Web Profile Configuration – Security Web Profile Configuration – Look in addition to Feel Enabling Signon PeopleCode Signon PeopleCode at a glance Oracle Stored Function

Web Profile Configuration – Security Web Profile Configuration – Look in addition to Feel Enabling Signon PeopleCode Signon PeopleCode at a glance Oracle Stored Function www.phwiki.com

Web Profile Configuration – Security Web Profile Configuration – Look in addition to Feel Enabling Signon PeopleCode Signon PeopleCode at a glance Oracle Stored Function

Schaffhauser, Dian, Contributor has reference to this Academic Journal, PHwiki organized this Journal Implementing PeopleSoft SSO Computing And Communications UCR SSO Overview CAS Server http://auth.ucr.edu PeopleSoft Application Server 2 Oracle Stored Function 3 5 7 (1) https://auth.ucr.edu/cas/loginservice=http://ora02.ucr.edu/psp/UCRTM3/cmd=start (2) CAS redirects URL: http://ora02.ucr.edu/psp/UCRTM3/cmd=start&ticket=ST-9-rroTVKeuNy3v (3) Signon PeopleCode requests validation of ticket via a a SQL stored function (4) SQL stored function requests validation of ticket via a URL request using the Oracle Wallet as long as a secure connection (5) CAS returns validation results (either “no” or “yes ”) to the stored function (6) Stored function returns the ticket validation results to the Signon PeopleCode (7) Signon PeopleCode sets the SetAuthenticationResult() to true in addition to redirects the browser to our main PeopleSoft page. Web Profile Configuration – Security Turn on public access as long as the default user

Mount Marty College SD www.phwiki.com

This Particular University is Related to this Particular Journal

Web Profile Configuration – Look in addition to Feel Create a simple HTML file that does a META redirect, ie: function closeme(){window.opener = null;window.close();} Place these files in: ~webserv/peoplesoft/applications/peoplesoft/PORTAL/WEB-INF/ psftdocs// Enabling Signon PeopleCode Create a special Function Library (FUNCLIB-) with your signon peoplecode in addition to enable it here Signon PeopleCode at a glance Function UCR-Signon() / Get the CAS ticket in addition to service / &TICKET = RTrim(%Request.GetParameter(“ticket”)); &SERVICE = &FULLURI “cmd=start”; / Create a SQL statement that will send the ticket “out of b in addition to ” as long as validation / &sqlCASValidate = CreateSQL(“select sso-validation-ticket(‘” &SERVICE “‘, ‘” &TICKET “‘) from dual”); / Execute the SQL in addition to fetch the result, which should be either “no” or “yes ” / &sqlCASValidate.Fetch(&RESULT); &YES-NO = Substring(&RESULT, 1, 3); If &YES-NO = “yes” Then / Additionally, need to validate the resulting userid with operdefn table / / in addition to check to see if account is locked out / SetAuthenticationResult( True, Upper(&Result-userid), “”, False); Else / If NOT valid, then fail the user’s login attempt in addition to redirect back to the CAS page / SetAuthenticationResult( False, &Result-userid, “”, False); End-If; End-Function; Just a brief overview of the custom signon peoplecode

Oracle Stored Function create or replace function SSO-Validation-Ticket(service in varchar2, ticket in varchar2) return varchar2 is // / Title: Single Signon Validate Ticket (SSO) / / Purpose: Validate a SSO ticket receive via a URL / // newservice varchar2(2000); returndata varchar2(2000); Begin newservice := replace(service, ‘:’, ‘%3a’); newservice := replace(newservice, ”, ‘%3f’); newservice := replace(newservice, ‘&’, ‘%26’); newservice := replace(newservice, ‘=’, ‘%3d’); SELECT utl-http.request(‘https://auth.ucr.edu/cas/validateservice=’ newservice chr(38)’ticket=’ ticket, null, ‘file:/etc/ORACLE/WALLETS/DATABASES’, ‘‘) into returndata FROM dual; return(returndata); exception when others then returndata := sqlerrm; return(returndata); end SSO-Validation-Ticket; The stored function that checks the wallet Signon PeopleCode (Page 1/5) Global string &TICKET, &USERID, &RESULT; Global File &LOG-FILE; Local SQL &sqlCASValidate; Function UCR-Signon() / Steps to set up single signon: 1) Web Profile Configuration – PSDEV – Security tab – Allow Public Access = YES; User ID = XYZ 2) Report Node – UCR-REPORT-NODE – URL: http://ora02.ucr.edu/psreports/ps; Login ID: XYZ; etc 3) Signon PeopleCode: FUNCLIB-UCR.SSOAUTH.FieldDefault.UCR-Signon 4) Ensure that the two files: logout-ucrsso.html in addition to redirect-ucrsso.html are located in the following directory (or similiar) /u06/PT8.44.10/webserv/peoplesoft/applications/peoplesoft/PORTAL/WEB-INF/psftdocs/UCRTM2/ These two file are used in step 1) 5) Compile this stored function sso-validation-ticket(), You will have to check it out via SourceSafe. 6) Restart the App in addition to Web Server. Take several minutes between shutting down in addition to restarting. Delete some cache files too. 7) Change the Disable Signon user from XYZ to another user with no privileges. / / Get the CAS ticket in addition to service / &FULLURI = RTrim(%Request.FullURI); &TICKET = RTrim(%Request.GetParameter(“ticket”)); &QUERYSTRING = RTrim(%Request.QueryString); &SERVICE = &FULLURI “cmd=start”; Signon PeopleCode (Page 2/5) &SERVICE = Substitute(&SERVICE, “:”, “%3a”); &SERVICE = Substitute(&SERVICE, “”, “%3f”); &SERVICE = Substitute(&SERVICE, “&”, “%26”); &SERVICE = Substitute(&SERVICE, “=”, “%3d”); / In order to view reports from inside the portal, this Signon PeopleCode will run a second time as long as the user. The first time, a user is signed on as XYZ with a null %AuthenticationToken in addition to then authenticated as themselves (Look as long as &sqlCASValidate). The second time (by clicking on a report link), they are signed on as themselves (not XYZ) with the %AuthenticationToken now not null. We then just sign them in as themselves. / / Determine if the user entered via the web or the application designer using the app server. / &Entered-Via-Http = Find(“http”, &SERVICE); If %SignonUserId <> “XYZ” And (%AuthenticationToken <> “” Or &Entered-Via-Http = 0) Then SetAuthenticationResult( True, Upper(%SignonUserId), “”, False); Return; End-If; / Create a SQL statement that will send the ticket “out of b in addition to ” as long as validation / &sqlCASValidate = CreateSQL();

Signon PeopleCode (Page 3/5) try &sqlCASValidate = CreateSQL(“select sso-validation-ticket(‘” &SERVICE “‘, ‘” &TICKET “‘) from dual”); catch Exception &c1 SetAuthenticationResult( False, Upper(&USERID), “”, False); end-try; / Execute the SQL in addition to fetch the result, which should be either “no” or “yes ” / If &sqlCASValidate.Fetch(&RESULT) Then &RESULT = RTrim(&RESULT); End-If; &sqlCASValidate.Close(); &YES-NO = Substring(&RESULT, 1, 3); If &YES-NO = “yes” Then / If valid, then authenticate the user / / Step 1: Validate the resulting userid with operdefn table. / / Step 2: Check to see if account is locked out. / &Result-len = Len(&RESULT); &Result-userid = Clean(Substring(&RESULT, 5, &Result-len – 4)); Signon PeopleCode (Page 4/5) / Step 1: Validate &userid with operdefn table. / / Step 2: Check to see if account is locked out. / &sqlCASValidate = CreateSQL(); try / Convert the resulting user id to upper case. The user IDs from the upgrade process are already upper case, but UCR Net IDs are always lower case in addition to must be equated using the Upper() function / &sqlCASValidate = CreateSQL(“select ‘Y’ from psoprdefn where oprid = ‘” Upper(&Result-userid) “‘ in addition to acctlock = 0”); catch Exception &c2 SetAuthenticationResult( False, &USERID, “”, False); end-try; / Execute the SQL in addition to fetch the result, which should be either “no” or “yes ” / If &sqlCASValidate.Fetch(&RESULT) Then SetAuthenticationResult( True, Upper(&Result-userid), “”, False); Else / Execute the SQL in addition to fetch the result, which should be either “no” or “yes ” / SetAuthenticationResult( False, &USERID, “”, False); End-If; Signon PeopleCode (Page 5/5) Else / If NOT valid, then fail the user’s login attempt in addition to redirect back to the CAS page / SetAuthenticationResult( False, &Result-userid, “”, False); End-If; End-Function;

Schaffhauser, Dian Campus Technology Contributor www.phwiki.com

Schaffhauser, Dian Contributor

Schaffhauser, Dian is from United States and they belong to Campus Technology and they are from  Tuscaloosa, United States got related to this Particular Journal. and Schaffhauser, Dian deal with the subjects like Instructional Technology

Journal Ratings by Mount Marty College

This Particular Journal got reviewed and rated by Mount Marty College and short form of this particular Institution is SD and gave this Journal an Excellent Rating.