Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

OAM Install & Config

Installation and Configuration Guide for Oracle Access Manager

  • Login to see the comments

OAM Install & Config

  1. 1. Oracle Access Manager Install & Config Software Version Details: Software Version Oracle Jrocket JDK 1.6.0_31-R28.2.3-4.1.0 Oracle Weblogic 10.3.6 Oracle Access Manager 11.1.2.1.0 Oracle HTTP Server 11.1.1.7.0 Oracle Webgate 11.1.2.1.0 Oracle RCU 11.1.2.1.0for OAM Oracle Database 11.2.0.4.0
  2. 2. Installing RCU for Oracle Access Manager: Click Next
  3. 3. Click Next Provide database details in below screen
  4. 4. Click Next Select only oracle access manager component in below screen give prefix name as meaningful name
  5. 5. Click Next Provide password details in below screen
  6. 6. Click Next
  7. 7. Click Next
  8. 8. Click Create Completed RCU installation Install Java Latest JRockit - Patch 16863120: JDK160 ORACLE JROCKIT R28.2.8 p16863120_2828_Linux-x86-64.zip cd /apps unzip /apps/p16863120_2828_Linux-x86-64.zip Create Inventory Directory mkdir /apps/Middleware/oraInventory vi /etc/oraInst.loc inst_group=oinstall inventory_loc=/apps/Middleware/oraInventory
  9. 9. Instillaing weblogic [appoam@slcr12devtap1 WEBLOGIC_1036]$ export JAVA_HOME=/apps/jrockit-jdk1.6.0_51 [appoam@slcr12devtap1 WEBLOGIC_1036]$ export PATH=$JAVA_HOME/bin:$PATH [appoam@slcr12devtap1 WEBLOGIC_1036]$ which java /apps/jrockit-jdk1.6.0_51/bin/java [appoam@slcr12devtap1 WEBLOGIC_1036]$ java -version java version "1.6.0_51" Java(TM) SE Runtime Environment (build 1.6.0_51-b11) Oracle JRockit(R) (build R28.2.8-10-156881-1.6.0_51-20130611-1146-linux-x86_64, compiled mode) Click Next Please give middleware path and click Next
  10. 10. Unceck check box press “yes”
  11. 11. Click “yes”
  12. 12. Select Typical Click Next
  13. 13. Click Next Make sure below JROCKET path is correct and Click Next
  14. 14. Click Next
  15. 15. Click Next
  16. 16. Uncheck “run Quick start” and click done
  17. 17. Completed Weblogic Installation ============================================================================== =======
  18. 18. Installation Oracle Access Manager [appoam@slcr12devtap1 Disk1]$ ./runInstaller Starting Oracle Universal Installer... Checking if CPU speed is above 300 MHz. Actual 2294 MHz Passed Checking Temp space: must be greater than 150 MB. Actual 8411 MB Passed Checking swap space: must be greater than 512 MB. Actual 7684 MB Passed Checking monitor: must be configured to display at least 256 colors. Actual 16777216 Passed Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-18_07-22-22PM. Please wait ... Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist :/apps/jrockit-jdk1.6.0_51 Click Next
  19. 19. Click Next
  20. 20. Please provide Middleware Home Directory
  21. 21. Click Next
  22. 22. Click Next
  23. 23. Click Finish Completed installing the oracle accessmanager Configuring the Oracle Access Manager [appoam@slcr12devtap1 Disk1]$ export WL_HOME=/apps/Middleware/MW_HOME/OAM/ [appoam@slcr12devtap1 Disk1]$ export ORACLE_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM [appoam@slcr12devtap1 Disk1]$ cd $ORACLE_HOME [appoam@slcr12devtap1 Oracle_OAM]$ pwd /apps/Middleware/MW_HOME/OAM/Oracle_OAM [appoam@slcr12devtap1 Oracle_OAM]$ cd common [appoam@slcr12devtap1 common]$ cd bin [appoam@slcr12devtap1 bin]$
  24. 24. Completed configuring the Oracle Access Manager ============================================================================== ======= Configuring Database Security Store for an Oracle Identity and Access Management Domain appoam@slcr12devtap1 domains]$ cd /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain [appoam@slcr12devtap1 oamdomain]$ /apps/Middleware/MW_HOME/OAM/oracle_common/common/bin/wlst.sh /apps/Middleware/MW_HOME/OAM/Oracle_OAM/common/tools/configureSecurityStore.p y -d /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain -c IAM -u dev_opss -p Passw0rd -m create Below Is the output of above script CLASSPATH=/apps/Middleware/MW_HOME/OAM/patch_wls1036/profiles/default/sys_manife st_classpath/weblogic_patch.jar:/apps/Middleware/MW_HOME/OAM/patch_ocp371/profiles/ default/sys_manifest_classpath/weblogic_patch.jar:/apps/jrockit-
  25. 25. jdk1.6.0_51/lib/tools.jar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/weblo gic_sp.jar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/weblogic.jar:/apps/ Middleware/MW_HOME/OAM/modules/features/weblogic.server.modules_10.3.6.0.jar:/apps/ Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/webservices.jar:/apps/Middleware/M W_HOME/OAM/modules/org.apache.ant_1.7.1/lib/ant- all.jar:/apps/Middleware/MW_HOME/OAM/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant- contrib.jar::/apps/Middleware/MW_HOME/OAM/oracle_common/modules/oracle.jrf_11.1.1/j rf- wlstman.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/adfscripti ng.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/adf-share- mbeans- wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/mdswlst.jar:/ apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/auditwlst.jar:/a pps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/igfwlsthelp.jar:/ apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/jps- wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/jrf- wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/oama p_help.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/oa mAuthnProvider.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/reso urces/ossoiap_help.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/r esources/ossoiap.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/res ources/ovdwlsthelp.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/r esources/sslconfigwlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wls t/resources/wsm-wlst.jar:/apps/Middleware/MW_HOME/OAM/utils/config/10.3/config- launch.jar::/apps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbynet.j ar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbyclient.jar:/ap ps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbytools.jar:: Initializing WebLogic Scripting Tool (WLST) ... Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands Info: Data source is: opss-DBDS Info: DB JDBC driver: oracle.jdbc.OracleDriver Info: DB JDBC URL: jdbc:oracle:thin:@usaslcoamdbr12t.goldbar.barrick.com:1531/oamd Connected:oracle.jdbc.driver.T4CConnection@1e28e947
  26. 26. Disconnect:oracle.jdbc.driver.T4CConnection@1e28e947 2014-04-19 10:02:09.640 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 23 2014-04-19 10:02:09.660 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 24 2014-04-19 10:02:09.660 rcu:Extracted SQL Statement: [SET ECHO ON] 2014-04-19 10:02:09.660 rcu:Skipping Unsupported Statement 2014-04-19 10:02:09.660 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 25 2014-04-19 10:02:09.660 rcu:Extracted SQL Statement: [SET FEEDBACK 1] 2014-04-19 10:02:09.660 rcu:Skipping Unsupported Statement 2014-04-19 10:02:09.660 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 26 2014-04-19 10:02:09.660 rcu:Extracted SQL Statement: [SET NUMWIDTH 10] 2014-04-19 10:02:09.660 rcu:Skipping Unsupported Statement 2014-04-19 10:02:09.661 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 27 2014-04-19 10:02:09.661 rcu:Extracted SQL Statement: [SET LINESIZE 80] 2014-04-19 10:02:09.661 rcu:Skipping Unsupported Statement 2014-04-19 10:02:09.661 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 28 2014-04-19 10:02:09.661 rcu:Extracted SQL Statement: [SET TRIMSPOOL ON] 2014-04-19 10:02:09.661 rcu:Skipping Unsupported Statement 2014-04-19 10:02:09.661 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 29 2014-04-19 10:02:09.661 rcu:Extracted SQL Statement: [SET TAB OFF] 2014-04-19 10:02:09.661 rcu:Skipping Unsupported Statement 2014-04-19 10:02:09.662 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 30 2014-04-19 10:02:09.662 rcu:Extracted SQL Statement: [SET PAGESIZE 100] 2014-04-19 10:02:09.662 rcu:Skipping Unsupported Statement 2014-04-19 10:02:09.662 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 31 2014-04-19 10:02:09.665 rcu:Extracted SQL Statement: [ALTER SESSION SET CURRENT_SCHEMA=&&1 ]
  27. 27. 2014-04-19 10:02:09.668 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:10.511 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 35 2014-04-19 10:02:10.512 rcu:Extracted SQL Statement: [DELETE FROM JPS_ATTRS attr WHERE attr.JPS_ATTRS_ID IN (SELECT JPS_ATTRS_ID FROM CT_8 ct WHERE ct.ATTRVAL IS NULL)] 2014-04-19 10:02:10.513 rcu:Statement Type: 'DELETE Statement' 2014-04-19 10:02:11.117 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 36 2014-04-19 10:02:11.117 rcu:Extracted SQL Statement: [DELETE FROM JPS_ATTRS attr WHERE attr.JPS_ATTRS_ID IN (SELECT JPS_ATTRS_ID FROM CT_10 ct WHERE ct.ATTRVAL IS NULL)] 2014-04-19 10:02:11.117 rcu:Statement Type: 'DELETE Statement' 2014-04-19 10:02:11.150 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 37 2014-04-19 10:02:11.150 rcu:Extracted SQL Statement: [DELETE FROM JPS_ATTRS attr WHERE attr.JPS_ATTRS_ID IN (SELECT JPS_ATTRS_ID FROM CT_11 ct WHERE ct.ATTRVAL IS NULL)] 2014-04-19 10:02:11.150 rcu:Statement Type: 'DELETE Statement' 2014-04-19 10:02:11.182 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 38 2014-04-19 10:02:11.182 rcu:Extracted SQL Statement: [DELETE FROM JPS_ATTRS attr WHERE attr.JPS_ATTRS_ID IN (SELECT JPS_ATTRS_ID FROM CT_22 ct WHERE ct.ATTRVAL IS NULL)] 2014-04-19 10:02:11.183 rcu:Statement Type: 'DELETE Statement' 2014-04-19 10:02:11.215 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 39 2014-04-19 10:02:11.215 rcu:Extracted SQL Statement: [DELETE FROM CT_8 ct WHERE ct.ATTRVAL IS NULL] 2014-04-19 10:02:11.215 rcu:Statement Type: 'DELETE Statement' 2014-04-19 10:02:11.223 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 40 2014-04-19 10:02:11.223 rcu:Extracted SQL Statement: [DELETE FROM CT_10 ct WHERE ct.ATTRVAL IS NULL] 2014-04-19 10:02:11.223 rcu:Statement Type: 'DELETE Statement' 2014-04-19 10:02:11.232 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 41 2014-04-19 10:02:11.232 rcu:Extracted SQL Statement: [DELETE FROM CT_11 ct WHERE ct.ATTRVAL IS NULL] 2014-04-19 10:02:11.232 rcu:Statement Type: 'DELETE Statement'
  28. 28. 2014-04-19 10:02:11.351 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 42 2014-04-19 10:02:11.351 rcu:Extracted SQL Statement: [DELETE FROM CT_22 ct WHERE ct.ATTRVAL IS NULL] 2014-04-19 10:02:11.351 rcu:Statement Type: 'DELETE Statement' 2014-04-19 10:02:11.361 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 43 2014-04-19 10:02:11.362 rcu:Extracted SQL Statement: [] 2014-04-19 10:02:11.367 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 43 2014-04-19 10:02:11.367 rcu:Extracted SQL Statement: [COMMIT;] 2014-04-19 10:02:11.372 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 47 2014-04-19 10:02:11.374 rcu:Extracted SQL Statement: [declare v_count NUMBER := 0 ; BEGIN SELECT COUNT(*) INTO v_count FROM CT_8 WHERE LENGTH(ATTRVAL) > 3000; IF (v_count = 0) THEN EXECUTE IMMEDIATE 'ALTER TABLE CT_8 MODIFY (ATTRVAL VARCHAR2(3000))'; EXECUTE IMMEDIATE 'CREATE TABLE CT_8_TMP (JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL, PRIMARY KEY (JPS_DN_ENTRYID, ATTRVAL, JPS_ATTRS_ID)) ORGANIZATION INDEX OVERFLOW AS SELECT JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL FROM CT_8'; EXECUTE IMMEDIATE 'DROP TABLE CT_8'; EXECUTE IMMEDIATE 'ALTER TABLE CT_8_TMP RENAME TO CT_8'; EXECUTE IMMEDIATE 'ALTER TABLE CT_8 ADD CONSTRAINT CT_8_FK FOREIGN KEY(JPS_ATTRS_ID) REFERENCES JPS_ATTRS(JPS_ATTRS_ID) ON DELETE CASCADE'; END IF; SELECT COUNT(*) INTO v_count FROM CT_10 WHERE LENGTH(ATTRVAL) > 3000; IF (v_count = 0) THEN EXECUTE IMMEDIATE 'ALTER TABLE CT_10 MODIFY (ATTRVAL VARCHAR2(3000))'; EXECUTE IMMEDIATE 'CREATE TABLE CT_10_TMP (JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL, PRIMARY KEY (JPS_DN_ENTRYID, ATTRVAL, JPS_ATTRS_ID)) ORGANIZATION INDEX OVERFLOW AS SELECT JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL FROM CT_10'; EXECUTE IMMEDIATE 'DROP TABLE CT_10'; EXECUTE IMMEDIATE 'ALTER TABLE CT_10_TMP RENAME TO CT_10'; EXECUTE IMMEDIATE 'ALTER TABLE CT_10 ADD CONSTRAINT CT_10_FK FOREIGN KEY(JPS_ATTRS_ID) REFERENCES JPS_ATTRS(JPS_ATTRS_ID) ON DELETE CASCADE'; END IF;
  29. 29. SELECT COUNT(*) INTO v_count FROM CT_11 WHERE LENGTH(ATTRVAL) > 3000; IF (v_count = 0) THEN EXECUTE IMMEDIATE 'ALTER TABLE CT_11 MODIFY (ATTRVAL VARCHAR2(3000))'; EXECUTE IMMEDIATE 'CREATE TABLE CT_11_TMP (JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL, PRIMARY KEY (JPS_DN_ENTRYID, ATTRVAL, JPS_ATTRS_ID)) ORGANIZATION INDEX OVERFLOW AS SELECT JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL FROM CT_11'; EXECUTE IMMEDIATE 'DROP TABLE CT_11'; EXECUTE IMMEDIATE 'ALTER TABLE CT_11_TMP RENAME TO CT_11'; EXECUTE IMMEDIATE 'ALTER TABLE CT_11 ADD CONSTRAINT CT_11_FK FOREIGN KEY(JPS_ATTRS_ID) REFERENCES JPS_ATTRS(JPS_ATTRS_ID) ON DELETE CASCADE'; END IF; SELECT COUNT(*) INTO v_count FROM CT_22 WHERE LENGTH(ATTRVAL) > 3000; IF (v_count = 0) THEN EXECUTE IMMEDIATE 'ALTER TABLE CT_22 MODIFY (ATTRVAL VARCHAR2(3000))'; EXECUTE IMMEDIATE 'CREATE TABLE CT_22_TMP (JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL, PRIMARY KEY (JPS_DN_ENTRYID, ATTRVAL, JPS_ATTRS_ID)) ORGANIZATION INDEX OVERFLOW AS SELECT JPS_DN_ENTRYID, JPS_ATTRS_ID, ATTRVAL FROM CT_22'; EXECUTE IMMEDIATE 'DROP TABLE CT_22'; EXECUTE IMMEDIATE 'ALTER TABLE CT_22_TMP RENAME TO CT_22'; EXECUTE IMMEDIATE 'ALTER TABLE CT_22 ADD CONSTRAINT CT_22_FK FOREIGN KEY(JPS_ATTRS_ID) REFERENCES JPS_ATTRS(JPS_ATTRS_ID) ON DELETE CASCADE'; END IF; END; ] 2014-04-19 10:02:11.378 rcu:Statement Type: 'BEGIN/END Anonymous Block' 2014-04-19 10:02:13.187 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 90 2014-04-19 10:02:13.187 rcu:Extracted SQL Statement: [ALTER TABLE JPS_ATTRS ADD ( ATTRKIND NUMBER )] 2014-04-19 10:02:13.187 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:13.254 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 93 2014-04-19 10:02:13.254 rcu:Extracted SQL Statement: [CREATE INDEX JPS_ATTRS_KIND ON JPS_ATTRS (ATTRKIND)] 2014-04-19 10:02:13.255 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:13.295 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 94
  30. 30. 2014-04-19 10:02:13.295 rcu:Extracted SQL Statement: [UPDATE JPS_ATTRS SET ATTRKIND = 1 WHERE lower(ATTRNAME) = 'orcljpsassignee'] 2014-04-19 10:02:13.296 rcu:Statement Type: 'DML Statement' 2014-04-19 10:02:13.307 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 96 2014-04-19 10:02:13.307 rcu:Extracted SQL Statement: [UPDATE JPS_ATTRS SET ATTRKIND = 0 WHERE ATTRKIND IS NULL] 2014-04-19 10:02:13.307 rcu:Statement Type: 'DML Statement' 2014-04-19 10:02:13.320 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 97 2014-04-19 10:02:13.320 rcu:Extracted SQL Statement: [] 2014-04-19 10:02:13.325 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 97 2014-04-19 10:02:13.325 rcu:Extracted SQL Statement: [COMMIT;] 2014-04-19 10:02:13.329 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 100 2014-04-19 10:02:13.329 rcu:Extracted SQL Statement: [CREATE INDEX IDX_JPS_CONCAT_DN ON JPS_DN (CONCAT(PARENTDN, RDN))] 2014-04-19 10:02:13.329 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:13.370 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 103 2014-04-19 10:02:13.370 rcu:Extracted SQL Statement: [ALTER TABLE CT_9 ADD ( GRANTEEDNATTR VARCHAR2(1024), PERMSETREFATTR VARCHAR2 (1024), POLICYREFATTR VARCHAR2 (1024), POLICYSETREFATTR VARCHAR2 (1024), RULEREFATTR VARCHAR2 (1024) )] 2014-04-19 10:02:13.371 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:13.420 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 113 2014-04-19 10:02:13.421 rcu:Extracted SQL Statement: [ALTER TABLE CT_6 ADD ( PRINCIPAL_CLASS VARCHAR2(1024), NAME VARCHAR2 (1024), UNIQUENAME VARCHAR2 (1024), GUID VARCHAR2(1024), REFER_TYPE NUMBER, REFER_ENTRYID NUMBER)]
  31. 31. 2014-04-19 10:02:13.422 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:13.476 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 122 2014-04-19 10:02:13.476 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_CLASS ON CT_6 (PRINCIPAL_CLASS) ] 2014-04-19 10:02:13.477 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:13.512 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 123 2014-04-19 10:02:13.512 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_NAME ON CT_6 (NAME) ] 2014-04-19 10:02:13.512 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:13.540 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 124 2014-04-19 10:02:13.540 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_PRINCIPAL ON CT_6 (CONCAT(PRINCIPAL_CLASS, NAME))] 2014-04-19 10:02:13.541 rcu:Statement Type: 'DDL Statement' 2014-04-19 10:02:13.568 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 127 2014-04-19 10:02:13.568 rcu:Extracted SQL Statement: [UPDATE JPS_ATTRS SET ATTRVAL='11.1.1.6.1' WHERE ATTRNAME='orclProductVersion' AND (ATTRVAL='11.1.1.6.0')] 2014-04-19 10:02:13.569 rcu:Statement Type: 'DML Statement' 2014-04-19 10:02:13.579 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 128 2014-04-19 10:02:13.579 rcu:Extracted SQL Statement: [] 2014-04-19 10:02:13.584 rcu:Extracting Statement from File Name: '/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops s_upgrade_111160_111161.sql'Line Number: 128 2014-04-19 10:02:13.584 rcu:Extracted SQL Statement: [COMMIT;] [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done Apr 19, 2014 10:02:47 AM oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator schemaCompatibleHandler INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to the seed schema version 11.1.1.4.0 [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done
  32. 32. Apr 19, 2014 10:02:50 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl migrateCredentialData INFO: Migration of Credential Store data in progress..... Apr 19, 2014 10:02:59 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl migrateCredentialData INFO: Migration of Credential Store data completed, Time taken for migration is 00:00:08 [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] migrateData - done [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] testJpsService - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup - done Apr 19, 2014 10:02:59 AM oracle.security.jps.internal.config.ldap.LdapKeyStoreServiceConfigurator schemaCompatibleHandler INFO: Keystore schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to the seed schema version 11.1.1.4.0 [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] updateServiceConfiguration - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] migrateData - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] testJpsService - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup - done Apr 19, 2014 10:03:03 AM oracle.security.jps.internal.config.ldap.LdapPolicyStoreServiceConfigurator schemaCompatibleHandler INFO: Policy schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to the seed schema version 11.1.1.4.0 [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] updateServiceConfiguration - done WLS ManagedService is not up running. Fall back to use system properties for configuration. Apr 19, 2014 10:03:23 AM oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData INFO: Migration of Admin Role Members started Apr 19, 2014 10:03:24 AM oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData INFO: Migration of Admin Role Members completed in 00:00:00 [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] migrateData - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] testJpsService - done [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup - done
  33. 33. Apr 19, 2014 10:03:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator schemaCompatibleHandler INFO: Audit store schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to the seed schema version 11.1.1.4.0 [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] updateServiceConfiguration - done Apr 19, 2014 10:03:25 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData INFO: Migration of Audit Store data in progress..... [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] migrateData - done Apr 19, 2014 10:04:52 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData INFO: Migration of Audit Store data completed, Time taken for migration is 00:01:27 [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] testJpsService - done persist to output: /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig - done [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] updateServiceConfiguration - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] updateServiceConfiguration - done Apr 19, 2014 10:05:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator checkIfConfigurationValid INFO: Audit store re-association not supported. [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup - Audit store re-association not supported. persist to output: /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig – done Apr 19, 2014 10:03:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator schemaCompatibleHandler INFO: Audit store schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to the seed schema version 11.1.1.4.0
  34. 34. [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] updateServiceConfiguration - done Apr 19, 2014 10:03:25 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData INFO: Migration of Audit Store data in progress..... [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] migrateData - done Apr 19, 2014 10:04:52 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData INFO: Migration of Audit Store data completed, Time taken for migration is 00:01:27 [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] testJpsService - done persist to output: /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig - done [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] updateServiceConfiguration - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] updateServiceConfiguration - done Apr 19, 2014 10:05:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator checkIfConfigurationValid INFO: Audit store re-association not supported. [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup - Audit store re-association not supported. persist to output: /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig - done INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used. INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used. Using default context in /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig/j ps-config-migration.xml file for credential store. Credential store location : jdbc:oracle:thin:@usaslcoamdbr12t.goldbar.barrick.com:1531/oamd Credential with map Oracle-IAM-Security-Store-Diagnostics key Test-Cred stored successfully!
  35. 35. Credential for map Oracle-IAM-Security-Store-Diagnostics and key Test-Cred is: GenericCredential Info: diagnostic credential created in the credential store. Info: Create operation has completed successfully. appoam@slcr12devtap1 lib]$ ls -ltr rdbms* -rwxr-x--- 1 appoam oinstall 8310 Apr 18 19:21 rdbms_security_store_db2.sql -rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_db2_remove.sql -rwxr-x--- 1 appoam oinstall 8302 Apr 18 19:21 rdbms_security_store_derby.sql -rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_derby_remove.sql -rwxr-x--- 1 appoam oinstall 8508 Apr 18 19:21 rdbms_security_store_oracle.sql -rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_oracle_remove.sql -rwxr-x--- 1 appoam oinstall 8172 Apr 18 19:21 rdbms_security_store_sqlserver.sql -rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_sqlserver_remove.sql -rwxr-x--- 1 appoam oinstall 10591 Apr 18 19:21 rdbms_security_store_sybase.sql -rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_sybase_remove.sql [appoam@slcr12devtap1 lib]$ scp -r rdbms_security_store_oracle.sql oraOAMD@usaslcomadbr12t:/home/oraOAMD ssh: Could not resolve hostname usaslcomadbr12t: Name or service not known lost connection [appoam@slcr12devtap1 lib]$ scp -r rdbms_security_store_oracle.sql oraOAMD@usaslcoamdbr12t:/home/oraOAMD The authenticity of host 'usaslcoamdbr12t (10.13.80.176)' can't be established. RSA key fingerprint is 9c:e2:b5:d5:f3:69:58:53:0c:d6:7a:6c:1c:bb:74:90. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'usaslcoamdbr12t,10.13.80.176' (RSA) to the list of known hosts. oraOAMD@usaslcoamdbr12t's password: rdbms_security_store_oracle.sql 100% 8508 8.3KB/s 00:00 [appoam@slcr12devtap1 lib]$ pwd /apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib -rwxr-x--- 1 oraOAMD dba 8508 Apr 19 10:09 rdbms_security_store_oracle.sql [oraOAMD@usaslcoamdbr12t ~]$ sqlplus dev_opss SQL*Plus: Release 11.2.0.4.0 Production on Sat Apr 19 10:09:54 2014 Copyright (c) 1982, 2013, Oracle. All rights reserved.
  36. 36. Enter password: Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, OLAP, Data Mining and Real Application Testing options SQL> @rdbms_security_store_oracle.sql; Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created.
  37. 37. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. Table created. 1 row created. Commit complete. SQL> exit Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, OLAP, OAM patches: 18138998 --- Oracle Identity Management Suite BP patch of 11.1.2.1.3 17496113: WARNING: COULD NOT OBTAIN LOCK ON POLLTRACKING.LCK
  38. 38. Start OAM services /apps/Middleware/MW_HOME/OAM/oracle_common/common/bin/setNMProps.sh ~/bin/start_node_manager.sh /apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMdomain/bin/startWebLogic. sh /apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMdomain/bin/startManaged WebLogic.sh oam_server1 Installing Oracle HTTP Server [appoam@slcr12devtap1 common]$ cd /mnt/shared/software_dump/HTTP_WEB_SERVER/ [appoam@slcr12devtap1 HTTP_WEB_SERVER]$ ls -ltr total 1760516 drwxr-xr-x 6 appoam oinstall 4096 Mar 2 2013 Disk1 drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 Disk2 drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 Disk3 -rw-r--r-- 1 appoam oinstall 22806 Mar 12 2013 readme.html -rw-r--r-- 1 appoam oinstall 1802723467 Apr 17 16:47 V37384-01.zip [appoam@slcr12devtap1 HTTP_WEB_SERVER]$ cd Disk1 [appoam@slcr12devtap1 Disk1]$ ls -ltr total 36 -rwxrwxr-x 1 appoam oinstall 16532 Oct 25 2012 runInstaller drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 plugins drwxrwxr-x 6 appoam oinstall 4096 Mar 2 2013 doc drwxr-xr-x 12 appoam oinstall 4096 Mar 2 2013 stage drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 install [appoam@slcr12devtap1 Disk1]$ ./runInstaller Starting Oracle Universal Installer... Checking Temp space: must be greater than 400 MB. Actual 8339 MB Passed Checking swap space: must be greater than 500 MB. Actual 7553 MB Passed Checking monitor: must be configured to display at least 256 colors. Actual 16777216 Passed
  39. 39. Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-28_04-51-50PM. Please wait ...[appoam@slcr12devtap1 Disk1]$ Log: /apps/oraInventory/logs/install2014-04- 28_04-51-50PM.log
  40. 40. Completed installation of oracle HTTP server Installing oracle webgate [appoam@slcr12devtap1 Disk1]$ ls -ltr total 100 -rwxrwxr-x 1 appoam oinstall 73728 Sep 15 2011 setup.exe -rwxrwxr-x 1 appoam oinstall 16454 Sep 19 2011 runInstaller drwxrwxr-x 12 appoam oinstall 4096 Apr 18 2013 install drwxr-xr-x 13 appoam oinstall 4096 Apr 18 2013 stage [appoam@slcr12devtap1 Disk1]$ ./runInstaller Starting Oracle Universal Installer... Checking if CPU speed is above 300 MHz. Actual 2294 MHz Passed Checking Temp space: must be greater than 150 MB. Actual 8345 MB Passed Checking swap space: must be greater than 512 MB. Actual 7537 MB Passed
  41. 41. Checking monitor: must be configured to display at least 256 colors. Actual 16777216 Passed Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-28_05-15-54PM. Please wait ... Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist :^C [appoam@slcr12devtap1 Disk1]$ echo $JAVA_HOME /apps/jrockit-jdk1.6.0_51 [appoam@slcr12devtap1 Disk1]$ ./runInstaller Starting Oracle Universal Installer... Checking if CPU speed is above 300 MHz. Actual 2294 MHz Passed Checking Temp space: must be greater than 150 MB. Actual 8345 MB Passed Checking swap space: must be greater than 512 MB. Actual 7537 MB Passed Checking monitor: must be configured to display at least 256 colors. Actual 16777216 Passed Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-28_05-16-11PM. Please wait ... Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist :/apps/jrockit-jdk1.6.0_51 [appoam@slcr12devtap1 Disk1]$ [WARN ][jrockit] MaxPermSize=512m ignored: Not a valid option for JRockit Log: /apps/oraInventory/logs/install2014-04-28_05-16-11PM.log
  42. 42. Completed installation of wegate ============================================================================== ======= Install and Configure WebGate on the WebTier [appoam@slcr12devtap1 deployWebGate]$ pwd /apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/deployWeb Gate [appoam@slcr12devtap1 deployWebGate]$ echo $MW_HOME [appoam@slcr12devtap1 deployWebGate]$ pwd /apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/deployWeb Gate [appoam@slcr12devtap1 deployWebGate]$ export MW_HOME=/apps/Middleware/MW_HOME/OAM
  43. 43. [appoam@slcr12devtap1 deployWebGate]$ ./deployWebGateInstance.sh -w $MW_HOME/Oracle_WT1/instances/instance1/config/OHS/ohs1 -oh $MW_HOME/Oracle_OAMWebGate1 Copying files from WebGate Oracle Home to WebGate Instancedir [appoam@slcr12devtap1 Oracle_OAMWebGate1]$ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/apps/Middleware/MW_HOME/OAM/Oracle_WT1/lib [appoam@slcr12devtap1 Oracle_OAMWebGate1]$ cd /apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/setup/Install Tools [appoam@slcr12devtap1 InstallTools]$ [appoam@slcr12devtap1 InstallTools]$ ./EditHttpConf -w $MW_HOME/Oracle_WT1/instances/instance1/config/OHS/ohs1 -oh $MW_HOME/Oracle_OAMWebGate1 The web server configuration file was successfully updated /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/http d.conf has been backed up as /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/http d.conf.ORIG [appoam@slcr12devtap1 InstallTools]$ Setting Up the RREG Tool To set up the RREG tool, complete the following steps: On UNIX After installing and configuring Oracle Access Manager, go to the following directory: Oracle_IDM2/oam/server/rreg/client Untar the RREG.tar.gz file. Example: gunzip RREG.tar.gz tar -xvf RREG.tar /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/client [appoam@slcr12devtap1 client]$ ls -ltr
  44. 44. total 26272 -rw-r----- 1 appoam oinstall 9512960 Mar 17 2013 RREG.tar -rw-r----- 1 appoam oinstall 8935304 Mar 17 2013 rreg-toolkit.jar -rw-r----- 1 appoam oinstall 8446505 Apr 29 16:55 RREG.tar.gz_bkp [appoam@slcr12devtap1 client]$ tar -xvf RREG.tar rreg/ rreg/lib/ rreg/lib/rreg.jar rreg/lib/identitystore.jar rreg/lib/jps-common.jar rreg/lib/utilities.jar rreg/lib/jps-api.jar rreg/lib/osdt_core.jar rreg/lib/jps-ee.jar rreg/lib/osdt_xmlsec.jar rreg/lib/ojmisc.jar rreg/lib/RequestResponse.jar rreg/lib/commons-httpclient-3.1.jar rreg/lib/osdt_cert.jar rreg/lib/jps-unsupported-api.jar rreg/lib/commons-codec-1.3.jar rreg/lib/oraclepki.jar rreg/lib/commons-logging-1.1.1.jar rreg/lib/jps-internal.jar
  45. 45. rreg/lib/nap-api.jar rreg/bin/ rreg/bin/oamreg.sh rreg/bin/oamreg.bat rreg/config/ rreg/config/RequestResponseXMLSchema.xsd rreg/input/ rreg/input/OAMRequest_short.xml rreg/input/OSSORequest.xml rreg/input/OpenSSORequest_short.xml rreg/input/OSSOUpdateAgentRequest.xml rreg/input/OAM11GRequest.xml rreg/input/OAM11GRequest_short.xml rreg/input/CreatePolicyRequest.xml rreg/input/OpenSSOUpdateAgentRequest.xml rreg/input/OAMUpdateAgentRequest.xml rreg/input/OpenSSORequest.xml rreg/input/OAM11GUpdateAgentRequest.xml rreg/input/UpdatePolicyRequest.xml rreg/input/OAMRequest.xml rreg/output/ rreg/logs/ rreg/tester/ rreg/tester/oamtest.jar
  46. 46. rreg/tester/nap-api.jar rreg/truststore/ rreg/truststore/rregcerts.jks rreg/templates/ rreg/templates/opensso/ rreg/templates/opensso/webagents/ rreg/templates/opensso/webagents/OpenSSOAgentConfiguration.template rreg/templates/opensso/webagents/OpenSSOAgentBootstrap.template rreg/templates/opensso/j2eeagents/ rreg/templates/opensso/j2eeagents/OpenSSOAgentBootstrap.template rreg/templates/opensso/j2eeagents/OpenSSOAgentConfiguration.template Now go to /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/input [appoam@slcr12devtap1 client]$ ls -ltr total 26276 drwxr-xr-x 11 appoam oinstall 4096 Mar 17 2013 rreg -rw-r----- 1 appoam oinstall 9512960 Mar 17 2013 RREG.tar -rw-r----- 1 appoam oinstall 8935304 Mar 17 2013 rreg-toolkit.jar -rw-r----- 1 appoam oinstall 8446505 Apr 29 16:55 RREG.tar.gz_bkp Create EBS_OAM11gRequest_short.xml appoam@slcr12devtap1 input]$ vi EBS_OAM11gRequest_short.xml [appoam@slcr12devtap1 input]$ pwd /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/input <OAM11GRegRequest> <serverAddress>http://usaslcoamr12t.goldbar.barrick.com:7001</serverAddress> <hostIdentifier>usaslcoamr12t.goldbar.barrick.com</hostIdentifier> <agentName>usaslcoamr12t.goldbar.barrick.com</agentName>
  47. 47. <agentBaseUrl>http://usaslcoamr12t.goldbar.barrick.com:7777</agentBaseUrl> <logOutUrls><url>/logout</url></logOutUrls> </OAM11GRegRequest> [appoam@slcr12devtap1 input]$ pwd /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/input Create ebs.oam.conf file [appoam@slcr12devtap1 input]$ vi ebs.oam.conf [appoam@slcr12devtap1 input]$ ############################################################################## # # Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. # # This is a configuration file, to be used with the OAM Config Tool, for # configuring policies in OAM in order to facilitate Single Sign On. # # Protected URIs:- # A Protected URI (resource) implies that an user must be authenticated # before he could access that resource. Upon accessing a protected uri, the # user would be redirected to the OAM login page for authentication. # Subsequently, upon successful authentication, he would be redirected to the # original requested resource. # # Public URIs:- # A Public URI (resource), on the contrary, implies that a user be allowed # access to that resource without authentication. # # This file essentially contains a list of protected and public URIs belonging # to an Application. # # Please refer to the documentation of OAM Config Tool for anything related to # the OAM Config tool's usage and the documentation of OAM for anything # related to OAM in general. # ########################## # File format description ########################## # 1. Any line beginning with '#' is considered a comment and would be ignored
  48. 48. # 2. Likewise any empty line or any line beginning with ' ' (space) would be # ignored # 3. All the Protected URIs must be listed followed by the key-word: # "protected_uris". # 4. All the Public URIs must be listed followed by the key-word: "public_uris" # # Note that Public URIs are optional. But you need to have at least one # Protected URI listed # # ######################## #Product Name: E-Business Suite ######################## ########################### protected_uris ########################### /ebsauth_devt12 /index.html ########################### public_uris ########################### /ebsauth_devt12/style/ /ebsauth_devt12/ssologin /ebsauth_devt12/ssologout.do /ebsauth_devt12/ssologout_callback /public/oacleanup.html /public/index.html export JAVA_HOME=/apps/jrockit-jdk1.6.0_51 export OAM_REG_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/bin ./bin/oamreg.sh inband input/EBS_OAM11g_DEVT12.xml Enter admin password: Do you want to enter a Webgate password?(y/n): n Do you want to import an URIs file?(y/n):
  49. 49. y Please enter URIs filename (full path) (ex: /config/fa.oam.conf) : /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/config/ebs_oam_dev12.c onf Apr 29, 2014 6:00:23 PM oracle.security.am.engines.rreg.client.util.RegClientUtil getURIsFilename INFO: Filename accepted. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler readProtAndPubUrisFromFileAndSet INFO: Success: URI:[/ebsauth_devt12*] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler readProtAndPubUrisFromFileAndSet INFO: Success: URI:[/ebsauth_devt12/**] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler readProtAndPubUrisFromFileAndSet INFO: Success: URI:[/index.html] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler readProtAndPubUrisFromFileAndSet INFO: Success: URI:[/index.html/**] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/ebsauth_devt12/style/*] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/ebsauth_devt12/style/**] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/ebsauth_devt12/ssologin*] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/ebsauth_devt12/ssologin/**] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/ebsauth_devt12/ssologout.do] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/ebsauth_devt12/ssologout.do/**] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/ebsauth_devt12/ssologout_callback*] is added. Apr 29, 2014 6:00:24 PM
  50. 50. oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/ebsauth_devt12/ssologout_callback/**] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/public/oacleanup.html] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/public/oacleanup.html/**] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/public/index.html] is added. Apr 29, 2014 6:00:24 PM oracle.security.am.engines.rreg.client.util.RegClientFusionCfgURIsFileHandler setUriInPolicy INFO: Success: URI:[/public/index.html/**] is added. ---------------------------------------- Request summary: OAM11G Agent Name:usaslcoamr12t.goldbar.barrick.com Base URL:http://usaslcoamr12t.goldbar.barrick.com:7777 URL String:usaslcoamr12t.goldbar.barrick.com Registering in Mode:inband Your registration request is being sent to the Admin server at: http://usaslcoamr12t.goldbar.barrick.com:7003 ---------------------------------------- Apr 29, 2014 6:04:04 PM oracle.security.jps.util.JpsUtil disableAudit INFO: JpsUtil: isAuditDisabled set to true Inband registration process completed successfully! Output artifacts are created in the output folder. rw------- 1 appoam oinstall 3181 Apr 29 18:04 cwallet.sso -rw-r--r-- 1 appoam oinstall 2963 Apr 29 18:04 ObAccessClient.xml Copy above files to below directory Copy the generated registration artifacts to your WebTier [appoam@slcr12devtap1 usaslcoamr12t.goldbar.barrick.com]$ cp * /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/w ebgate/config [appoam@slcr12devtap1 usaslcoamr12t.goldbar.barrick.com]$ pwd /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/output/usaslcoamr12t.go ldbar.barrick.com [appoam@slcr12devtap1 usaslcoamr12t.goldbar.barrick.com]$
  51. 51. Start WebTier appoam@slcr12devtap1 bin]$ ls -ltr total 48 -rwx------ 1 appoam oinstall 46053 Apr 28 17:10 opmnctl [appoam@slcr12devtap1 bin]$ ./opmnctl startall opmnctl startall: starting opmn and all managed processes... [appoam@slcr12devtap1 bin]$ ./opmnctl status -l Processes in Instance: instance1 ---------------------------------+--------------------+---------+----------+------------+----------+-----------+------ ias-component | process-type | pid | status | uid | memused | uptime | ports ---------------------------------+--------------------+---------+----------+------------+----------+-----------+------ ohs1 | OHS | 5411 | Alive | 1609438392 | 1369016 | 25:02:18 | https:9999,https:4443,http:7777 [appoam@slcr12devtap1 bin]$ Verify registration using OAM Console http://usaslcoamr12t.goldbar.barrick.com:7003/oamconsole Logon to the OAM Console http://<host>.<domain>:<adminport>/oamconsole Verify that the following artifacts are visible now in the OAM Console. System Configuration tab > Access Manager section > SSO Agents node > OAM Agents (double click) > Search for {Identifier for your WebGate} Policy Configuration tab > Browse tab > Shared Components node > Host Identifiers node > Search for {Identifier for your WebGate} Policy Configuration tab > Browse tab > Application Domains node > Search for {Identifier for your WebGate} Test your WebGate apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/htdoc s/public [appoam@slcr12devtap1 public]$ cd .. [appoam@slcr12devtap1 htdocs]$ ls -ltr total 108 -rw------- 1 appoam oinstall 2585 Apr 28 17:10 index.html.hu -rw------- 1 appoam oinstall 726 Apr 28 17:10 README.rus
  52. 52. -rw------- 1 appoam oinstall 2326 Apr 28 17:10 apache_pb.gif -rw------- 1 appoam oinstall 81 Apr 28 17:10 index.html -rw------- 1 appoam oinstall 1062 Apr 28 17:10 index.html.zh-tw.big5 drwx------ 2 appoam oinstall 4096 Apr 28 17:10 error_docs drwx------ 2 appoam oinstall 4096 Apr 28 17:10 images drwx------ 2 appoam oinstall 4096 Apr 28 17:10 css drwx------ 2 appoam oinstall 4096 Apr 28 17:10 JSLibrary drwx------ 9 appoam oinstall 4096 Apr 28 17:10 welcome_images -rw------- 1 appoam oinstall 11028 Apr 28 17:10 welcome-index.html -rw------- 1 appoam oinstall 6348 Apr 28 17:10 welcome_as.html -rw------- 1 appoam oinstall 4155 Apr 28 17:10 welcome_em.html -rw------- 1 appoam oinstall 3736 Apr 28 17:10 welcome_classic.html -rw------- 1 appoam oinstall 5635 Apr 28 17:10 welcome_soa.html -rw------- 1 appoam oinstall 5231 Apr 28 17:10 welcome_idm.html -rw------- 1 appoam oinstall 7584 Apr 28 17:10 welcome_grid.html -rw------- 1 appoam oinstall 5787 Apr 28 17:10 welcome_webcenter.html drwxrwxrwx 2 appoam oinstall 4096 Apr 29 19:02 public [appoam@slcr12devtap1 htdocs]$ cp index.html /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/htdo cs/public [appoam@slcr12devtap1 htdocs]$ Access a Public Resource http://usaslcoagr12t.goldbar.barrick.com:7777/public/index.html Access a Protected Resource http://usaslcoagr12t.goldbar.barrick.com:7777/index.html Configure Identity Store export MW_HOME=/apps/Middleware/MW_HOME/OAM export ORACLE_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM export JAVA_HOME=/apps/jrockit-jdk1.6.0_51/bin export IDM_ORACLE_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM [appoam@slcr12devtap1 OAM]$ cd $ORACLE_HOME [appoam@slcr12devtap1 Oracle_OAM]$ cd idmtools/ [appoam@slcr12devtap1 idmtools]$ cd bin [appoam@slcr12devtap1 bin]$ vi extend.props [appoam@slcr12devtap1 bin]$ ./idmConfigTool.sh -preConfigIDStore input_file=extend.props IDSTORE_HOST : usaslcoamr12t.goldbar.barrick.com IDSTORE_PORT : 3060 IDSTORE_BINDDN : cn=orcladmin IDSTORE_USERNAMEATTRIBUTE: cn
  53. 53. IDSTORE_LOGINATTRIBUTE: uid IDSTORE_USERSEARCHBASE:cn=Users,dc=goldbar,dc=barrick,dc=com IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=goldbar,dc=barrick,dc=com IDSTORE_SEARCHBASE: dc=goldbar,dc=barrick,dc=com IDSTORE_SYSTEMIDBASE: cn=systemids,dc=goldbar,dc=barrick,dc=com Enter ID Store Bind DN password : Apr 29, 2014 7:33:33 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/idm_idstore_grou ps_template.ldif Apr 29, 2014 7:33:35 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/idm_idstore_grou ps_acl_template.ldif Apr 29, 2014 7:33:37 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/systemid_pwdpoli cy.ldif Apr 29, 2014 7:33:37 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/idstore_tuning.ldif Apr 29, 2014 7:33:37 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oid_schema_extn. ldif Apr 29, 2014 7:33:42 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/oim- intg/ldif/oid/schema/OID_oblix_pwd_schema_add.ldif Apr 29, 2014 7:33:43 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/oim- intg/ldif/oid/schema/OID_oim_pwd_schema_add.ldif Apr 29, 2014 7:33:48 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/oim- intg/ldif/oid/schema/OID_oblix_schema_add.ldif Apr 29, 2014 7:34:32 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/oim- intg/ldif/oid/schema/OID_oblix_schema_index_add.ldif Apr 29, 2014 7:45:34 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/fa_pwdpolicy.ldif The tool has completed its operation. Details have been logged to automation.log
  54. 54. Create Users and Groups in LDAP [appoam@slcr12devtap1 bin]$ vi oam.props [appoam@slcr12devtap1 bin]$ ./idmConfigTool.sh -prepareIDStore mode=OAM input_file=oam.props Enter ID Store Bind DN password : *** Creation of Oblix Anonymous User *** Apr 29, 2014 7:49:29 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oam_10g_anony mous_user_template.ldif Enter User Password for oblixanonymous: Confirm User Password for oblixanonymous: *** Creation of oamadmin *** Apr 29, 2014 7:49:43 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oam_user_templa te.ldif Enter User Password for oamadmin: Confirm User Password for oamadmin: *** Creation of oamLDAP *** Apr 29, 2014 7:49:54 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oim_user_templat e.ldif Enter User Password for oamLDAP: Confirm User Password for oamLDAP: Apr 29, 2014 7:50:04 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/common/oam_user_g roup_read_acl_template.ldif Apr 29, 2014 7:50:04 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oim_group_templ ate.ldif Apr 29, 2014 7:50:04 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/common/oam_group_ member_template.ldif Apr 29, 2014 7:50:04 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/common/oam_group_ member_template.ldif
  55. 55. Apr 29, 2014 7:50:04 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oam_user_write_ acl.ldif Apr 29, 2014 7:50:05 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oam_config_acl.ld if Apr 29, 2014 7:50:05 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/oid_schemaadmin .ldif Apr 29, 2014 7:50:05 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/fa_add_pwdpolicy .ldif Apr 29, 2014 7:50:05 PM oracle.ldap.util.LDIFLoader loadOneLdifFile INFO: -> LOADING: /apps/Middleware/MW_HOME/OAM/Oracle_OAM/idmtools/templates/oid/fa_add_pwdpolicy .ldif The tool has completed its operation. Details have been logged to automation.log IDSTORE_HOST : usaslcoamr12t.goldbar.barrick.com IDSTORE_PORT : 3060 IDSTORE_BINDDN : cn=orcladmin IDSTORE_USERNAMEATTRIBUTE: cn IDSTORE_LOGINATTRIBUTE: uid IDSTORE_USERSEARCHBASE: cn=Users,dc=goldbar,dc=barrick,dc=com IDSTORE_GROUPSEARCHBASE: cn=Groups,dc=goldbar,dc=barrick,dc=com IDSTORE_SEARCHBASE: dc=goldbar,dc=barrick,dc=com POLICYSTORE_SHARES_IDSTORE: true OAM11G_IDSTORE_ROLE_SECURITY_ADMIN:OAMAdministrators IDSTORE_OAMSOFTWAREUSER:oamLDAP IDSTORE_OAMADMINUSER:oamadmin IDSTORE_SYSTEMIDBASE:cn=systemids,dc=goldbar,dc=barrick,dc=com
  56. 56. Create a User Identity Store
  57. 57. Set LDAP to System and Default Store
  58. 58. Verify Login as OID User At this point, test your WebGate again. Refer to section Test your WebGate. Access the protected test page from your browser: http://usaslcoagr12t.goldbar.barrick.com:7777/index.html Login as oamadmin user Configure Response Headers Add Response Headers to the Authentication Policies In the OAM Console, navigate to Policy Configuration tab > Browse tab > Application Domains node > Search for {Identifier for your WebGate} usaslcoagr12t > Authentication Policies > Protected Resource Policy.
  59. 59. Double-click the node Protected Resource Policy. In the Authentication Policy configuration window, click on the Responses tab. Use the "+" icon and add the following two rows. Name Type Value USER_NAME Header $user.userid USER_ORCLGUID Header $user.attr.orclguid Leave the Identity Assertion checkbox unchecked. Click Apply to save your changes. Add Response Headers to the Authorization Policies In the OAM Console, navigate to Policy Configuration tab > Browse tab > Application Domains node > Search for {Identifier for your WebGate} usaslcoagr12t> Authorization Policies node > Protected Resource Policy. Double-click the node Protected Resource Policy. In the Authorization Policy configuration window, click on the Responses tab. Use the "+" icon and add the following two rows. Name Type Value USER_NAME Header $user.userid USER_ORCLGUID Header $user.attr.orclguid Click Apply to save your changes.
  60. 60. OAMADMIN Relogin issue: In OAM console under security relam create OID Authenticator And change order as like below. Make sure Control Flag: set to Sufficient.
  61. 61. Test Response Headers [appoam@usaslcoamr12t htdocs]$ ls -ltr [appoam@usaslcoamr12t htdocs]$ pwd /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/htdo cs [appoam@usaslcoamr12t htdocs]$ ln -s ../cgi-bin cgi-bin [appoam@usaslcoamr12t htdocs]$ chmod 755 cgi-bin/printenv Logon to the OAM Console In the OAM Console, navigate to Policy Configuration tab > Application Domains node > Search for {Identifier for your WebGate} > Resources node.
  62. 62. Double-click the node Resources. Click the "New Resource" button at the upper right hand side of the window. Enter the following information in the Create Resource region, and click Apply: •Type = HTTP •Description = Test Response Headers •Host Identifier = {Identifier for your WebGate} •Resource URL= /cgi-bin/printenv •Protection Level = Protected •Authentication Policy = Protected Resource Policy •Authorization Policy = Protected Resource Policy Access the protected printenv script from your browser. For example: http://usaslcoagr12t.goldbar.barrick.com:7777/cgi-bin/printenv Configure OAM to support long URLs Long URLs may exceed a cookie limit on your Internet browser. Configure Oracle Access Manager to support long URLs by changing the serverRequestCacheType from COOKIE to FORM in Oracle Access Manager configuration file $DOMAIN_HOME/config/fmwconfig/oam-config.xml: [appoam@usaslcoamr12t fmwconfig]$ cp -r oam-config.xml oam-config.xml_05042014 [appoam@usaslcoamr12t fmwconfig]$ vi oam-config.xml [appoam@usaslcoamr12t fmwconfig]$ pwd /apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMDomain/config/fmwconfig [appoam@usaslcoamr12t fmwconfig]$ Change <Setting Name="serverRequestCacheType" Type="xsd:string">COOKIE</Setting> to <Setting Name="serverRequestCacheType" Type="xsd:string">FORM</Setting> Session Timeout parameter: Check Ebiz session timeout parameter and match with same values.
  63. 63. Configure Oracle Access Manager Whitelist [appoam@usaslcoamr12t bin]$ ./wlst.sh CLASSPATH=/apps/Middleware/MW_HOME/OAM/patch_wls1036/profiles/default/sys_manife st_classpath/weblogic_patch.jar:/apps/Middleware/MW_HOME/OAM/patch_ocp371/profiles/ default/sys_manifest_classpath/weblogic_patch.jar:/apps/jrockit- jdk1.6.0_51/lib/tools.jar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/weblo gic_sp.jar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/weblogic.jar:/apps/ Middleware/MW_HOME/OAM/modules/features/weblogic.server.modules_10.3.6.0.jar:/apps/ Middleware/MW_HOME/OAM/wlserver_10.3/server/lib/webservices.jar:/apps/Middleware/M W_HOME/OAM/modules/org.apache.ant_1.7.1/lib/ant- all.jar:/apps/Middleware/MW_HOME/OAM/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant- contrib.jar::/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/lib/wlst/configupg rade.jar:/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/lib/wlst/oam- wlst.jar:/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/lib/wlst/sts- wlst.jar:/apps/Middleware/MW_HOME/OAM/utils/config/10.3/config- launch.jar:/apps/Middleware/MW_HOME/OAM/Oracle_OAM/common/wlst/resources/oes- common.jar:/apps/Middleware/MW_HOME/OAM/Oracle_OAM/common/wlst/resources/oic- wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/modules/oracle.jrf_11.1.1/jrf- wlstman.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/adfscripti ng.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/adf-share- mbeans- wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/lib/mdswlst.jar:/ apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/auditwlst.jar:/a pps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/igfwlsthelp.jar:/ apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/jps- wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/jps- wls-
  64. 64. trustprovider.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resourc es/jrf- wlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/oama p_help.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/resources/oa mAuthnProvider.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/reso urces/ossoiap_help.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/r esources/ossoiap.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/res ources/ovdwlsthelp.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wlst/r esources/sslconfigwlst.jar:/apps/Middleware/MW_HOME/OAM/oracle_common/common/wls t/resources/wsm-wlst.jar:/apps/Middleware/MW_HOME/OAM/utils/config/10.3/config- launch.jar::/apps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbynet.j ar:/apps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbyclient.jar:/ap ps/Middleware/MW_HOME/OAM/wlserver_10.3/common/derby/lib/derbytools.jar:: Initializing WebLogic Scripting Tool (WLST) ... Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands wls:/offline> connect() Please enter your username :weblogic Please enter your password : Please enter your server URL [t3://localhost:7001] :t3://usaslcoamr12t.goldbar.barrick.com:7003 Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7003 with userid weblogic ... [ERROR][thread ] Could not start thread Timer-0. Resource temporarily unavailable [ERROR][thread ] Could not start thread weblogic.transaction.TxTimer: '1'. Resource temporarily unavailable Successfully connected to Admin Server 'AdminServer' that belongs to domain 'OAMDomain'. Warning: An insecure protocol was used to connect to the server. To ensure on-the-wire security, the SSL port or Admin port should be used instead. wls:/OAMDomain/serverConfig> domainRuntime() wls:/OAMDomain/domainRuntime> oamSetWhiteListMode(oamWhiteListMode="true") The enableWhitelistValidation is set successfully wls:/OAMDomain/domainRuntime> oamWhiteListURLConfig (Name="EBS",Value="http://slcr12devtap1.goldbar.barrick.com:8080", Operation="Update") The whitelist URL with key EBS has been updated. wls:/OAMDomain/domainRuntime> oamWhiteListURLConfig (Name="OAMCONSOLE",Value="http://usaslcoamr12t.goldbar.barrick.com:7003", Operation="Update")
  65. 65. The whitelist URL with key OAMCONSOLE has been updated. Configure Oracle E-Business Suite Create WebLogic Domain and Managed Server for Oracle E-Business Suite AccessGate
  66. 66. Start WebLogic server for Oracle E-Business Suite AccessGate Deploy Oracle E-Business Suite AccessGate /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12 appoam@usaslcoamr12t devt12]$ unzip p18006775_R12_GENERIC.zip creating: sample/ inflating: fndauth.war inflating: fndauth_deployment_plan.tmp inflating: fndext.jar inflating: sample/logging.properties inflating: sample/samplecleanup.html inflating: txkEBSAuth.xml inflating: Readme.txt creating: plan/ [appoam@usaslcoamr12t devt12]$ ls -ltr total 660 drwxr-xr-x 2 appoam oinstall 4096 Apr 16 2013 plan -rw-r--r-- 1 appoam oinstall 30387 Jul 12 2013 txkEBSAuth.xml drwxr-xr-x 2 appoam oinstall 4096 Jul 12 2013 sample
  67. 67. -rw-r--r-- 1 appoam oinstall 4246 Jul 12 2013 fndauth_deployment_plan.tmp -rw-r--r-- 1 appoam oinstall 240550 Jul 12 2013 fndext.jar -rw-r--r-- 1 appoam oinstall 378475 Jul 12 2013 fndauth.war -rw-r--r-- 1 appoam oinstall 1610 Jul 12 2013 Readme.txt [appoam@usaslcoamr12t devt12]$ cd sample/ [appoam@usaslcoamr12t sample]$ ls -ltr total 12 -rw-r--r-- 1 appoam oinstall 6536 Jul 12 2013 samplecleanup.html -rw-r--r-- 1 appoam oinstall 1395 Jul 12 2013 logging.properties [appoam@usaslcoamr12t sample]$ cp -r samplecleanup.html /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/htdo cs/public/oacleanup.html http://usaslcoamr12t.goldbar.barrick.com:7777/public/oacleanup.html [appoam@usaslcoamr12t devt12]$ ls -ltr total 660 drwxr-xr-x 2 appoam oinstall 4096 Apr 16 2013 plan -rw-r--r-- 1 appoam oinstall 30387 Jul 12 2013 txkEBSAuth.xml drwxr-xr-x 2 appoam oinstall 4096 Jul 12 2013 sample -rw-r--r-- 1 appoam oinstall 4246 Jul 12 2013 fndauth_deployment_plan.tmp -rw-r--r-- 1 appoam oinstall 240550 Jul 12 2013 fndext.jar -rw-r--r-- 1 appoam oinstall 378475 Jul 12 2013 fndauth.war -rw-r--r-- 1 appoam oinstall 1610 Jul 12 2013 Readme.txt [appoam@usaslcoamr12t devt12]$ cp -r fndext.jar /apps/Middleware/MW_HOME/OAM/user_projects/domains/EAGDomain/lib/ Generate DBC file In Ebiz: java -Duser.language=en -Duser.region=US oracle.apps.fnd.security.AdminDesktop apps/apps12 CREATE NODE_NAME=usaslcoamr12t IP_ADDRESS=10.13.80.134 DBC=$FND_SECURE/DEVT12.dbc [oraDEVT12@slcr12devtap1 secure]$ java -Duser.language=en -Duser.region=US oracle.apps.fnd.security.AdminDesktop apps/apps12 CREATE NODE_NAME=usaslcoamr12t IP_ADDRESS=10.13.80.134 DBC=$FND_SECURE/DEVT12.dbc Application node exists, using server ID of node. Committing changes CREATE executed successfully - DEVT12_USASLCOAMR12T.dbc
  68. 68. Scp Generated file to OAM server at location /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12 Set Up Necessary Oracle E-Business Suite Users ASADMIN is default account we are using here. Set up a necessary Oracle E-Business Suite user with role UMX|APPS Schema Connect. After setting up the user, logon locally to Oracle E-Business Suite as the user with role UMX|Apps Schema Connect. http://<ebshost>.<domain>:<port>/OA_HTML/AppsLocalLogin.jsp If this user has just been created, you will be prompted on logon to Oracle E-Business Suite to reset the password. Reset the password. Verify that you can successfully logon locally with the new password as the user with role UMX|Apps Schema Connect. Create Datasource for Oracle E-Business Suite AccessGate using txkEBSAuth.xml [appoam@usaslcoamr12t devt12]$ ant -f txkEBSAuth.xml createDataSource - DuseDefaults=false -Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic -Dwlspwd=Passw0rd -DdataSourceName=devt12 -DdataSourceJNDIName=jndi/devt12 - DasadminUser=asadmin -DasadminPassword=0racle1 -DserverName=eag_server1 - DdbcFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCO AMR12T.dbc -DforceDataSource=true Buildfile: txkEBSAuth.xml findOS: getServerDetails: [input] skipping input as property wlshosturl has already been set. [input] skipping input as property wlsuser has already been set. getWLSAdminPasswordWindows: getWLSAdminPasswordUnix: echoON: [input] skipping input as property wlspwd has already been set. echoOFF:
  69. 69. getDataSourceDetails: [input] skipping input as property dataSourceName has already been set. [input] skipping input as property dataSourceJNDIName has already been set. [input] skipping input as property dbcFile has already been set. [input] skipping input as property asadminUser has already been set. getappsDBDetails: [echo] DBC File is /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCOAMR12T. dbc [echo] APPS_JDBC_URL is APPS_JDBC_URL=jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=YES )(FAILOVER=YES)(ADDRESS=(PROTOCOL=tcp)(HOST=slcr12devtdb1.goldbar.barrick.com)(PO RT=1601)))(CONNECT_DATA=(SERVICE_NAME=DEVT12))) [echo] [echo] Following values are retrieved from DBC File: [echo] SID/SERVICE:DEVT12 [echo] APPS_JDBC_URL:jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=YES)(FAIL OVER=YES)(ADDRESS=(PROTOCOL=tcp)(HOST=slcr12devtdb1.goldbar.barrick.com)(PORT=1601) ))(CONNECT_DATA=(SERVICE_NAME=DEVT12))) getASADMINPasswordWindows: getASADMINPasswordUnix: echoON: [input] skipping input as property asadminPassword has already been set. echoOFF: getTargetServerDetails: [input] skipping input as property serverName has already been set. getDataSourceParameters: checkDBCExists: checkFndextWarExits: createDataSource: [echo] ******************************************************************** [echo] STEP 1: CREATING DATA SOURCE [echo] ********************************************************************
  70. 70. [wlst] Connecting to server using username:weblogic url:usaslcoamr12t.goldbar.barrick.com:7041 [wlst] Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7041 with userid weblogic ... [wlst] Successfully connected to Admin Server 'AdminServer' that belongs to domain 'EAGDomain'. [wlst] [wlst] Warning: An insecure protocol was used to connect to the [wlst] server. To ensure on-the-wire security, the SSL port or [wlst] Admin port should be used instead. [wlst] [wlst] Check if data source devt12 already exits [wlst] [wlst] [wlst] Check if JNDI Name jndi/devt12 already exists [wlst] [wlst] Changing to Edit Mode [wlst] Location changed to edit tree. This is a writable tree with [wlst] DomainMBean as the root. To make changes you will need to start [wlst] an edit session via startEdit(). [wlst] [wlst] For more help, use help(edit) [wlst] [wlst] Starting an edit session ... [wlst] Started edit session, please be sure to save and activate your [wlst] changes once you are done. [wlst] [wlst] Creating data source : devt12 [wlst] [wlst] Setting JDBCDataSourceParams for the data source devt12 [wlst] [wlst] Setting JNDI name for the data source devt12 [wlst] [wlst] Setting JDBCDriverParams for the data source devt12 [wlst] [wlst] Setting User and dbcFile properties for the data source devt12 [wlst] [wlst] Setting JDBCConnectionPoolParams for the data source devt12 [wlst] [wlst] Setting GlobalTransactionsProtocol for the data source devt12 [wlst] [wlst] Setting target for the data source devt12 [wlst] [wlst] Saving all your changes ... [wlst] Saved all your changes successfully.
  71. 71. [wlst] Activating all your changes, this may take a while ... [wlst] The edit lock associated with this edit session is released [wlst] once the activation is completed. [wlst] Activation completed [wlst] Successfully created data source devt12. [wlst] Disconnected from weblogic server: AdminServer BUILD SUCCESSFUL Total time: 42 seconds [appoam@usaslcoamr12t devt12]$ Deploy Oracle E-Business Suite AccessGate using txkEBSAuth.xml [appoam@usaslcoamr12t devt12]$ ant -f txkEBSAuth.xml deployApplication - DuseDefaults=false -Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic -Dwlspwd=Passw0rd -DdataSourceName=devt12 -DasadminUser=asadmin - DasadminPassword=0racle1 -DdataSourceJNDIName=jndi/devt12 - DdbcFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCO AMR12T.dbc -DserverName=eag_server1 -DdeploymentName=ebsauth_devt12 - DfndauthWarFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.w ar - DplanPath=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml - DSSOServerRelease=11 -DSSOServerURL=http://usaslcoamr12t.goldbar.barrick.com:7777 - DWebgateLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/public/oacleanup.html - DcontextRoot=ebsauth_devt12 -DforceDeployment=true - DOAMLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/oam/server/logoutant -f txkEBSAuth.xml deployApplication -DuseDefaults=false - Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic -Dwlspwd=Passw0rd -DdataSourceName=devt12 -DasadminUser=asadmin -DasadminPassword=0racle1 - DdataSourceJNDIName=jndi/devt12 - DdbcFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCO AMR12T.dbc -DserverName=eag_server1 -DdeploymentName=ebsauth_devt12 - DfndauthWarFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.w ar - DplanPath=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml - DSSOServerRelease=11 -DSSOServerURL=http://usaslcoamr12t.goldbar.barrick.com:7777 - DWebgateLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/public/oacleanup.html - DcontextRoot=ebsauth_devt12 -DforceDeployment=true - DOAMLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/oam/server/logout Buildfile: txkEBSAuth.xml findOS:
  72. 72. getServerDetails: [input] skipping input as property wlshosturl has already been set. [input] skipping input as property wlsuser has already been set. getWLSAdminPasswordWindows: getWLSAdminPasswordUnix: echoON: [input] skipping input as property wlspwd has already been set. echoOFF: getTargetServerDetails: [input] skipping input as property serverName has already been set. getDeploymentDetails: [input] skipping input as property deploymentName has already been set. [input] skipping input as property contextRoot has already been set. [input] skipping input as property fndauthWarFile has already been set. [input] skipping input as property planPath has already been set. [input] skipping input as property dbcFile has already been set. [input] skipping input as property dataSourceJNDIName has already been set. getOAMDetails: [input] skipping input as property WebgateLogoutURL has already been set. [input] skipping input as property SSOServerRelease has already been set. [input] skipping input as property SSOServerURL has already been set. getDeploymentParameters: checkWarExists: checkDBCExists: copyDeploymentPlan: [echo] Copying fndauth_deployment_plan.tmp to /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml [copy] Copying 1 file to /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan checkPlanDirExists: creatPlandirAndWeblogicXML:
  73. 73. [touch] Creating /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/plan/WEB- INF/weblogic.xml checkPlanExists: getAPPServerID: updateDeploymentPlan: [echo] Updating Deployment Plan deployApplication: [echo] ******************************************************************** [echo] STEP 2: DEPLOYING APPLICATION [echo] ******************************************************************** [wlst] Connecting to server using username:weblogic url:usaslcoamr12t.goldbar.barrick.com:7041 [wlst] [wlst] Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7041 with userid weblogic ... [wlst] Successfully connected to Admin Server 'AdminServer' that belongs to domain 'EAGDomain'. [wlst] [wlst] Warning: An insecure protocol was used to connect to the [wlst] server. To ensure on-the-wire security, the SSL port or [wlst] Admin port should be used instead. [wlst] [wlst] [wlst] Check if deployment ebsauth_devt12 already exists. [wlst] [wlst] Location changed to serverRuntime tree. This is a read-only tree with ServerRuntimeMBean as the root. [wlst] For more help, use help(serverRuntime) [wlst] [wlst] [wlst] [wlst] Deploying application to eag_server1 [wlst] [wlst] Changing to Edit Mode [wlst] Location changed to edit tree. This is a writable tree with [wlst] DomainMBean as the root. To make changes you will need to start [wlst] an edit session via startEdit(). [wlst] [wlst] For more help, use help(edit) [wlst]
  74. 74. [wlst] Starting an edit session ... [wlst] Started edit session, please be sure to save and activate your [wlst] changes once you are done. [wlst] Deploying application from /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war to targets eag_server1 (upload=false) ... [wlst] <May 4, 2014 4:02:08 PM MDT> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating deploy operation for application, ebsauth_devt12 [archive: /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war], to eag_server1 .> [wlst] You have an edit session in progress, hence WLST will not [wlst] block for your deployment to complete. [wlst] Started the Deployment of Application. Please refer to the returned WLSTProgress object or variable LAST to track the status. [wlst] [wlst] Successfully deployed fndauth.war application. [wlst] [wlst] Saving all your changes ... [wlst] Saved all your changes successfully. [wlst] Activating all your changes, this may take a while ... [wlst] The edit lock associated with this edit session is released [wlst] once the activation is completed. [wlst] Activation completed [wlst] Disconnected from weblogic server: AdminServer [wlst] <May 4, 2014 4:02:17 PM MDT> <Warning> <JNDI> <BEA-050001> <WLContext.close() was called in a different thread than the one in which it was created.> findOS: getServerDetails: [input] skipping input as property wlshosturl has already been set. [input] skipping input as property wlsuser has already been set. getWLSAdminPasswordWindows: getWLSAdminPasswordUnix: echoON: [input] skipping input as property wlspwd has already been set. echoOFF: getTargetServerDetails: [input] skipping input as property serverName has already been set.
  75. 75. getDeploymentDetails: [input] skipping input as property deploymentName has already been set. [input] skipping input as property contextRoot has already been set. [input] skipping input as property fndauthWarFile has already been set. [input] skipping input as property planPath has already been set. [input] skipping input as property dbcFile has already been set. [input] skipping input as property dataSourceJNDIName has already been set. getOAMDetails: [input] skipping input as property WebgateLogoutURL has already been set. [input] skipping input as property SSOServerRelease has already been set. [input] skipping input as property SSOServerURL has already been set. getDeploymentParameters: checkWarExists: checkDBCExists: copyDeploymentPlan: [echo] Copying fndauth_deployment_plan.tmp to /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml [copy] Copying 1 file to /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan checkPlanDirExists: creatPlandirAndWeblogicXML: checkPlanExists: getAPPServerID: updateDeploymentPlan: [echo] Updating Deployment Plan deployApplication: [echo] ******************************************************************** [echo] STEP 2: DEPLOYING APPLICATION [echo] ******************************************************************** [wlst] Connecting to server using username:weblogic url:usaslcoamr12t.goldbar.barrick.com:7041 [wlst]
  76. 76. [wlst] Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7041 with userid weblogic ... [wlst] Successfully connected to Admin Server 'AdminServer' that belongs to domain 'EAGDomain'. [wlst] [wlst] Warning: An insecure protocol was used to connect to the [wlst] server. To ensure on-the-wire security, the SSL port or [wlst] Admin port should be used instead. [wlst] [wlst] [wlst] Check if deployment ebsauth_devt12 already exists. [wlst] [wlst] ************************************************************************ [wlst] WARNING: Application with name ebsauth_devt12 already exists. [wlst] ************************************************************************ [wlst] Location changed to serverRuntime tree. This is a read-only tree with ServerRuntimeMBean as the root. [wlst] For more help, use help(serverRuntime) [wlst] [wlst] [wlst] [wlst] Deploying application to eag_server1 [wlst] [wlst] Changing to Edit Mode [wlst] Location changed to edit tree. This is a writable tree with [wlst] DomainMBean as the root. To make changes you will need to start [wlst] an edit session via startEdit(). [wlst] [wlst] For more help, use help(edit) [wlst] [wlst] Starting an edit session ... [wlst] Started edit session, please be sure to save and activate your [wlst] changes once you are done. [wlst] Deploying application from /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war to targets eag_server1 (upload=false) ... [wlst] <May 4, 2014 4:02:39 PM MDT> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating deploy operation for application, ebsauth_devt12 [archive: /apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war], to eag_server1 .> [wlst] You have an edit session in progress, hence WLST will not [wlst] block for your deployment to complete.
  77. 77. [wlst] Started the Deployment of Application. Please refer to the returned WLSTProgress object or variable LAST to track the status. [wlst] [wlst] Successfully deployed fndauth.war application. [wlst] [wlst] Saving all your changes ... [wlst] Saved all your changes successfully. [wlst] Activating all your changes, this may take a while ... [wlst] The edit lock associated with this edit session is released [wlst] once the activation is completed. [wlst] Activation completed [wlst] Disconnected from weblogic server: AdminServer [wlst] <May 4, 2014 4:02:42 PM MDT> <Warning> <JNDI> <BEA-050001> <WLContext.close() was called in a different thread than the one in which it was created.> BUILD SUCCESSFUL Total time: 57 seconds [appoam@usaslcoamr12t devt12]$ Redirect HTTP Server to WebLogic Server for Oracle E-Business Suite AccessGate cd /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instance/web1/config/OHS/ohs1 vi mod_wl_ohs.conf <IfModule mod_weblogic.c> WebLogicHost usaslcoagr12t.goldbar.barrick.com WebLogicPort 7047 </IfModule> #EBS Accessgate for crp2 <Location /ebsauth_crp2> SetHandler weblogic-handler WLProxySSL ON WLProxySSLPassThrough ON WebLogicHost usaslcoagr12t.goldbar.barrick.com WebLogicPort 7047 </Location> #for OAM <IfModule weblogic_module> <Location /oam> SetHandler weblogic-handler WLProxySSL ON
  78. 78. WLProxySSLPassThrough ON WLCookieName jsessionid WebLogicHost usaslcoagr12t.goldbar.barrick.com WebLogicPort 14100 WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log" </Location> </IfModule> SSOlogout test: We should get blank page here. http://usaslcoagr12t.goldbar.barrick.com:7043/ebsauth_devt12/ssologout_callback http://slcr12devtap1.goldbar.barrick.com:8080/OA_HTML/AppsLogout
  79. 79. Set Oracle E-Business Suite profile options Application Authenticate Agent -- http://usaslcoagr12t.goldbar.barrick.com:7777/ebsauth_crp2 Applications SSO Type --- SSWA w/SSO Applications Single Sign On Hint Cookie Name --- Blank Applications SSO Auto Link User -- Enabled Applications SSO Login Types -- Both Ebiz Patches: Make below patches applied to ebiz instance. 12387976 14196434 16015113 Softlink Creation for oblog_config.xml /apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/config oblog_config.xml -> /apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/config/oblog_conf ig_wg.xml Integrate E-Business with OID [oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg - registerinstance=yes You are registering ORACLE HOME only. Enter the host name where Oracle iAS Infrastructure database is installed ? usaslcoamr12t.goldbar.barrick.com Enter the LDAP Port on Oracle Internet Directory server ? 3060 Enter SSL LDAP Port on Oracle Internet Directory server ? 3131 Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? [oraDEVT12@slcr12devtap1 ~]$ [oraDEVT12@slcr12devtap1 ~]$ [oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg - registerinstance=yes
  80. 80. You are registering ORACLE HOME only. Enter the host name where Oracle iAS Infrastructure database is installed ? usaslcoamr12t.goldbar.barrick.com Enter the LDAP Port on Oracle Internet Directory server ? 3060 Enter SSL LDAP Port on Oracle Internet Directory server ? 3131 Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? Enter Oracle E-Business apps database user password ? *** Log File = /apps/DEVT12/inst/apps/DEVT12_slcr12devtap1/logs/appl/rgf/TXK/txkSetSSOReg_Thu_May_8 _16_48_47_2014.xml Beginning input parameter validation for Oracle Home Instance registration. Input parameter validation for Oracle Home Instance registration completed. BEGIN ORACLE HOME INSTANCE REGISTRATION: Oracle Home Instance preferences stored successfully. Oracle Home Instance registered successfully. End of /apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No Errors encountered [oraDEVT12@slcr12devtap1 ~]$ [oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes - provisiontype=4 You are registering this instance with OID Server. Enter LDAP Host name ? usaslcoamr12t.goldbar.barrick.com Enter the LDAP Port on Oracle Internet Directory server ? 3060 Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ? Enter the instance password that you would like to register this application instance with ? Enter Oracle E-Business apps database user password ? *** Log File = /apps/DEVT12/inst/apps/DEVT12_slcr12devtap1/logs/appl/rgf/TXK/txkSetSSOReg_Thu_May_8 _16_51_42_2014.xml Beginning input parameter validation for OID registration. Input parameters validation for OID registration completed.
  81. 81. BEGIN OID REGISTRATION: Beginning to register Application and Service containers if necessary. Application and Service containers were created successfully if necessary. Beginning to register application in Oracle Internet Directory. Registration of application in Oracle Internet Directory completed successfully. -> LOADING: /apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/admin/template/AppsOIDRegistration.tmp Beginning to register provisioning profile in Oracle Internet Directory. Registration of provisioning profile in Oracle Internet Directory completed successfully. Application is now registered successfully with provisioning in Oracle Internet Directory. End of /apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No Errors encountered [oraDEVT12@slcr12devtap1 ~]$ [oraDEVT12@slcr12devtap1 ~]$

×