Just I have installed Oracle Weblogic Server and configured RESTFul Service. Developer can able use in office network but when I placed it in proxy server then It is supporting.
As per discussed with developer, need to set cross domain access control security. Can anybody help me how to I can set that from Oracle weblogic Administrator control?
Client side they are using javascript & actionscript to call that service.
I would suggest trying to use SOAP UI to test the service through the proxy service and see what the behavior is. You might want to change the proxy server to not cache the result from the URL during testing.
You can use web.xml to configure security roles and map them to WLS credentials/roles. If you have added a username and password then you should be able to test this from SOAPUI.
Related
Currently working on configuring SSO for Oracle Smartview client that accesses the Oracle EPM suite of BI Tools. Pingfederate SP and Okta Idp configured with multiple AD data sources is configured.
Would appreciate if anyone would share their experience in the approach and configuration steps taken to enable SSO for Smartview
A quick Google indicates that Smart View can consume a header for a user ID. This allows you to use any standard mechanism for header injection available in your IAM environment. You mentioned PingFederate as your SP. You didn't mention if Smartview is behind any proxy (like Nginx or Apache).
Ping has a number of integration mechanisms for header injection, ranging from the various integration kits in PingFederate (Java, Apache, IIS), as well as PingAccess which is the Ping Identity standard WAM tool.
With all of the options available to you for integration, providing you step by step guidance requires more information. I would suggest a call to your Ping account team.
I can not connect to Google Services from client application if it is trying to communicate with oauth2.googleapis.com (which is probably blocked in my corporate network - I dont know how to test it for sure).
I tried BigQuery with JDBC driver in Dbeaver. With basic settings.
User-based login does this:
It generates link for OAUTH. I open the browser and login with the right google account. Then I insert generated code into the Dbeaver and I recieve that AUTH has failed.
Service-based login does this:
It does not want me to visit any webpage. It just tells me:
[Simba][BigQueryJDBCDriver](100004) HttpTransport IO error : oauth2.googleapis.com.
I also tried to use ODBC, where PROXY can be filled in. But no luck.
When I take a look into 'Proxy Options' the proxy port is always rewritten by proxy host. Weird.
This is what happens when i click on 'catalog' or 'dataset' drop-down field. I cant do any further steps.
BUT!
When I set my HTTP PROXY in GCLOUD CLI APP then communication works. And I can call BQ from it.
Does it mean that GCLOUD communicates through HTTP Proxy and DBeaver or ODBC does not? Or does it mean that GCLOUD does not need oauth2.googleapis.com but ODBC and JDBC do and it is blacklisted? I am confused.
We need to migrate from our internal environment to GCP. We would love to use various applications. I would ask for whitelisting oauth2.googleapis.com but i am not sure this is the only problem as GCLOUD app works without any flaws.
I am not-experienced with networking so i am more than happy to update / correct this question or add any info (if you need) to help me understand this issue. Thank you
According to your description, your corporate network is using a Proxy to reach out Internet, this is the reason why gcloud is capable to reach out BigQuery service when Proxy settings are configured in your system; through Cloud SDK Proxy settings or HTTP PROXY environment variable.
You require to setup the proxy settings within the JDBC connection string as described in Simba JDBC driver documentation, e.g.:
jdbc:bigquery:DataSetId=MyDataSetId;ProjectId=MyProjectId;OAuthType=1;ProxyHost=MyProxyHost;ProxyPort=MyProxyPort;ProxyUID=MyProxyUsername;ProxyPWD=MyProxyPassword
This connection string will indicate the Proxy settings to Simba JDBC driver.
I have written a web application that is, typically, installed internally by customers (based on IIS/MSSQL server).
When a customer wants to provide external access to the application, we offer the following supported scenarios:
Publish the application in their DMZ (pretty standard deployment).
Use our own platform where we host the application in our own cloud infrastructure for them.
However, because I have more and more customers who misunderstand the requirements for publishing an internal application, I would like to add a "one click" way of providing that service.
My idea is to have a reverse proxy installed on the customer's web server that will connect to a cloud server we control. When the application starts, it will connect to our server, authenticate and maintain the connection. When a user wants to use the application, she will use an URL that directs it to our server (say https://myapp.mycompany.org/CustomerID or https://CustomerID.myapp.mycompany.org). The server will then lookup the list of connections from reverse proxy to find the one matching the customer ID and, if found, use that connection to relay the end user connection.
In essence, that is the same thing as what Azure Application proxy or TeamViewer do, only without the need for using Azure AD or TeamViewer.
Is there an existing framework I can use for building such a service ? I know I can write it on my own but that is quite a large development.
We currently have an installation of IBM content navigator that we built a feature inside, this feature shows another web application installed on the same server inside an iFrame, this application connects to CPE using Java WS APIs to do some operations using the ICN logged in user credentials.
The main problem we are facing is that in our current solution the user logs in twice, once to log in to the ICN, and another to log in to the web application, which is undesirable and we need to eliminate this second login and implement some sort of SSO.
One option available is using Kerberos, however as it currently stands the FileNet Java api does not support Kerberos at the moment (only .Net).
Any ideas are much appreciated
References
Using Kerberos on an API Client - https://www.ibm.com/support/knowledgecenter/SSGLW6_5.2.1/com.ibm.p8.ce.dev.ce.doc/sec_procedures.htm
If your web application is deployed on the same WebSphere Cell, you don't need to use Kerberos. Kerberos need to support SSO between WAS and client only, not between application and client.
You don't need to use createSubject(), just get it from security context and provide it to CPE.
I'm trying to create a WCF service that uses Integrated Windows Security and will be hosted on IIS7.
This service is going to be used inside a domain and will be consumed by a java client.
My questions are:
What bindings should I use ?
How do I set up Integrated Windows Security on IIS7? (not the same as IIS6)
How do I get the credentials inside the service (C#), that is, how to read the user name.?
Thanks,
Thomas