|
Oracle® Application Server Forms Services Deployment Guide
10g Release 2 (10.1.2) B14032-03 |
|
 Previous |
 Next |
|
Oracle® Application Server Forms Services Deployment Guide
10g Release 2 (10.1.2) B14032-03 |
|
|
Previous |
Next |
Oracle Forms applications are configured using a central configuration file, the formsweb.cfg file in the forms/server directory. The formsweb.cfg file can be edited by using Enterprise Manager Application Server Control Console, which Oracle recommends.
OracleAS Single Sign-On and error handling are defined by the following parameters in the formsweb.cfg file:
ssoMode [true|false]
ssoDynamicResourceCreate [true|false]
ssoErrorUrl [String URL]
ssoCancelUrl [String URL]
These Oracle Forms parameters in the formsweb.cfg file can be set in the "User Parameter" section, to make them the default behavior for all Forms applications run by the server, and in a "Named Configuration", making the settings valid for a particular application only. A OracleAS Single Sign-On definition overrides the same definition set in the User Parameter section.
The ssoMode parameter enables an Forms Services application for OracleAS Single Sign-On. By default, Oracle Forms applications are not configured to run in OracleAS Single Sign-On mode. The ssoMode parameter can be set in two places in the formsweb.cfg file. Setting ssoMode as a system parameter with a value of true allows all applications to run in OracleAS Single Sign-On mode by this Forms Services instance. Setting the ssoMode parameter in a named configuration of an Oracle Forms application enables or disables OracleAS Single Sign-On only for this particular application:
[myApp]form=myFmxssoMode=true
To enable OracleAS Single Sign-On for an application:
Start the Enterprise Manager Application Server Control Console.
Select Forms.
Select the Configuration tab.
Select the radio button next to the configuration section for your application and click Edit.
In the Name field, enter ssoMode.
In the Value field, enter true.
Click Add New Parameter.
Click Apply to update the formsweb.cfg file
Single sign-on is now enabled for the selected application.
To disable OracleAS Single Sign-On for an application:
Start the Enterprise Manager Application Server Control Console.
Select Forms.
Select the Configuration tab.
Select the radio button next to the configuration section for your application and click Edit.
Select the radio button next to the ssoMode parameter.
In the Value column, enter false.
Click Apply.
Single sign-on is now disabled for the selected application.
The ssoDynamicResourceCreate parameter is set to true by default which allows the user to create a Resource Access Descriptor (RAD) entry in Oracle Internet Directory to run the application if this resource entry does not exist. The Web page that displays is a standard form provided by the Oracle Delegated Administration Services. This Web page is not customizable as it is not owned by Oracle Forms.
Allowing dynamic resource creation simplifies Oracle Internet Directory administration because there is no longer the need for an administrator to create user RAD information in advance. The ssoDynamicResourceCreate parameter can be set as a system parameter in the formsweb.cfg file or as a parameter of a named configuration. Because the default is set to true, this parameter may be used in a named configuration for a specific application to handle a missing RAD entry differently from the default.
Note that configuring an application as OracleAS Single Sign-On enabled with the value of the ssoDynamicResourceCreate parameter set to false, while not specifying a value for the ssoErrorURL, will cause Oracle Forms to show an error message if no RAD resource exists for the authenticated user and this application.
Since not all administrators want their users to create resources for themselves (and potentially raising issues with Oracle Internet Directory), these parameters allow administrators to control Oracle Internet Directory resource creation. Although the default behavior is to direct users to an HTML form that allows them to create the resource, the administrator can change the setting and redirect the user to a custom URL.
For the configuration section for the Forms application, you'll need to set these parameters:
[myApp]form=myFmxssoMode=truessoDynamicResourceCreate=false
For information about setting these parameters through Enterprise Manager Application Server Control Console, see Chapter 4.3.3, "Managing Parameters".
The ssoErrorURL parameter allows an administrator to specify a redirection URL that handles the case where a user RAD entry is missing for a particular application. This parameter only has effect if the ssoDynamicResourceCreate parameter is set to false, which disables the dynamic resource creation behavior. The ssoErrorURL parameter can be defined as a system parameter and as a parameter in a named configuration section. The URL can be of any kind of application, a static HTML file, or a custom Servlet (JSP) application handling the RAD creation, as in the example below.
[myApp]form=myFmxssoMode=truessoDynamicResourceCreate=falsessoErrorURL=http://myServ.com:7779/servlet/handleCustomRADcreation.jsp…
The ssoCancelURL parameter is used in combination with the dynamic RAD creation feature (ssoDynamicResourceCreate= true) and defines the URL that a user is redirected to if he presses the cancel button in the HTML form that is used to dynamically create the RAD entry for the requested application.
Optionally, if you need to work with OracleAS Single Sign-On authentication information in a Forms application, the GET_APPLICATION_PROPERTY() built-in can be used to retrieve the following OracleAS Single Sign-On login information: OracleAS Single Sign-On user ID, the user distinguished name (dn), and the subscriber distinguished name (subscriber dn)
authenticated_username := get_application_property('sso_userid') ;userDistinguishedName := get_application_property('sso_usrdn') ;subscriberName := get_application_property('sso_subdn') ;formsAppEntity := get_application_property('sso_formsid');config := get_application_property('config').
|
Note: config can be obtained even in non-SSO mode |
