Skip to main content

Webcenter Portal SSOwith OAM 11g R2 PS2

Installation of OUD:


Directory server needs to be installed for setting up the SSO. Installation of OUD is described in below post:

http://idm-world.blogspot.in/2014/08/installation-of-oracle-unified.html


Install OAM:

OAM 11g R2 is required. Below are the steps to install OAM 11gR2:
http://idm-world.blogspot.in/2014/03/installation-of-oam-11g-ps2-high-level.html


 Installation and configuration of WebTier Utility: 

Download and install webtier utility.Steps are as below:

http://idm-world.blogspot.in/2015/07/installation-of-web-tier-utility.html

Set the reverse proxy of OHS to Webcenter. In order to do that navigate to <Middleware_home>/Oracle_WT1/instances/instance1/config/OHS/ohs1/ and Open the file - mod_wl_ohs.conf. Add below para in the file:

<Location />
    SetHandler weblogic-handler
    WebLogicHost server1
    WeblogicPort 8889
</Location>

This will redirect all the OHS request to weblogic server1 port 8889.URL pattern matching can also be achieved here.

Deploy and and configure webgate:

After WebTier utility is installed. Install Webgate on top of this as below:

http://idm-world.blogspot.in/2015/07/installation-of-webgate-11g.html

Deploy and configure the webgate as decribed below:

http://idm-world.blogspot.in/2013/05/high-level-steps-for-protecting-web.html




Configurations in OAM:

Add OUD as identity store in OAM. Create a new 11g Agent in OAM. Auto create policies should be checked.




This will create the two files in the mentioned path ObAccessClient.xml’ and ‘cWallet.sso’. Copy the files in $Middleware Home$/Oracle_WT1/instances/instance1/config/ohs1/webgate/config location.


Configure the Authenticators: 

Login to the Admin console of the Wwbcenter doamin and create a OUD Authenticator.





Change control flag to SUFFICIENT. Create Another autheticator as OAM ID Asserter and reorder the sequence as below:

·         OAMIDAsserter  (REQUIRED)
·         OUDAuthenticator (SUFFICIENT)
·         Default Authenticator (SUFFICIENT)
·         Default IdentiyAsserter





Configure the SSO: 

This is final step. configure the SSO on webcenter. Login to EM console of Webcenter domain and add OAM as SSO mechanism. Add login URI as "/${app.context}/adfAuthentication" and logouturi="/oamsso/logout.html"





 






























Comments

Popular posts from this blog

Developing Prepopulate Adapter with OIM 11g R2

1.      Prepopulate Adapter in OIM uses the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. 2.      Write the Java code which returns the value which has to be populated on the form. 3.      This code will implement the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. Code Snippet: - package com.oracle.oim.utility.eventhandler; import java.io.Serializable; import java.util.Iterator; import java.util.List; import java.util.logging.Logger; import oracle.iam.identity.exception.NoSuchUserException; import oracle.iam.identity.exception.UserLookupException; import oracle.iam.identity.usermgmt.api.UserManager; import oracle.iam.identity.usermgmt.vo.User; import oracle.iam.platform.Platform; import oracle.iam.platform.authz.exception.AccessDeniedException; import oracle.iam.request.exception.RequestServiceException; import oracle.iam.request.vo.Beneficiary; ...

Oracle Traffic Director (OTD) configuration

Download the OTD software and install it on a server by running runInstaller command from <Binaries>/Disk1. Preferred is to configure the OTD as root user because when the administration server is configured as root, then Oracle Traffic Director starts the keepalived daemon automatically when you start instances that are part of a failover group, and stops the daemon when you stop the instances. Set Oracle_Home as the new Installed OTD Home. Run below command to configure the Admin server: <OTD_HOME>/otd/bin/tadm configure-server --port=8989 --user=admin --server-user=root --instance- home= <OTD_HOME> /otd/instance_name/otd_instance1 This command will ask for admin password and will create the admin server. Run Below command to start the admin server: <OTD_HOME> /otd/instance_name/otd_instance1/admin-server/bin/startserv Login to the OTD console on http://<host>:8989 as admin user.  Click New configuration: Click Next and create ne...

Custom Login Page Protection- OAM 11g R2

Create a login page with fields having username,password and requestid. Below is the sample login page : <%@page language="java" session="true" contentType="text/html;charset=ISO-8859-1"  %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request. getServerPort()+path+"/"; String requestID = request.getParameter("request_id"); %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <font color="blue">Login Page </font><br><br> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Implementing css and javascript</title> <meta http-equi...