Configure SSO(single sign-on) with Apex
By Pankaj on Aug 30, 2007
I am loving the experience with Apex , we plan to have couple of new application using APEX , for that i neeed to configure SSO with apex .
It can be done in 3 steps :
- Creating partner app
- Installing sdk (You need to get sso sdk from midtier)
- Configuring apex for sso(You need to login a zip file from here)
HOME URL : http: // apex_server_name/pls/apex
Success URL : http: // apex_server_name/pls/apex/wwv_flow_custom_auth_sso.process_success
Log Out URL : http: // apex_server_name/pls/apex/apex
Note : not covering the actual creation process , pls look at "Creating Partner App in AS admin guide"
For Step 2:
First unlock the flows schema according to the apex version you have .
SQL> alter user flows_030100 account unlock; (If your Apex version is 188.8.131.52.0 change acccordingly)
Now you need to copy sso sdk from the midtier , Login to Middle tier $ORACLE_HOME/sso/lib
copy ssosdk902.zip , unzip it . It creates some sql scripts & packages .
Login to db as user flows_030100 & run loadsdk.sql
SQL>@loadsdk.sql (Make sure you are executing under flows_XXXX)
Above will load the sso schema into flows account.
For Step 3:
Now we need to wire sso & apex schema(flows_xx)
It will prompt you for
Enter value for listener_token: HTML_DB:Hostname:7777
Enter value for site_id: enter_value_returned_while_registering_sso
Enter value for site_token: enter_value_returned_while_registering_sso
Enter value for login_url: http: // apex_url_here/pls/orasso/orasso.wwsso_app_admin.ls_login
Enter value for encryption_key: enter_value_returned_while_registering_sso
Enter value for ip_check: N
These above value you will get from Registring as partner app in step 1
Now configure authentication packages under flows_XXX schema
You need to login a zip file from here:
Unzip & get 2 files , execute as below
Finally you should lock flows_XXXX schema & grant execute permission to public user
SQL> alter user flows_020200 account unlock;
SQL> grant execute on wwv_flow_custom_auth_sso to APEX_PUBLIC_USER;
All set , once you use the authentication schema as sso , you can see the login page .