My post Generating an AuthToken for SwitchUser demonstrates how to acquire and expire PeopleSoft authentication tokens. Using this approach, you could hook any custom application into the PeopleSoft security model, allowing PeopleSoft to manage security for many of your custom enterprise applications. Continuous token (ticket) validation could be implemented through a very simple web service that calls SwitchUser and returns the result. If
true, then the token is valid.
Really, if you are interested in a centeralized, integrated security solution, then you should speak with your Oracle rep about Oracle's Identity Management Suite.
I have a question regarding Portal and HCM authentication. I looking at an issue that we keep seeing in our logs with an error homepageT. The odd thing is that when I see this error I notice that the appserver is returning a TOKEN with a datetime in the past?
Here is an example that I pulled out of the logs using splunk. It is from last night at 6:42 PM, but the PS_TOKEN is from around 1 PM.
PSAPPSRV.25861 (2237) [2016-11-30T18:42:30.855 GetCertificate](3) Returning context. ID=KCW002, Lang=ENG, UStreamId=184230855_25861.2237, Token=PSFT_PA/2016-11-30-184.108.40.206553/KCW002/ENG/jF5gZnpx36fbqtZ1/Ui6/l2EH+Q=
PSAPPSRV.17534 (7567) [2016-11-30T18:42:31.230 KCW002@mydata.intranet.umb.com (IE 11.0; WIN7) HomepageTemplate](0) Duplicate cookie PS_TOKEN received. Value1=PSFT_HR/2016-11-30-12.34.08.336246/KCW002/ENG/mqOGbeHMB8V7U0eYA/cA6fAGW4g=, Value2=PSFT_PA/2016-11-30-220.127.116.11553/KCW002/ENG/jF5gZnpx36fbqtZ1/Ui6/l2EH+Q=.
What do you think is going on here and how do you think we can fix it?
Oh, and Congrats on your new job!
@Kevin, it is a great question. I have no idea.
I 'm looking to create PS_TOKEN for a particular userID not %operatorID. Do you already post anything of this sort ?
@Raj, a different user than the one that is already logged in? If you have the User ID and password, then the code in this listing will work.
Thanks Jim !! I have one more question. We are redirecting user to Java system but the URL was dynamic and it changes each time. We want to delete the cookies before we redirect the user.
I don't have a good solution for cookie deletion. Cookies are just HTTP headers, so you may be able to work with the collection directly. If not, you may need a ServletFilter to filter the response.
I'm reading a REST API URL using below code
&doc = &MSG.GetURIDocument();
&com = &doc.DocumentElement;
&emailid = &com.GetPropertyByName("EMAILID").Value;
System is removing + character while reading the data. + is converted as space.
Ex: TEST+CHECK@GMAIL is converted to TEST CHECK@GMAIL.COM
That makes sense because a + in a URL/URI is a space. That is URL encoding. If you want to send a + in a URL, then you will need to URL encode it before sending it.
Post a Comment