Skip to main content

Webcenter Portal SSOwith OAM 11g R2 PS2

Installation of OUD:
Directory server needs to be installed for setting up the SSO. Installation of OUD is described in below post:

 http://idm-world.blogspot.in/2014/08/installation-of-oracle-unified.html

Install OAM:

OAM 11g R2 is required. Below are the steps to install OAM 11gR2:
http://idm-world.blogspot.in/2014/03/installation-of-oam-11g-ps2-high-level.html


 Installation and configuration of WebTier Utility: 

Download and install webtier utility.Steps are as below:

http://idm-world.blogspot.in/2015/07/installation-of-web-tier-utility.html

Set the reverse proxy of OHS to Webcenter. In order to do that navigate to <Middleware_home>/Oracle_WT1/instances/instance1/config/OHS/ohs1/ and Open the file - mod_wl_ohs.conf. Add below para in the file:

<Location />
    SetHandler weblogic-handler
    WebLogicHost server1
    WeblogicPort 8889
</Location>

This will redirect all the OHS request to weblogic server1 port 8889.URL pattern matching can also be achieved here.

Deploy and and configure webgate:

After WebTier utility is installed. Install Webgate on top of this as below:

http://idm-world.blogspot.in/2015/07/installation-of-webgate-11g.html

Deploy and configure the webgate as decribed below:

http://idm-world.blogspot.in/2013/05/high-level-steps-for-protecting-web.html




Configurations in OAM:

Add OUD as identity store in OAM. Create a new 11g Agent in OAM. Auto create policies should be checked.




This will create the two files in the mentioned path ObAccessClient.xml’ and ‘cWallet.sso’. Copy the files in $Middleware Home$/Oracle_WT1/instances/instance1/config/ohs1/webgate/config location.


Configure the Authenticators: 

Login to the Admin console of the Wwbcenter doamin and create a OUD Authenticator.





Change control flag to SUFFICIENT. Create Another autheticator as OAM ID Asserter and reorder the sequence as below:

·         OAMIDAsserter  (REQUIRED)
·         OUDAuthenticator (SUFFICIENT)
·         Default Authenticator (SUFFICIENT)
·         Default IdentiyAsserter





Configure the SSO: 

This is final step. configure the SSO on webcenter. Login to EM console of Webcenter domain and add OAM as SSO mechanism. Add login URI as "/${app.context}/adfAuthentication" and logouturi="/oamsso/logout.html"





 






























Labels:

Comments

Post a Comment