Architecture:
Roadmap to Configuring OAM
Step by Step:
1: Install and configure OAM and OUD.
a. Install and Configure OAM
b. Install and Configure OUD
Detail read it:
c. Integrate OAM with OUD:
Read it:
http://www.oracle.com/webfolder/technetwork/tutorials/obe/
fmw/identity_management/mobile_security/omss_oud
/OMSS_Inte_OAM_OUD.html#section3
fmw/identity_management/mobile_security/omss_oud
/OMSS_Inte_OAM_OUD.html#section3
2: Configure the WebLogic domain for OAM
2a: Configure the OUD authenticator
Step 1: Login to Weblogic Server Console.
Step 2:Click Security Realms
Step 3:Click myrealm
Step 4: On Providers tab, Click New
Step 5: enter value for fields following:
Name: OUD Authenticator
Type: IPlanetAuthenticator
Then Click OK.
Step 6:Click OUD Authenticator
Step 7: enter value for fields following:
Host: 192.168.2.156
Port: 1389 is default
Principal: Default: cn= Directory Manager
Credential: < Password Root user DN>
Confirm Credential:
User Base DN:< user of Directory Base DN> On my office, ou=people,dc=ptud,dc=com
Group Base DN: On my my office, ou=groups,dc=ptud,dc=com
Tick Use Retrieved User Name as Principal as selected.
Click Save.
You also check on OUD server.
2b: Configure the OAM Identity Asserter
Step 1: Login Weblogic Console on server 192.168.2.156
Step 2: Security Realms à myrealm à Providers. Click New.
Step 3: enter value for fields following:
Name: OAM ID Asserter
Type: OAMIdentityAsserter
Click OK.
Step 4: click OAM ID Asserter
Control Flag: Required
Active Type: Chosen( OAM_REMOTE_USER,OAM_IDENTITY ASSERTER, ObSSOCookie )
Click OK.
2c: Configure the default authenticator and provider order
Step 1: Homeà Security Realms à myrealmàProviders. Click Reorder
Step 2: Order Authentication Providers following:
1. OAM ID Asserter
2. OUD Authenticator
3. Others
Click OK
2d:Add an OAM SSO provider
3: Install and configure OHS
Install and configure OHS on server 192.168.2.156
[wccc@ptud ohs1]$ pwd
/home/wccc/fmw/Oracle_WT1/instances/instance1/config/OHS/ohs1
[wccc@ptud ohs1]$ ls
admin-bin auditconfig.xml cgi-bin component-logs.xml error fcgi-bin httpd.conf icons magic manual mod_plsql mod_wl_ohs.conf proxy-wallet webgate
admin.conf backup component_events.xml disabled fastcgi htdocs httpd.conf.ORIG keystores man mime.types moduleconf mod_wl_ohs.conf.bak ssl.conf webgate.conf
[wccc@ptud ohs1]$ vi mod_wl_ohs.conf
# NOTE : This is a template to configure mod_weblogic.
LoadModule weblogic_module "${ORACLE_HOME}/ohs/modules/mod_wl_ohs.so"
# This empty block is needed to save mod_wl related configuration from EM to this file when changes are made at the Base Virtual Host Level
<IfModule weblogic_module>
# WebLogicHost < WEBLOGIC_HOST>
# WebLogicPort < WEBLOGIC_PORT>
# Debug ON
# WLLogFile /tmp/weblogic.log
# MatchExpression *.jsp
</IfModule>
# < Location /weblogic>
# SetHandler weblogic-handler
# PathTrim /weblogic
# ErrorPage http:/WEBLOGIC_HOME:WEBLOGIC_PORT/
# < /Location>
/home/wccc/fmw/Oracle_WT1/instances/instance1/config/OHS/ohs1
[wccc@ptud ohs1]$ ls
admin-bin auditconfig.xml cgi-bin component-logs.xml error fcgi-bin httpd.conf icons magic manual mod_plsql mod_wl_ohs.conf proxy-wallet webgate
admin.conf backup component_events.xml disabled fastcgi htdocs httpd.conf.ORIG keystores man mime.types moduleconf mod_wl_ohs.conf.bak ssl.conf webgate.conf
[wccc@ptud ohs1]$ vi mod_wl_ohs.conf
# NOTE : This is a template to configure mod_weblogic.
LoadModule weblogic_module "${ORACLE_HOME}/ohs/modules/mod_wl_ohs.so"
# This empty block is needed to save mod_wl related configuration from EM to this file when changes are made at the Base Virtual Host Level
<IfModule weblogic_module>
# WebLogicHost < WEBLOGIC_HOST>
# WebLogicPort < WEBLOGIC_PORT>
# Debug ON
# WLLogFile /tmp/weblogic.log
# MatchExpression *.jsp
</IfModule>
# < Location /weblogic>
# SetHandler weblogic-handler
# PathTrim /weblogic
# ErrorPage http:/WEBLOGIC_HOME:WEBLOGIC_PORT/
# < /Location>
<Location /cs>
SetHandler weblogic-handler
WebLogicHost 192.168.2.142
WebLogicPort 16200
</Location>
4: Additional Configurations
5: Install and configure WebGate:
Deploying WebGate to OHS see more
Registering WebGate to OAM see more
6: Testing SSO
Step 1: Access http://192.168.2.142:7777/cs via web browser
Step 2: Redirect OAM login
Step 3: enter username and password and click login.
Step 4: Login successful.
0 komentar:
Post a Comment