adding jasig CAS authentication for OBIEE (Oracle Business Inteligence)11g - authentication

I'm trying to add CAS as an authentication provider for OBIEE 11g.
up until now I've added the cas-client-core-3.2.1.jar jar to
$MW_HOME/wlserver_10.3/server/lib/consoleapp/webapp/WEB-INF/lib/
and configure
$MW_HOME/wlserver_10.3/server/lib/consoleapp/webapp/WEB-INF/web.xml
with the the flowing elements:
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://192.168.0.117:8000/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://192.168.0.170</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://192.168.0.117:8000/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://192.168.0.170</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
this only applies to the WL console and not OBIEE application.
I'm redirected to the cas login however afterwords i'm still required to enter a console password, and the effective user will be the one from CAS.
any idea how to deploy CAS for the OBIEE application?
Thanks,
Shay

OK solved it,
had to unpack the analytics.ear file and from in it unpack the analytics.war
add the cas core jar to WEB-INF/lib
and add the XML from above to WEB-INF/web.xml
repack analytics.war, repack analytics.ear
restart weblogic.
in the EM->coreapplication->security enable SSO select generic SSO and set the login and logout urls
Note: we had an initialization block,that would fail if the user/password wouldn't authenticate, that had to be altered.

Related

Apache-Tomcat Servlet-mapping through url-pattern fails (404-Error)

I have a problem with Apache-Tomcat Servlet-mapping through url-pattern.
It has been working just fine till last year.
Very recently I tried to login and all of sudden 404 Not Found error showed up.
I still see all other pages fine. I don't know what has changed on server-side because I am borrowing a linux-server from vultr.
Since I haven't touched anything in my coding and everything looks fine to me, I have no clue.
It seems easy to solve for experts. Can anyone help me with this?
- Error Message
Not Found
The requested URL /login.do was not found on this server.
Apache/2.4.12 (Ubuntu) Server at xx.xx.xx.xx Port 80
Here xx is the ip address of my server
- tomcat/conf/server.xml
...
<Context path="" docBase="/.../tomcat/webapps/.../WebContent" reloadable="true"></Context>
...
- tomcat/conf/web.xml
...
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
...
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
...
- myapp/WEB-INF/web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>myapp</display-name>
...
<servlet>
<servlet-name>URIController</servlet-name>
<servlet-class>myapp.mvc.control.URIController</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>
/WEB-INF/commandHandler.properties
</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>URIController</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
...
- myapp/WEB-INF/commandHandler.properties
/login.do=myapp.mvc.command.Login
When I try to login, it says "The requested URL /login.do was not found on this server."
It has been working fine like this: when hitting "login" button, it passes the content in commandHandler.properties to the control class (myapp.mvc.control.URIController) and this class get the name of the login class (myapp.mvc.command.Login) in order to dispatch the request to the login class.
If this problem has something to do with Apache, I have no idea (no idea even what to show here) because it was done by a paid expert like 5 years ago.
Thanks a lot in advance !!
That is an httpd error message, not an Apache Tomcat one. It looks like something (can't tell what from the information provided) has broken the reverse proxy from httpd to Tomcat. You need to talk to whoever set up the reverse proxy for you.

Register Wicket application in Weblogic 11g and OIM

I'm using WebLogic 11g server, OIM (Oracle identity Manager), and I created a new web application on Wicket 6 as a module. When I execute my application in WebLogic server http://192.168.112.31:7001/WicketReport I receive a 403 Error.
My web.xml file is:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<display-name>Wicket Web Application</display-name>
<filter>
<filter-name>Application</filter-name>
<filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class>
<init-param>
<param-name>applicationClassName</param-name>
<param-value>kz.ecc.wicketreport.pages.Application</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Application</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file/>
</welcome-file-list>
</web-app>
I couldn't find any tutorial or instructions that describe how to do this. Please show me what I need to do or some steps to achieve it.
UPDATE
I tried to add:
<login-config>
<auth-method>CLIENT-CERT,BASIC</auth-method>
<realm-name>myRealm</realm-name>
</login-config>
after </welcome-file-list> in my web.xml but I still receive the 403 Error.

SSI include Couldn't get context for path

I can't get ssi to work on Tomcat 5.5.27.
using standard ssi configuration and getting this in log
SEVERE: #include--Couldn't include file: /file/hi.html
java.io.IOException: Couldn't get context for path: /file/hi.html
I don't know what is the context.
Thanks for help
configuration
<servlet>
<servlet-name>ssi</servlet-name>
<servlet-class>
org.apache.catalina.ssi.SSIServlet
</servlet-class>
<init-param>
<param-name>buffered</param-name>
<param-value>1</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>1</param-value>
</init-param>
<init-param>
<param-name>expires</param-name>
<param-value>666</param-value>
</init-param>
<init-param>
<param-name>inputEncoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>outputEncoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>isVirtualWebappRelative</param-name>
<param-value>0</param-value>
</init-param>
<load-on-startup>4</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>ssi</servlet-name>
<url-pattern>*.shtml</url-pattern>
</servlet-mapping>
First of all, Tomcat 5.5 has not been supported by the ASF since 30 September 2012. You really need to upgrade. Further 5.5.27 was released in 2008 and there have been a lot of bug fixes and security fixes since then. More good reasons to upgrade.
With the minimal information you have provided (no details on how your app is deployed, no snippet showing the source that triggers this error) it looks like you are trying to do includes relative to the root of the web application without configuring the SSI servlet for that. Setting isVirtualWebappRelative to 1 should do the trick.

Jetty removes Content-Encoding: gzip header

I'm using Jetty 6.1 together with PJL Compressing Filter.
Jetty removes the following header from the response:
Content-Encoding: gzip
This causes that most browsers cannot display the page anymore and show something like this:
Error 330 (net::ERR_CONTENT_DECODING_FAILED)
The Problem does not occur when I deploy my application on Tomcat 6.0. Also, if I disable the PJL Compressing Filter, the application works.
What can I do that Jetty leaves the header in the response?
make it sure you're using the last available jetty version.
It does work with this configuration for me:
<filter>
<filter-name>GzipFilter</filter-name>
<filter-class>org.eclipse.jetty.servlets.GzipFilter</filter-class>
<init-param>
<param-name>mimeTypes</param-name>
<param-value>text/html,text/plain,text/xml,application/xhtml+xml,text/css,application/javascript,application/json,image/svg+xml</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>GzipFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

How to configure tomcat's web.xml with my Front Controller

I've written a simple Front Controller for my Java EE application. This controller intercepts all the urls to redirect them to the corresponding method in the right class.
A typical url looks like this: http://domain.tld/appName/Controller/method
I'm facing 3 issues with tomcat at the moment:
If I try to access to my base url, http://domain.tld/appName/ (with or without the ending slash), my front controller isn't called and I've got a 404.
If I try to access to an url like this: domain.tld/appName/Controller/method/ (remark the ending slash) same thing than point number 1. But without the ending slash it works fine.
Finally, since all my requests are routing to my front controller I have to define all the static file to be served to the default servlet, in my web.xml. A less contraining and ugly solution would be nice.
Here is my web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<servlet>
<servlet-name>FrontController</servlet-name>
<servlet-class>controllers.FrontController</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>FrontController</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.jpg</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.png</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.css</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.js</url-pattern>
</servlet-mapping>
</web-app>
Add this to your web.xml file, before the first servlet:
<welcome-file-list>
<welcome-file>FrontController</welcome-file>
</welcome-file-list>
As said in comment, my FrontController was kinda ugly.
Rewriting it properly did the trick with the same web.xml.