Solved

Help on Single Sign On

Posted on 2013-01-08
2
347 Views
Last Modified: 2013-01-09
Hi,
I configured and set up the SSO (single sign on) to access my Web server.

S.O: Linux
Web Server: Apache

Below the steps:

- Configured the Policy Domain and create a new Authentication Scheme on Oracle Access Manager
- Modify the http.conf file and add the rows:
ProxyPass /dbcenter/entry.php      !
ProxyPass /dbcenter/login.php      !

- Create the file: entry.php  - login.php - myweb.php  (see attached files)

Now when I try to connect at my portal web: http://10.11.12.33/myweb.php I get this warning:

Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/dbcenter/login.php:3) in /var/www/html/dbcenter/login.php on line 24

and then successfully entered


Have any idea how to avoid this warning?
entry.php
login.php
myweb.php
0
Comment
Question by:ralph_rea
2 Comments
 
LVL 34

Assisted Solution

by:gr8gonzo
gr8gonzo earned 200 total points
ID: 38756091
This is nothing specific to SSO - this is a generic PHP / HTML problem. This happens because all  web servers send back data in a very specific order:

1. HTTP Headers
2. Content

HTML belongs in the Content area, while any calls such as header() or setcookie() change information in the HTTP Headers area.

Once you send any Content, the web server assumes you are finished sending HTTP Headers, so it won't allow you to send any more HTTP Headers at that point.

There are several ways to fix this, but the easiest is probably just to add this line above your login.php script:

<?php ob_start(); ?>

This is called starting an output buffer (ob = output buffer). Basically, whenever it comes across any Content like HTML, it will not automatically output the HTML to the screen, but instead will put it into a hidden variable called an output buffer. Since the web server hasn't sent any Content back (because it's in the output buffer), it is still in the mode of expecting and accepting HTTP Header changes, so the setcookie() will work.

Now, there are ways to access and manipulate the contents of the output buffer, but you don't need to do anything more, since the output buffer will automatically dump whatever it has at the end if you don't do anything else.

Usually the proper way to get around this is to simply write code so that you do all your PHP processing first, and then display any HTML once you're done with PHP, but the ob_start() is a quick fix.
0
 
LVL 14

Accepted Solution

by:
Scott Madeira earned 300 total points
ID: 38756302
You need to send header information prior to outputting anything to the browser window.  Even stray white space at the end of a .php file can cause this error.  you are having a problem here because you send stuff to the browser prior to the setcookie command.  If you rearrange your login.oho file as follows, it should work for you.

<?php
	$txtUserID = $_POST["IDUser"];
    $token = $_POST["mytoken"];

	$cookieValue = $token; 
    $cookieExpiration = 0; 
    $cookiePath = "/"; 
    $cookieDomain = "gruppocattolica.it"; 
    setcookie("mytoken",$cookieValue,$cookieExpiration,$cookiePath,$cookieDomain);

	$input_arr = 
		array(
			"txtUserID" => $txtUserID
			);    
?>

<html>
<head>
<script language="javascript">
<!--
    function goSubmit() {
        document.formric.submit();        
    }
//-->
</script>
</head>
<body onload="goSubmit();">
<form action="http://myportal.it/dbcenter/entry.php" method='POST' name='formric'>
	<?php
	
		foreach($input_arr as $key => $value)
		  echo "\t" . '<input type="hidden" name="' . $key . '" value="' . $value .'">' . "\n";
 
	?>
	</form>
</body>
</html>

Open in new window

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
SASS allows you to treat your CSS code in a more OOP way. Let's have a look on how you can structure your code in order for it to be easily maintained and reused.
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
The viewer will learn how to count occurrences of each item in an array.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now