SSO), and then when they are authenticated and the form is called I need the server to go back to http.

I see this behaviour in many sites (including oracle site), the site uses http, then when users are prompted for their username/password the protocal is https, then afterwards the site switches back to http.

Anyone knows how can this be accomplished ?

Please help,

I am totally lost in the documentation of the HTTP server, SSO and OID.

Thanks in advance

Re: How to secure password entry during SSO authentication [message #400107 is a reply to message #398522] Sun, 26 April 2009 04:11 Go to previous message
naglaa_amer
Messages: 2
Registered: April 2009
Junior Member
I have read the SSO admin guide, and performed the steps for enabling SSL on the SSO, and followed the steps to configure mod_osso with virtual host on port 4443 as mentioned in the admin guide.

The case now is that when I call my form (which is developed by forms developer suite 10g and deployed on the forms server which is SSO enabled) , it calls the SSO module on port 7777 using http (the default behaviour).
on a URL that looks like this :

http://myhostname:7777/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......

and gives the error :

----------------------------------------------------------------
( Forbidden
You don't have permisission to access /sso/auth on this server at port 7777)

----------------------------------------------------------------

when I manually change the URL to :

https://myhostname:4443/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......

the SSO works correctly.
-----------------------------------------------------------------
The question is :
How can I change this default behaviour and make it call SSO on port 4443 using https instead ?

----------------------------------------------------------------

Any ideas ?
Thanks in advance
Previous Topic: where can i get a 64-bit weblogic 10
Next Topic: How to run the forms in vista ?
Goto Forum:
  


Current Time: Fri Mar 29 06:12:10 CDT 2024