OAM 11g R2 PS2 (11.1.2.2.0) : Web Gate 11.1.2.2.0 Installation and Configuration, Protecting Web Application

-
his post covers the installation and configuration of Oracle Access Manager Web Gate 11.1.2.2.0 to protect Oracle Web Tier Utilities Oracle HTTP Server (OHS) Default Web Application.

Please follow the instructions to install Oracle Web Tier Utilities 11.1.1.7.0  which includes the installation of OHS and Web Cache

Process Overview

  1. Install WebGate
  2. Configure Webgate
  3. Create OAM artifacts to protect  OHS

1. Install WebGate

Extract ofm_webgates_generic_11.1.2.2.0_disk1_1of1.zip and run the installer
setup.exe -jreLoc <JAVA_HOME_LOCATION> 









2. Configure Webgate

 
Deploy WebGate



Microsoft Windows [Version 6.2.9200]
(c) 2012 Microsoft Corporation. All rights reserved.

C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\deployWebGate>set LD_LIBRARY_PATH=c:\Oracle\Middleware\Oracle_WT1\LIB;c:\Oracle\Middleware\O
racle_OAMWebGate1\webgate\ohs\lib

C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\deployWebGate>deployWebGateInstance.bat -w c:\Oracle\Middleware\Oracle_WT1\instances\instanc
e1\config\OHS\ohs1 -oh c:\Oracle\Middleware\Oracle_OAMWebGate1

Copying files
C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\config\oblog_config_wg.xml
1 File(s) copied
C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\openssl\simpleCA\cacert.pem
1 File(s) copied
C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\openssl\simpleCA\cakey.pem
1 File(s) copied
C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\deployWebGate>cd c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools>EditHttpConf -w c:\Oracle\Middleware\Oracle_WT1\instances\instance1\config\OHS\ohs1 -oh c:\O
racle\Middleware\Oracle_OAMWebGate1
'EditHttpConf' is not recognized as an internal or external command,
operable program or batch file.

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools>cd EditHttpConf

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\EditHttpConf>EditHttpConf -w c:\Oracle\Middleware\Oracle_WT1\instances\instance1\config\OHS\
ohs1 -oh c:\Oracle\Middleware\Oracle_OAMWebGate1
The web server configuration file was successfully updated
c:\Oracle\Middleware\Oracle_WT1\instances\instance1\config\OHS\ohs1/httpd.conf has been backed up as c:\Oracle\Middleware\Oracle_WT1\instances\instanc
e1\config\OHS\ohs1/httpd.conf.ORIG

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\EditHttpConf>copy c:\Oracle\Middleware\user_projects\domains\base_domain\output\webgate11g_1
\* c:\Oracle\Middleware\Oracle_WT1\instances\instance1\config\OHS\ohs1\webgate\config
c:\Oracle\Middleware\user_projects\domains\base_domain\output\webgate11g_1\cwallet.sso
c:\Oracle\Middleware\user_projects\domains\base_domain\output\webgate11g_1\ObAccessClient.xml
        2 file(s) copied.

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\EditHttpConf>


  

































3. Create OAM Artifacts to Protect OHS Default Web Application


Create User Data Store

 


Create Authentication Module of type LDAP


Create Authentication Scheme


Use the above in Application Domains->webgate11g_1->Authentication Policies->Protected Resource Policies->Authentication Schemes->Deepak_LDAPScheme


Test 

Access 
http://OHSHost:OHSPort/








Comments

Post a Comment

Popular posts from this blog

OIM 11g R2 PS2 : SOA Approval Workflow Sample

-
Image
In this post I am posting the sample code for a sample SOA approval workflow. Some of the features that this workflow addresses are Approval to Manager or Role Owners is dynamic based on the custom OIM system property "approval-condition". Value is set either "AND" or "OR". Manager or Role Owner can be set to be notified only with no approval required. In this case only email is sent to notify them but no approval is required from them. Custom OIM system property are created to address this.   manager-notify-only = TRUE or FALSE  TRUE = only notify the manager no approval request sent. FALSE = notify the manager and send an approval request.   roleowner-notify-only = TRUE or FALSE  TRUE = only notify the role owner no approval request sent. FALSE = notify the role owner and send an approval request. Third Level System Notification was required but it should be dynamic.  Custom OIM system property are created to address this sysadmin-...
Read more

OIM OIA Custom Code Integration via Web Services

-
This post covers the OIM OIA custom integration via web services. What this integration code does is listen for create or modify event in OIM and if that change is detected for a user profile then propagates it to OIA user in real time. If a user is created in OIM, then create the user in OIA. If a user is modified in OIM, then modify the user in OIA.  OIM changes are detected via Event Handler. OIA web services are invoked to create or modify the user in OIA. OIM Event Handler 1 package com.dubey.deepak.oim.oia.intg; 2 3 import Thor.API.Exceptions.tcAPIException; 4 import Thor.API.Exceptions.tcStaleDataUpdateException; 5 import Thor.API.Exceptions.tcUserNotFoundException; 6 7 import com.dubey.deepak.oim.oia.intg.ItResourceObj; 8 import com.dubey.deepak.oim.oia.intg.OIADBConnector; 9 import com.dubey.deepak.oim.oia.intg.OIAIntegrationConstants; 10 import com.dubey.deepak.oim.oia.intg.OIARequest; 11 import com.dubey.deepak.oim.oia.intg.OIA...
Read more

OIM 11g Custom ADF Application Development

-
Image
In this post , I will cover the steps required to create a custom ADF web application. What this application does is facilitate Account Claim Process. Users has been migrated from some other IAM product to OIM and exist in disabled state and hence cannot login to perform Self Service operations. User needs to identify themselves by providing their personal details like personal identification number, zip code and dob etc. After successfully Identifying themselves they will be able to set a new password and set their challenge questions and answers. During this process the application will activate their account and set the new password and QnA. At the end of the process, they will be able to login OIM with their new password set. The application has been developed using JDeveloper using ADF technology to render user interfaces and MVC design pattern to keep the concerns separate. Application Structure              ...
Read more