For partners that build or integrate commercially available applications and service solutions with the Oracle Cloud Platform
For partners that provide implementation or managed services around Oracle Cloud Applications
Hi all,
Thank you for all the brilliant answers! I was able to get my second account to work after I simplified my password. Not sure if it was a result of user error, or if there are limitations on passwords in the API that aren't in the console.
Regardless, many thanks.
Carl
Hi Tushar, thank you for the quick response. I already have the basic auth working for one of my accounts. Let's call it account@mycompany.com. It's an admin account. I have created a second account, account2@mycompany.com. I have given it identical permission and yet when I use the basic auth technique it fails. Is there another setting I need to enable somewhere in the console?
Thanks, Carl
Thanks, Anuj! Much appreciated!
Thank you very much, Rajan! Great sleuthing!
Hi all,
The documentation is a 404 once again. Is an updated link available?
Thanks,
Carl
Thanks all! Some great ideas here.
It does sound like customization is required no matter what approach chosen above. Requiring the user to know a unique ID that could be related to the org most closely matches our business need so we will ponder.
Much appreciated,
Carl
Thank you, Pramod!
I think I may have finally solved it. I'll add a generic version of what I did in case others come across this thread looking for a solution. Oracle staff: this is definitely an area that could use more documentation and code examples.
We changed the values originally mentioned in this question to:
PTA_ENABLED - Yes
PTA_ENCRYPTION_IV - No Value
PTA_ENCRYPTION_KEYGEN - 2 (RSSL_KEYGEN_PKCS5_V20)
PTA_ENCRYPTION_METHOD - aes128
PTA_ENCRYPTION_PADDING - 3 (RSSL_PAD_ZERO)
PTA_IGNORE_CONTACT_PASSWORD - Yes
$base_url = 'https://mysite--tst.custhelp.com/ci/pta/login/redirect/ask/p_li/'; $ptaDataArray = array( 'p_userid' => 'myuser_007', 'p_email.addr' => 'myuser_007@myuser_007.com', 'p_name.first' => 'Carl', 'p_name.last' => 'Bramblett' ); //Convert PTA data array to string $ptaDataString = ""; $ptaData = $ptaDataArray; foreach($ptaData as $key=>$value){ $ptaDataString .= ($ptaDataString === "") ? '' : '&'; $ptaDataString .= "$key=$value"; } $iv = "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0"; $ptaDataString = openssl_encrypt($ptaDataString, 'AES-128-CBC', 'my_pta_encryption_string', $iv); // The login parameters from the external validation source must be placed in the customer portal URL and must be encoded using Base 64 encoding. $ptaDataString = base64_encode($ptaDataString); // In addition to using the Base 64 function, certain characters must also be replaced in the URL (+ becomes _, / becomes ~, and = becomes *). $ptaDataString = strtr($ptaDataString, array('+' => '_', '/' => '~', '=' => '*')); printf('<p>URL: %s%s</p>', $base_url, $ptaDataString); // Login URL
P.S. In case anyone else is struggling with this, here are the clues I've uncovered so far.
https://cloudcustomerconnect.oracle.com/posts/31db79c34d
https://cloudcustomerconnect.oracle.com/posts/173355bc7e
https://cloudcustomerconnect.oracle.com/posts/7afc0063e7
https://cloudcustomerconnect.oracle.com/posts/dfe4cf0865
https://cloudcustomerconnect.oracle.com/posts/4378b52e6b
https://cloudcustomerconnect.oracle.com/posts/fe663dee1e
https://github.com/ekoca/PTA-Encryption/blob/master/rnt.php
https://stackoverflow.com/questions/30217201/rssl-pad-iso10126-padding-method-in-php
Update: I've progressed to the point where I am consistently getting an error "Data decryption failed." Here is a very simple attempt based on another forum post. I have changed the values for this example, but I am using real ones in my test environment. Any obvious places for improvement? Help?
PTA_ENABLED - Yes
PTA_ENCRYPTION_IV - No Value
PTA_ENCRYPTION_KEYGEN - 2 (RSSL_KEYGEN_PKCS5_V20)
PTA_ENCRYPTION_METHOD - aes256
PTA_ENCRYPTION_PADDING - 5 (RSSL_PAD_ANSIX923)
PTA_IGNORE_CONTACT_PASSWORD - Yes
$base_url = 'https://mysite--tst.custhelp.com/ci/pta/login/redirect/ask/p_li/';
$ptaDataString='p_userid=myuser_007'; //You need to pass the ID
// data, method, key, options, iv
$iv = "\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0\x0";
$ptaDataString = openssl_encrypt($ptaDataString, 'AES-256-CBC', 'myptaencryptionstring', 0, $iv);
$ptaDataString = base64_encode($ptaDataString); //then base64 encode the encrypted string
// Replace chars
$ptaDataString = strtr($ptaDataString, array('+' => '_', '/' => '~', '=' => '*'));
// This URL produces PTA Error #9
printf('<p>URL: %s%s</p>', $base_url, $ptaDataString);
Hi Shan, I am running into issues with my encrypted login attempt, too. Did you ever get an answer to your question?
I remember before RightNow was acquired by Oracle there used to be a section in this forum for code examples. Does anything like that exist now?
Thank you very much, Chris! As you point out, I am trying to learn how to do it prior to reaching the CP, but your code is definitely a helpful example! Have you written anything similar for logging in from outside the portal?
One further question: does using encryption require https on the server hosting the login page?
Hi all,
What is the best way to retrieve report information if the report has no filters?
Thanks,
Carl