Re: Apex SSO
Hello there, My two cents: we have ORDS 20 over tomcat 9.0.41 authenticating against keycloak IdP, however using SAML [1]. In tomcat we have the keycloak connector [2] and for the APEX integration I developed a simple valve [3] that injects a header with the username. This header is used by the APEX application for authenticating the user. A new Authentication Scheme based on that header is needed. Hope it helps, Luis ps: thanks for the blog entry Peter, I was not aware that APEX 21.1 comes with an OpenIDConnect authentication scheme, very nice stuff! [1] https://www.keycloak.org/ [2] https://www.keycloak.org/docs/latest/securing_apps/index.html#_saml-tomcat-adapter [3] https://github.com/cerndb/tomcat-sso-integration-components/blob/master/cern-tomcat-authentication-kit/src/main/java/ch/cern/sso/tomcat/valves/SsoHeadersValve.java El vie, 25 mar 2022 a las 16:08, rupali singh () escribió: > hi team, > > the reason im asking is we have document for apex and idcs integration > > https://www.ateam-oracle.com/post/integrating-sso-between-apex-cloud-and-identity-cloud-service-the-easy-way > > i did all the setup as per document but now the issue is apex is not > redirecting to idcs url and giving below error.when we are trying to access > the application URL. > In tomcat logs there is no trace of IDCS discover URL and oracle denying > from support coz we are using tomcat which is not supported by oracle. > > Hence trying to understand if there is anything we need on tomcat and why > apex is not redirecting to idcs url > we are not using any proxy for tomcat > > apex error : > > [image: image.png] > > On Fri, 25 Mar 2022 at 18:42, Peter Chiu wrote: > >> Hi Chris, >> >> To implement APEX SSO, that requires NO change to tomcat. That is why I >> tried not to post here. >> >> Here is the blog for starters. https://fuzziebrain.com/content/id/1908/ >> >> If tomcat is behind a proxy (apache or nginx), we might need to change a >> setting in server.xml to return the real hostname. >> >> Hope this helps. >> >> On Fri, Mar 25, 2022 at 8:54 AM Christopher Schultz < >> ch...@christopherschultz.net> wrote: >> >> > Peter, >> > >> > On 3/24/22 14:54, Peter Chiu wrote: >> > > I will email you directly. For the group knowledge, there is nothing >> > > special you need to do on Tomcat if it is not behind a proxy. >> > >> > Please post to the mailing list. It's not at all clear to me how you'd >> > get Oracle APEX to deliver authentication information to Tomcat. >> > >> > Presumably, that's what Rupali is trying to accomplish and it would be >> > helpful for the whole community to post back. >> > >> > -chris >> > >> > > On Thu, Mar 24, 2022 at 1:51 PM rupali singh < >> rupali.r.si...@gmail.com> >> > > wrote: >> > > >> > >> Hi Peter, >> > >> >> > >> Are u using apache web server with tomcat or its only tomcat . >> > >> if possible can you please share steps for azure AD with me on >> > >> rupali.r.si...@gmail.com >> > >> >> > >> >> > >> >> > >> On Thu, 24 Mar 2022 at 21:21, Peter Chiu wrote: >> > >> >> > >>> I have a working APEX SSO against Azure AD or On-Permise AD. >> > >>> >> > >>> On Thu, Mar 24, 2022 at 1:13 PM rupali singh < >> rupali.r.si...@gmail.com >> > > >> > >>> wrote: >> > >>> >> > HI Team, >> > >> > We are using apex 21.1 with tomcat 9.54. >> > we want to implement SSO for application deployed in Apex with >> IDCS >> > reference URL : >> > >> > >> > >>> >> > >> >> > >> https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service >> > >> > but apex is not at all redirecting to IDCS URL and as per Oracle >> issue >> > >> is >> > with tomcat . >> > >> > anyone successfully implemented APEX SSO( webserver : apache >> tomcat) >> > >>> with >> > Oracle IDCS >> > or APEX SSO( webserver : apache tomcat) with Microsoft Azure AD. >> > can you please assist us with steps. >> > >> > -- >> > Thanks and Regards, >> > Rupali >> > >> > >>> >> > >> >> > >> >> > >> -- >> > >> Thanks and Regards, >> > >> Rupali >> > >> >> > > >> > >> > - >> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> > For additional commands, e-mail: users-h...@tomcat.apache.org >> > >> > >> > > > -- > Thanks and Regards, > Rupali > -- "Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better." - Samuel Beckett
Re: Apex SSO
hi team, the reason im asking is we have document for apex and idcs integration https://www.ateam-oracle.com/post/integrating-sso-between-apex-cloud-and-identity-cloud-service-the-easy-way i did all the setup as per document but now the issue is apex is not redirecting to idcs url and giving below error.when we are trying to access the application URL. In tomcat logs there is no trace of IDCS discover URL and oracle denying from support coz we are using tomcat which is not supported by oracle. Hence trying to understand if there is anything we need on tomcat and why apex is not redirecting to idcs url we are not using any proxy for tomcat apex error : [image: image.png] On Fri, 25 Mar 2022 at 18:42, Peter Chiu wrote: > Hi Chris, > > To implement APEX SSO, that requires NO change to tomcat. That is why I > tried not to post here. > > Here is the blog for starters. https://fuzziebrain.com/content/id/1908/ > > If tomcat is behind a proxy (apache or nginx), we might need to change a > setting in server.xml to return the real hostname. > > Hope this helps. > > On Fri, Mar 25, 2022 at 8:54 AM Christopher Schultz < > ch...@christopherschultz.net> wrote: > > > Peter, > > > > On 3/24/22 14:54, Peter Chiu wrote: > > > I will email you directly. For the group knowledge, there is nothing > > > special you need to do on Tomcat if it is not behind a proxy. > > > > Please post to the mailing list. It's not at all clear to me how you'd > > get Oracle APEX to deliver authentication information to Tomcat. > > > > Presumably, that's what Rupali is trying to accomplish and it would be > > helpful for the whole community to post back. > > > > -chris > > > > > On Thu, Mar 24, 2022 at 1:51 PM rupali singh > > > > wrote: > > > > > >> Hi Peter, > > >> > > >> Are u using apache web server with tomcat or its only tomcat . > > >> if possible can you please share steps for azure AD with me on > > >> rupali.r.si...@gmail.com > > >> > > >> > > >> > > >> On Thu, 24 Mar 2022 at 21:21, Peter Chiu wrote: > > >> > > >>> I have a working APEX SSO against Azure AD or On-Permise AD. > > >>> > > >>> On Thu, Mar 24, 2022 at 1:13 PM rupali singh < > rupali.r.si...@gmail.com > > > > > >>> wrote: > > >>> > > HI Team, > > > > We are using apex 21.1 with tomcat 9.54. > > we want to implement SSO for application deployed in Apex with IDCS > > reference URL : > > > > > > >>> > > >> > > > https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service > > > > but apex is not at all redirecting to IDCS URL and as per Oracle > issue > > >> is > > with tomcat . > > > > anyone successfully implemented APEX SSO( webserver : apache tomcat) > > >>> with > > Oracle IDCS > > or APEX SSO( webserver : apache tomcat) with Microsoft Azure AD. > > can you please assist us with steps. > > > > -- > > Thanks and Regards, > > Rupali > > > > >>> > > >> > > >> > > >> -- > > >> Thanks and Regards, > > >> Rupali > > >> > > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > -- Thanks and Regards, Rupali
Re: Apex SSO
Hi Chris, To implement APEX SSO, that requires NO change to tomcat. That is why I tried not to post here. Here is the blog for starters. https://fuzziebrain.com/content/id/1908/ If tomcat is behind a proxy (apache or nginx), we might need to change a setting in server.xml to return the real hostname. Hope this helps. On Fri, Mar 25, 2022 at 8:54 AM Christopher Schultz < ch...@christopherschultz.net> wrote: > Peter, > > On 3/24/22 14:54, Peter Chiu wrote: > > I will email you directly. For the group knowledge, there is nothing > > special you need to do on Tomcat if it is not behind a proxy. > > Please post to the mailing list. It's not at all clear to me how you'd > get Oracle APEX to deliver authentication information to Tomcat. > > Presumably, that's what Rupali is trying to accomplish and it would be > helpful for the whole community to post back. > > -chris > > > On Thu, Mar 24, 2022 at 1:51 PM rupali singh > > wrote: > > > >> Hi Peter, > >> > >> Are u using apache web server with tomcat or its only tomcat . > >> if possible can you please share steps for azure AD with me on > >> rupali.r.si...@gmail.com > >> > >> > >> > >> On Thu, 24 Mar 2022 at 21:21, Peter Chiu wrote: > >> > >>> I have a working APEX SSO against Azure AD or On-Permise AD. > >>> > >>> On Thu, Mar 24, 2022 at 1:13 PM rupali singh > > >>> wrote: > >>> > HI Team, > > We are using apex 21.1 with tomcat 9.54. > we want to implement SSO for application deployed in Apex with IDCS > reference URL : > > > >>> > >> > https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service > > but apex is not at all redirecting to IDCS URL and as per Oracle issue > >> is > with tomcat . > > anyone successfully implemented APEX SSO( webserver : apache tomcat) > >>> with > Oracle IDCS > or APEX SSO( webserver : apache tomcat) with Microsoft Azure AD. > can you please assist us with steps. > > -- > Thanks and Regards, > Rupali > > >>> > >> > >> > >> -- > >> Thanks and Regards, > >> Rupali > >> > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Apex SSO
Peter, On 3/24/22 14:54, Peter Chiu wrote: I will email you directly. For the group knowledge, there is nothing special you need to do on Tomcat if it is not behind a proxy. Please post to the mailing list. It's not at all clear to me how you'd get Oracle APEX to deliver authentication information to Tomcat. Presumably, that's what Rupali is trying to accomplish and it would be helpful for the whole community to post back. -chris On Thu, Mar 24, 2022 at 1:51 PM rupali singh wrote: Hi Peter, Are u using apache web server with tomcat or its only tomcat . if possible can you please share steps for azure AD with me on rupali.r.si...@gmail.com On Thu, 24 Mar 2022 at 21:21, Peter Chiu wrote: I have a working APEX SSO against Azure AD or On-Permise AD. On Thu, Mar 24, 2022 at 1:13 PM rupali singh wrote: HI Team, We are using apex 21.1 with tomcat 9.54. we want to implement SSO for application deployed in Apex with IDCS reference URL : https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service but apex is not at all redirecting to IDCS URL and as per Oracle issue is with tomcat . anyone successfully implemented APEX SSO( webserver : apache tomcat) with Oracle IDCS or APEX SSO( webserver : apache tomcat) with Microsoft Azure AD. can you please assist us with steps. -- Thanks and Regards, Rupali -- Thanks and Regards, Rupali - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Apex SSO
Hello Everyone, In apex under authentication scheme we are using social sign in and provided discover url, now when we are trying to login into apex its not redirecting to discover url (oracle idcs url) Is their is any setup we need to do on tomcat? In tomcat access logs i dont see oracle idcs url at all. On Thu, Mar 24, 2022, 10:42 PM rupali singh wrote: > HI Team, > > We are using apex 21.1 with tomcat 9.54. > we want to implement SSO for application deployed in Apex with IDCS > reference URL : > https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service > > but apex is not at all redirecting to IDCS URL and as per Oracle issue is > with tomcat . > > anyone successfully implemented APEX SSO( webserver : apache tomcat) with > Oracle IDCS > or APEX SSO( webserver : apache tomcat) with Microsoft Azure AD. > can you please assist us with steps. > > -- > Thanks and Regards, > Rupali >
Re: Apex SSO
I will email you directly. For the group knowledge, there is nothing special you need to do on Tomcat if it is not behind a proxy. On Thu, Mar 24, 2022 at 1:51 PM rupali singh wrote: > Hi Peter, > > Are u using apache web server with tomcat or its only tomcat . > if possible can you please share steps for azure AD with me on > rupali.r.si...@gmail.com > > > > On Thu, 24 Mar 2022 at 21:21, Peter Chiu wrote: > > > I have a working APEX SSO against Azure AD or On-Permise AD. > > > > On Thu, Mar 24, 2022 at 1:13 PM rupali singh > > wrote: > > > > > HI Team, > > > > > > We are using apex 21.1 with tomcat 9.54. > > > we want to implement SSO for application deployed in Apex with IDCS > > > reference URL : > > > > > > > > > https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service > > > > > > but apex is not at all redirecting to IDCS URL and as per Oracle issue > is > > > with tomcat . > > > > > > anyone successfully implemented APEX SSO( webserver : apache tomcat) > > with > > > Oracle IDCS > > > or APEX SSO( webserver : apache tomcat) with Microsoft Azure AD. > > > can you please assist us with steps. > > > > > > -- > > > Thanks and Regards, > > > Rupali > > > > > > > > -- > Thanks and Regards, > Rupali >
Re: Apex SSO
Hi Peter, Are u using apache web server with tomcat or its only tomcat . if possible can you please share steps for azure AD with me on rupali.r.si...@gmail.com On Thu, 24 Mar 2022 at 21:21, Peter Chiu wrote: > I have a working APEX SSO against Azure AD or On-Permise AD. > > On Thu, Mar 24, 2022 at 1:13 PM rupali singh > wrote: > > > HI Team, > > > > We are using apex 21.1 with tomcat 9.54. > > we want to implement SSO for application deployed in Apex with IDCS > > reference URL : > > > > > https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service > > > > but apex is not at all redirecting to IDCS URL and as per Oracle issue is > > with tomcat . > > > > anyone successfully implemented APEX SSO( webserver : apache tomcat) > with > > Oracle IDCS > > or APEX SSO( webserver : apache tomcat) with Microsoft Azure AD. > > can you please assist us with steps. > > > > -- > > Thanks and Regards, > > Rupali > > > -- Thanks and Regards, Rupali
Re: Apex SSO
I have a working APEX SSO against Azure AD or On-Permise AD. On Thu, Mar 24, 2022 at 1:13 PM rupali singh wrote: > HI Team, > > We are using apex 21.1 with tomcat 9.54. > we want to implement SSO for application deployed in Apex with IDCS > reference URL : > > https://www.ateam-oracle.com/post/integrating-apex-with-oracle-identity-cloud-service > > but apex is not at all redirecting to IDCS URL and as per Oracle issue is > with tomcat . > > anyone successfully implemented APEX SSO( webserver : apache tomcat) with > Oracle IDCS > or APEX SSO( webserver : apache tomcat) with Microsoft Azure AD. > can you please assist us with steps. > > -- > Thanks and Regards, > Rupali >
