Web Application Integration Steps in OAM 11gR2 (High Level)

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Venkata Srikanth on Oracle Blogs See other posts from Oracle Blogs or by Venkata Srikanth
Published on Fri, 23 Nov 2012 07:49:57 +0000 Indexed on 2012/11/23 11:09 UTC
Read the original article Hit count: 363

Filed under:

  1. Install OAM, Webtier (OHS) and WebGate as per the standard installation steps.
  2. Create a WebGate instance (i.e deploy WebGate)

A WebGate instance must be created that will copy required bits of agent from WEBGATE_HOME to WebGate instance location that shares the same INSTANCE_HOME with OHS

./deployWebGateInstance.sh –w /Oracle/Middleware/Oracle_WT1/instances/instance1/config/ohs1 –oh /Oracle/Middleware/Oracle_OAMWebGate1

Note: Here –w flag indicates OHS instance folder and –oh indicates the WebGate Oracle home

  1. Configure WebGate

In the webgate configuration the EditHttpdConf utility will copy OUI instantiated apache_webgate.template from WEBGATE_HOME to webgate instance location (renamed to webgate.conf), and update httpd.conf with one additional line to include webgate.conf.

export LD_LIBRARY_PATH=$ LD_LIBRARY_PATH:/Oracle/Middleware/Oracle_WT1/lib

Navigate to /Oracle/Middleware/Oracle_OAMWebGate1/webgate/ohs/tools/setup/InstallTools

./EditHttpdConf –w /Oracle/Middleware/Oracle_WT1/instances/instace1/config/OHS/ohs1 –oh /Oracle/Middleware/Oracle_OAMWebGate1 –o webgate.conf

  1. Register WebGate

Use RREG tool to register the OAM 11G WebGate


Navigate to /Oracle/Middleware/Oracle_IDM1/oam/server/rreg/input

Edit OAM11Grequest.xml. Change the specific xml content to include the weblogic admin URL, agentBaseURL, host identifier etc..

Navigate to /Oracle/Middleware/Oracle_IDM1/oam/server/rreg/bin

Set permissions to oamreg.sh à chmod 777 oamreg.sh

Edit oamreg.sh and set OAM_REG_HOME=/Oracle/Middleware/Oracle_IDM1/oam/server/rreg

./oamreg.sh inband input/OAM11Grequest.xml

Enter the WebLogic admin credentials when prompted.

After performing the above steps, there will be two artifcats created under Oracle/Middleware/Oracle_IDM1/oam/server/rreg/output, namely ObAccessClient.xml (Stroing webgate config parameters) and cwallet.sso (storing the agent key). These files must be copied to WebGate instance config folder (/Oracle/Middleware/Oracle_WT1/instances/instance1/config/ohs1/webgate/config)

Restart OHS

  1. Deploy the web application (myApp) in WebLogic application server
  2. Proxy Configuration in OHS

The mod_wl_ohs module enables requests to be proxied from Oracle HTTP Server 11g to Oracle WebLogic Server.

Navigate to /Oracle/Middleware/Oracle_WT1/instances/instance1/config/OHS/ohs1

Edit mod_wl_ohs.conf file to include the following:

<IfModule weblogic_module>

WebLogicHost <WEBLOGIC_HOST>

WebLogicPort <WEBLOGIC_PORT>

# Debug ON

# WLLogFile /tmp/weblogic.log

MatchExpression *.jsp

</IfModule>

<Location /myApp>

SetHandler weblogic-handler

# PathTrim /weblogic

# ErrorPage http:/WEBLOGIC_HOME:WEBLOGIC_PORT/

</Location>

Note: Here WEBLOGIC_HOST and WEBLOGIC_PORT are the WebLogic admin server host and port respectively

Restart OHS. Now if we access the web application URL with OHS host and port

(Ex: http://OHS_HOST:<OHS_PORT>/myApp) so that the requests will be proxied to WebLogic server.

  1. Create a new application domain

Login to OAM Admin Console

Navigate to Shared Componentsà Authentication Schemesà Create Authentication Scheme (Ex: LDAP Auth Scheme. Here the scheme is assoicated with LDAP Authentication Module)

Navigate to Policy Configuration à Application Domain à Create Application Domain

Enter the Application Domain Name and Click Apply.

Navigate to Resources tab and add the resource urls

(Web Application URLs that needs to be protected)

Navigate to Authentication Policy tab à Create a new authentication ploicy by providing the Resource URLs (The sample Web Application URLs) and Authentication Scheme.

Navigate to Authorization Policy tab à Create a new authorization policy à Enter authorization policy name and navigate to Resource Tab à Attach the Reource URL, Host Identifiers here.

Navigate to Conditions tab à Add the conditions like whom to allow and whom to deny access.

Navigate to Rules tab à Crate the Allow Rule and Deny Rule with the available conditions from the previous step so that the Authorization Policy may authorize the logins.

Navigate to Resources tab and attach the Authentication and Authorization plocies created in the above steps.

  1. Test the Web Application Integration.

© Oracle Blogs or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about /Oracle

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle