Announcement

Collapse
No announcement yet.

OTM Single Sign on

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OTM Single Sign on

    Hi Chris,

    How do we go about implementing SSO with Oracle Transportation Management?
    We were auccessfull implementing the same on e-biz suite (SSO,OID,AD) on test phase and now we what OTM to be apart of this integration. Can you please through light on this?

    1)what would be the best strategy to go?


    Regards
    Sandeep kiran

  • #2
    Re: OTM Single Sign on

    Sandeep,

    OTM supports SSO out of the box, and I recommend reading the "Enabling Single Sign On (SSO) Support" section of the OTM Admin Guide. Basically, after enabling OTM's SSO, it will look for a user ID within the HTTP header or URL, provided by a variable that you define. When this is present and populated, that user is automatically logged into OTM without password verification, effectively bypassing the login screen. This does require a custom element for each OTM user in your SSO solution's LDAP repository, though, which maps their SSO user ID to an OTM-specific user ID.

    Here's a post which provides some relevant data: http://www.otmfaq.com/forums/f25/otm-ldap-oid-952/
    I've head that OTM will natively support the Oracle Identity Manager in a later version, don't know when it will be available.

    I hope this helps!

    --Chris

    Comment


    • #3
      Re: OTM Single Sign on

      HI Chris,

      I'm now working on implementing OTM SSO for one of our client.
      I found your solution in the thread, which was very much helpful.
      But the user needs to login to OTM directly from browser and also needs SSO feature.
      Is there any possible solution for that?

      Thanks,
      Sarath.

      Comment


      • #4
        Re: OTM Single Sign on

        Sarath,

        If the user ID isn't passed into OTM via SSO, then the user will be prompted to login manually. So, they just need to setup SSO to not pass an OTM userID for the users that should login via the browser.

        --Chris

        Comment


        • #5
          Re: OTM Single Sign on

          Hello Chris,

          Need your help regarding SSO functionality enabling in OTM6.2.8, I have configured the following LDAP parameters in glog.properities file located in OTM Web Server.

          # web URL prefix - should be blank unless web server is behind a reverse-proxy server
          glog.webserver.urlprefix=
          # web server URL (may differ from server name)
          glog.webserver.URL=http://servername:80$glog.webserver.urlprefix$

          glog.security.sso=true
          glog.security.sso.appUidName=appuid
          glog.security.sso.logoutButton=true
          glog.security.sso.appUidLocation=1
          glog.webserver.initial_page=$glog.webserver.urlpre fix$$glog.webserver.context$glog.webserver.util.Fr ameGC3Servlet

          # LDAP settings for namespace: localAuth

          ldap.searchOrder=GC3,localAuth

          ldap.namespace.name=localAuth
          ldap.namespace.localAuth.authProtocol=simple
          ldap.namespace.localAuth.ldapUrl=ladp://12345.xyz.com:389
          ldap.namespace.localAuth.ctxFactory=com.sun.jndi.l dap.LdapCtxFactory
          ldap.namespace.localAuth.version=3
          ldap.namespace.localAuth.principal=cn=GLog User, o=Glog, c=US
          ldap.namespace.localAuth.credential=secret
          ldap.namespace.localAuth.userDN=ou=OU,dc=xyz,dc=co m
          ldap.namespace.localAuth.userNameAttribute=uid
          ldap.namespace.localAuth.glUserAttribute=gluser
          ldap.namespace.localAuth.userAuthentication=local
          ldap.namespace.localAuth.credentialAttribute=passw ord

          With the above settings I am able to login thru by passing appuid in the OTM URL, however when I am trying to login thru OTM Login Screen, it is throwing an error "Invalid redirect Parameter".

          1) Does this require reverse-proxy settings?
          2) To enable reverse-proxy, the client needs to do any setting at their network end?

          Your hep is highly appreciated. Many thanks in advance.

          Regards
          Chari

          Comment

          Working...
          X