Skip to main content

Custom Login Page Protection- OAM 11g R2


  • Create a login page with fields having username,password and requestid. Below is the sample login page :

<%@page language="java" session="true" contentType="text/html;charset=ISO-8859-1"  %>

<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.
getServerPort()+path+"/";
String requestID = request.getParameter("request_id");
%>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<font color="blue">Login Page </font><br><br>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Implementing css and javascript</title>

<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">

<link rel="stylesheet" href="style.css" type="text/css"></link>
<script language="JavaScript" type="text/JavaScript" src="validate.js"></script>
</head>

<form onSubmit="return validate(this)" action="http://<oam_host>:14100/oam/server/auth_cred_submit" method="post">
<center>
<table border = "0">
      <tr align="left" valign="top">
            <td>User Name:</td>
            <td><input type="text" name ="username" class="inputbox"/></td>
      </tr>
      <tr align="left" valign="top">
            <td>Password:</td>
            <td><input type="password" name ="password" class="inputbox"/></td>
      </tr>
      <tr align="left" valign="top">
            <td> </td>
            <td><input type="hidden" name="request_id" value="<%=requestID%>"></td>
      </tr>
      <tr align="left" valign="top">
            <td></td>
            <td><input type="submit" name="submit" value="submit" class="submitButton"/></td>
      </tr>
</table>
</center>
</form>

  • This page can be deployed on a external server or on oam server it self.If it is deployed on external server then authentication scheme should look as below:

  • If page is deployed on oam server it self then authentication scheme should look as below:

  • Attach one of these authentication scheme with the already protected resource through a webgate. The webgate configuration should look as below:

  • The protected resource will display the custom login page instead of OAM default login page now. User can be authenticated from this custom page now.







Labels:

Comments

  1. vijay1 September 2017 at 10:07

    Is there any other configuration to be performed if this is done for federation?

    ReplyDelete
  2. Shikhar Mishra1 September 2017 at 21:00

    Nope. Just attach your Identity Provider generated with the Authentication Scheme.

    ReplyDelete
  3. Anonymous7 February 2020 at 21:35

    This works well with just OAM-OIM. If we have OAM-OAAM-OIM integrated, how can we create external login page with TAPScheme? Can we keep Challenge Method=DAP, Authentication Module=TAPScheme, Challenge URL=extenalloginpage.html (same as in example) and content type=external? Our objective is to use external login page in OAM-OAAM-OIM env. Thanks in advance.

    ReplyDelete

Post a Comment

Popular posts from this blog

Developing Prepopulate Adapter with OIM 11g R2

1.      Prepopulate Adapter in OIM uses the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. 2.      Write the Java code which returns the value which has to be populated on the form. 3.      This code will implement the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. Code Snippet: - package com.oracle.oim.utility.eventhandler; import java.io.Serializable; import java.util.Iterator; import java.util.List; import java.util.logging.Logger; import oracle.iam.identity.exception.NoSuchUserException; import oracle.iam.identity.exception.UserLookupException; import oracle.iam.identity.usermgmt.api.UserManager; import oracle.iam.identity.usermgmt.vo.User; import oracle.iam.platform.Platform; import oracle.iam.platform.authz.exception.AccessDeniedException; import oracle.iam.request.exception.RequestServiceException; import oracle.iam.request.vo.Beneficiary; import oracle.iam.request.vo.RequestData; public c
5 comments
Read more

OIM Tuning

Application Module tuning is a critical setting which will affect the UI performance. Following are the recommended application module settings for OIM and these are already set out-of-box (OOB) in later releases of OIM 11g R2. Ensure that these settings are implemented as recommended in your environment. -Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -Djbo.recyclethreshold=60 - Djbo.ampool.timetolive=-1 -Djbo.load.components.lazily=true - Djbo.doconnectionpooling=true -Djbo.txn.disconnect_level=1 - Djbo.connectfailover=false -Djbo.max.cursors=5 - Doracle.jdbc.implicitStatementCacheSize=5 - Doracle.jdbc.maxCachedBufferSize=19 open DOMAIN_HOME/bin/setDomainEnv.sh file for the WebLogic Server instance.find these lines: JAVA_OPTIONS="${JAVA_OPTIONS}" export JAVA_OPTIONS and change it to: JAVA_OPTIONS="-Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -D
Post a Comment
Read more

What is Application Instance

Application instance is a provisionable entity. It is a combination of IT resource instance (target connectivity and connector configuration) and resource object (provisioning mechanism) . Creating and managing application instances are performed by using the Oracle Identity System Administration. Once Created Application Instance can be requested from the catalog. Application instances can be connected or disconnected.  Connected application  instance -It has a connector defined for the provisioning of entities. Account is created in the target system real time in case of connected Application Instance. Disconnected  application instance - It is used for the provisioning of a disconnected resource, for which  a connector is not defined, and therefore, the provisioning is performed manually by the administrator. A mail trigger system can also be attached which sends the account creation/modification/deletion mails to the application owner.
Post a Comment
Read more