24
Oracle Application Server Single Sign-On

This brief chapter presents issues raised by chapters 4 and 9 of Oracle Application Server Single Sign-On Administrator's Guide. It contains the following topics:

• Logging Out of the Single Sign-On Administration Application

• Port Numbers with mod_osso_url

• Managing Single Sign-On Audit Records

24.1 Logging Out of the Single Sign-On Administration Application

Logging out of partner applications when the single sign-on server is enabled for SSL does not correctly delete the session for the single sign-on administration application. The steps that follow rectify this problem. Perform them when you enable the single sign-on server for SSL. Include them in the steps in "Enabling SSL" in Chapter 9. Insert them before the subsection "Protect Single Sign-On URLs."

1. Obtain the password for the single sign-on schema (orasso). For instructions, see Appendix B in Oracle Application Server Single Sign-On Administrator's Guide.

2. Connect to the Oracle identity management database as the orasso schema:

   sqlplus orasso/password
   
   

3. Run this SQL*Plus query:

   SQL>update orasso.wwctx_cookie_info$ set secure='N';
   SQL>commit;
   

24.2 Port Numbers with mod_osso_url

"Syntax and Parameters for ossoreg.jar" in Chapter 4 does not mention that a port number should not be provided for the mod_osso_url parameter if the partner Oracle HTTP Server is listening on the default HTTP port of 80 or on the default HTTPS port of 443. Following the example given in the chapter, if the partner is listening on port 80, the value for mod_osso_url is http://application.mydomain.com. If the partner is listening on port 7777, a nondefault HTTP port, the value is http://application.mydomain.com:7777.

24.3 Managing Single Sign-On Audit Records

The single sign-on server records authentication failures and successes in the Oracle identity management database. In time, the audit table, ORASSO.WWSSO_AUDIT_LOG_TABLE_T, runs out of space. When this happens, you see this error message in database alert logs:

ORA-1654: unable to extend index ORASSO.AUDIT_INDEX1 by 128 in tablespace IAS_
META

In addition, further authentication requests fail.

Be sure to monitor ORASSO.WWSSO_AUDIT_LOG_TABLE_T regularly. When it becomes full, either back up the table and free up space or add space. Note that this is an internal, product-specific table. Direct access through SQL*Plus is not supported.