Summer JA-SIG
Baltimore, Maryland
San Luis Obispo, CA
Information Technology Services
Darren Kraker
Ken Sperow
Overview
CAS implementation
PeopleSoft HR
PeopleSoft Financials
Oracle Collaboration Suite
calendar
email
Integration as uPortal channels
(IFrame)
PeopleSoft Self Service links
Oracle Portlets
Agenda
History
PeopleSoft Impl / Integration
OCS Impl /Integration
Issues
Questions
Cal Poly – Who are we?
San Luis Obispo
100 Years Old
20,000 Students
Polytechnic
University
Engineering, Agriculture,
Architecture, Science
“Learn by Doing”:
technical and
professional curricula
with arts and
humanities.
History
Live with uPortal 1.6 Fall 2001
UNICON assisted LDAP
implementation
Motivated to implement SSO
Campus introduction PeopleSoft
HR
Politically / strategically
required for Enterprise Portal
System Overview
Technical Specifications
CAS servers
Central Authentication Server
2.0
Servers: Sun Netra T1
500 mhz, 1 GB RAM
Solaris 9
Three servers high availability
Cisco switches provide failover
Technical Specifications
LDAP servers
Oracle Internet Directory: 9.2.0.6
Servers: Sun Netra T1
500 mhz, 1 GB RAM
Solaris 9
Three servers for high availability
Cisco hardware provides load
balancing and failover
Technical Specifications
uPortal server
uPortal 2.1.4
One server: Sun E450
4 - 400 mhz, 4 GB RAM
Solaris 9
Planned upgrade to 2.5.X Fall
CAS User interaction
3 Web Login 7
Service Username
recognizes provided
user session to
6 application
Applicatio
4 Login n
Service validates
provides ticket
ticket
1 User requests
access
2 Browser redirected to Login Web 8
User Service
ApplicationApplication
5 Ticket provided to decides if
9 Userapplication
gets access user is
authorized
PeopleSoft
Making PeopleSoft use a central
authentication service
Evaluate known solutions
Integration with CAS
PeopleSoft - Implementation
OCS Oracle BI
Middle Tier Middle Tier
Calendar
OCS DB
BI DB
9.2.0.5
Oracle Collaboration Suite
(OCS) Integration
Objectives
uPortal entry point for Email
and Calendar
SSO
uPortal channels - simplified
view of Email and Calendar
Ability to render Oracle
Portlets within uPortal
OCS Integration - Solutions
Oracle SSO
Web based applications
Integrates with external login
source
Solution required the use of cookies
All code written in PL/SQL
Requires Oracle Internet Directory
(OID)
Users must be populated in OID
FERPA
Web 8 OSSO validates ticket
Oracle
Login 9 Username provided to OSSO SSO
Service
5 Web Login Service authentication required
6 Login Service provides ticket for OSSO
3 O e
gin ro
ick
vi
7T
Se de
rv df
ce i or
ap
lic p
ati
on
External JSP
Makes a portlet available through a
JSP
Not well documented
Is not supported in a “Partial SSL
configuration”
uPortal Inline Frame points to
external JSP
OCS - Rendering Oracle
Portlets
Direct Access URL
Access to Oracle Portal page
through user-friendly URL
Create Oracle Portal Page
No header/border/template
Put portlet on page
Attach stylesheet to page
Point uPortal Inline frame to URL
OCS - Rendering Oracle
Portlets (cont.)
Authorization
Control access to uPortal
channels through Groups??
Needed way to restrict access
to Oracle page
Solution: Pull groups tables
into OID nightly
OCS Integration Issues
ISSUE:
When users subscribe to more than
one channel containing Oracle Portlet
content, the channel may respond
with browser error messages resulting
in no content displayed.
ROOT CAUSE:
This problem is a result of multiple
uPortal channels attempting to
establish an Oracle Portal session at
the same time.
OCS Integration Issues
(cont.)
Possible Solutions
Introduce a Delay with
Consecutive Page Requests.
Introduce an Intermediate
Page at CAS Login.
Send all requests through a
single threaded servlet.
CAS Enabling OCS Resources
Oracle9iAS Single Sign-On
Administrator's Guide
Release 2 (9.0.2)
Part Number A96115-01
Chapter 5 - Third-Party Single Sign-On
Chapter 8 - Customizing the Single
Sign-On Interface
Metalink Documents:
Note:191299.1
Note:244557.1
Note:191345.1
Statistics on Usage
PeopleSoft Applications:
HR total accounts: 2,500 (admin accounts: 700)
Concurrent users average: 22 (high 75)
Finance total admin accounts: 700
Concurrent users average: 23 (high 95)
Single Sign-on Unique Users per month:
Approx: 12,000 - 28,000
Average: 20,000 (including summer quarters)
Single Sign-on Unique users per DAY
Maximum: 14,000
Average: 5,700
Single Sign-on Concurrent users of the
Portal: High: 2,800
Statistics on Usage
Single clicks to HR PRD and FS PRD per
month
2,200 – 6,100
Average: 4,200 (including summer quarters)
http://myportal.calpoly.edu/downloads
PeopleBooks
Questions?
Darren Kraker Ken Sperow
Software Engineer Software Engineer
dkraker@calpoly.edu ksperow@calpoly.ed
u
Ryan Matteson
Dan Malone
Web Architect and Info
Oracle SSO
Security Manager
dmalone@calpoly.ed
rmatteso@calpoly.edu u
Melinda Rojo
Oracle Portal Integration
mrojo@calpoly.edu