Integration WebLogic 9.2 with OAM 10.1.4.3(not using Proxy)

原创 2011年01月14日 15:05:00

Environment:

OAM and WebLogic 9.2 installed on same RHEL5.4 system.

OAM Installed information:

       Hostname: oiam.sttg-poc.com

       OAM installed folder: /app/OAM

              Identity Server: /app/OAM/identity

              Access Server: /app/OAM/access, port is 6201, name is AccessSvr_OIAM

              WebPass and Policy Manager: /app/OAM/webcomponent (using Apache, port is 80)

       OAM Admin user: orcladmin/abcd1234

All OAM components are installed in Open Security Mode.

User and Policy Store use OID, Base DN: dc=sttg-poc,dc=com

WebLogic Installed information:

Hostname: wls.sttg-poc.com

WLS9.2 installed folder: /app/BEA, port is 7001, install user is oracle, group is oinstall.

       WebLogic Admin user: weblogic/abcd1234

       WebLogic Application Domain: base_domain, in:

              /app/BEA/user_projects/domains/base_domain

 

In the OID Admin Console, copy uid=orcladmin to uid=weblogic

 

Solution

#>> Create Master Administrator in Access System Console
http://oiam.sttg-poc.com/access/oblix

1. Click Access System Console.
2. Authenticate as orcladmin/abcd1234.
3. Click System Configuration.
4. Click Administrators.
5. Click Master Access Administrators.
6. Click Select User.
7. Locate and add wlsadmin.
8. Click Done.

#>> Create Master Administrator in Identity System Console
http://oiam.sttg-poc.com/access/oblix

1. Click Identity System Console.
3. Click System Configuration.
4. Click Administrators.
5. Click Master Identity Administrators.
6. Click Select User.
7. Locate and add wlsadmin.
8. Click Done.
9. Click Save.
10. Click Master Administrators.
11. Click Select User.
12. Locate and add wlsadmin.
13. Click Done.
14. Click Save

#>> Add WebLogic Connector Resource Type Definitions
1. Click Access System Console.
2. Click Access System Configuration.
3. Click Common Information Configuration.
4. Click Resource Type Definitions
5. Click Add
A) WL_URL Resource Type Definition:

Parameter

Value

Name

wl_url

Display Name

wl_url

Resource Matching

Case Insensitive

Resource Operation(s)

GET

 

POST

B) WL_SVR Resource Type Definition:

Parameter

Value

Name

wl_svr

Display Name

wl_svr

Resource Matching

Case Insensitive

Resource Operation(s)

BOOT

 

DEFAULT

C) WL_ADM Resource Type Definition:

Parameter

Value

Name

wl_adm

Display Name

wl_adm

Resource Matching

Case Insensitive

Resource Operation(s)

DEFAULT

D) WL_EJB Resource Type Definition:

Parameter

Value

Name

wl_ejb

Display Name

wl_ejb

Resource Matching

Case Insensitive

Resource Operation(s)

EXECUTE

E) WL_AUTHEN Resource Type Definition:

Parameter

Value

Name

wl_authen

Display Name

wl_authen

Resource Matching

Case Insensitive

Resource Operation(s)

LOGIN


#>> Create WebLogic Specific Authentication Schemes.
1. Click Authentication Management.
2. Click Add.
A) OAM WebLogic Server Basic Authentication:

Parameter

Value

Name

OAM WebLogic Server Basic Authentication

Description

Used to authenticate users who access WebLogic resources

Level

1

Challenge Method

<Basic>

Challenge Parameter(s)

realm:Oracle Access and Identity

SSL Required

<No>

Challenge Redirect

<blank>

Enabled

Yes

Plugin credential_mapping

obMappingBase="dc=sttg-poc,dc=com",obMappingFilter="(&(&(objectclass=inetorgperson)(uid=%userid%))(|(!(obuseraccountcontrol=*))(obuseraccountcontrol=ACTIVATED)))"

Plugin validate_password

obCredentialPassword="password"

B) OAM WebLogic Anonymous Authentication:

Parameter

Value

Name

OAM WebLogic Anonymous Authentication

Description

Used to un-protect GIFs, etc.

Level

0

Challenge Method

<None>

Challenge Parameter(s)

<blank>

SSL Required

<No>

Challenge Redirect

<blank>

Enabled

Yes

Plugin credential_mapping

obMappingBase="dc=sttg-poc,dc=com",obMappingFilter="(uid=OblixAnonymous)"


#>>Define AccessGate for BEA WebLogic Server Connector
1. Click Host Identifiers and click Add to define a new host identifier for WebLogic AccessGate, Host identifier details as following:

Parameter

Value

Name

wls.sttg-poc.com

Description

 

Hostname variations

wls.sttg-poc.com

 

wls.sttg-poc.com:7001


2. Click Add New AccessGate. Define a new AccessGate for the BEA WebLogic Application Server.
A) WebLogic AccessGate Configuration.

Parameter

Value

AccessGate Name

AccessGate_WLS

Description

AccessGate to protect WebLogic Server(non-proxied)

Hostname

wls.sttg-poc.com

Port

<no port specified>

AccessGate Password

abcd1234

Debug

<off>

Maximum user session time (seconds)

3600

Idle Session Time (seconds)

3600

Maximum Connections

1

Transport Security

<open>

IP Validation

<On>

IP Validation Exception

<Leave Blank>

Maximum Client Session Time (hours)

24

Failover Threshold

<Leave Blank>

Access server timeout threshold

<Leave Blank>

Sleep for (seconds)

60

Maximum elements in cache

100000

Cache timeout (seconds)

1800

Impersonation Username

<leave blank>

Impersonation Password

<leave blank>

Access Management Service

<On>

Preferred HTTP Cookie Domain

.sttg-poc.com

Preferred HTTP Host

wls.sttg-poc.com

Deny on not protected

<Off>

CachePragmaHeader

no-cache

CacheControlHeader

no-cache

LogOutURLs

<leave blank>

User Defined Parameters

<leave blank>

Primary Access Server

oiam.sttg-poc.com:6021


2. Save the new AccessGate configuration.
3. Close the browser
4. Restart the Access Server Services.

#>>OAM BEA WebLogic SSPI Connector Installation
1. Start the WebLogic SSPI Connector installer.

[root@oiam ~]# ./ Oracle_Access_Manager10_1_4_2_2_linux_BEA_WL_SSPI

2. Click Next.
3. In case of Linux enter the user name and group WebLogic Server runs as, (username is oracle, group is oinstall).

The product that you are about to install needs to be owned by the same user

as the WebLogic server is running as. Most of the time it is run as `root' or

`nobody'. Doing a `ps' on the server process is a quick way to find out who

the owner is.

 

   Enter the username the WebLogic server is running as [nobody] oracle

 

   Enter the Group for the above username [nobody] oinstall

4. Click Next.
5. Provide the installation directory. Incase of Linux /app/OAM/webgate. ( SSPI installation directory is /app/OAM/webgate/NetPointSecuProvForWeblogic)

Please specify the installation directory for Oracle Access Manager 10.1.4.2.2

Security Provider For WebLogic.

 

   Please specify a directory name or press Enter [/opt/netpoint] /app/OAM/webgate

6. If you are installing on Linux provide the location of GCC libraries.

To proceed with installation of Oracle Access Manager 10.1.4.2.2 Security

Provider For WebLogic and for successfully running the product, you must

install additional GCC runtime libraries, namely libgcc_s.so.1 and

libstdc++.so.5. Note that these libraries should be compatible with GCC 3.3.2.

The libraries are available for download from either of the following

locations - http://metalink.oracle.com (requires login), or

http://www.oracle.com/technology/products/ias/index.html. Once these libraries

are locally available, please specify the directory containing the files and

proceed with the installation.

 

   Location of GCC runtime libraries []: /tmp/gcc32

7. Click Next.
8. Select Advanced Configuration option.

Configuration options. Typical option will require minimal inputs. Advanced

option enables overriding of all defaults.

 [ ]  1  -  Typical 

 [X]  2  -  Advanced

9. Examine the Action Type and other Security Provider configurations for this installation and click Next.
10. Confirm that the wl_authen resource type and the authentication scheme configurations matched the configuration you did in the Add WebLogic Connector Resource Type Definitions step above.

   Oracle Access Manager Security Provider uses a special policy to

   authenticate users in WebLogic. Please specify the following configuration

   to setup this policy.

  

    Resource type [wl_authen]

 

   Resource name [/Authen/Basic]

 

   Resource name used for anonymous access [/Authen/Anonymous]

 

   Resource operation [LOGIN]

 

   LoginId parameter used in credential_mapping plugin of authentication

   scheme [userid]

 

   Password parameter used in validate_password of authentication scheme

   [password]

 

   Action Type (action is configured to get the loginId from ObSSOCookie)

   [WL_REALM]

 

   Action Name (action is configured to get the loginId from ObSSOCookie)

   [uid]

 

   Dummy username used by form login for doing SSO when there is no WebGate

   on proxy HTTP server [obdummyuser]

 

   WebLogic resource types used for web applications(comma separated)

   [<url>,<web>]

 

   Oracle Access Manager Security Provider uses a special policy to get

   roles for a user. Please specify the following configuration to setup this

   policy.

  

    TTL(time to live) of elements in roles cache [60]

 

   Time to delete expired elements of cache (in seconds) [60]

 

   Resource type [wl_authen]

 

   Resource name [/Authen/Roles]

 

   Resource operation [LOGIN]

 

   Action Type in authorization rule to get roles. [WL_REALM]

11. Click Next.
12. Configure the connector using the following settings.

Parameter

Value

Default access to resources NOT protected

allow

Map authorization abstain

allow

Debug

<on>

   Default access to resources not protected by Oracle Access Manager

   (allow,deny,abstain) [allow]

 

   Map the authorization result abstain to (allow,deny) [] allow

 

Set debugging (This should be set to Off for production systems)

 [X]  1  -  On

 [ ]  2  -  Off

13. Click Next.
14. Configure the BEA WLS Connector WebPass Communication using the following settings.

Parameter

Value

WebPass Hostname

oiam.sttg-poc.com

WebPass Port

80

Protected by WebGate

<no>

   Hostname of WebPass. [] oiam.sttg-poc.com

 

   Port Number of WebPass. [] 80

 

Is WebPass protected by WebGate ?

 [ ]  1  -  Yes

 [X]  2  -  No 

15. Click Next.
16. Configure more of the BEA WLS Connector WebPass Configuration using the following settings.

Parameter

Value

Connect via HTTPS

<no>

User Attribute

uid

User Search Attribute

cn

Group Search Attribute

cn

Do you want the Oracle Access Manager Connector to connect to WebPass using

https ?

 [ ]  1  -  Yes

 [X]  2  -  No

   To select an item enter its number, or 0 when you are finished [0]:

 

   User attribute. [uid]

 

   User search attribute. [cn]

 

   Group search attribute. [cn]

17. Click Next.
18. Select <Mode> for the Transport Security Mode and click Next.

Security provider uses AccessGate internally to communicate with Access

Server. Following configuration sets up the AccessGate. Please create

AccessGate entry through Access System console before proceeding.

 

 Specify the transport security mode

 [X]  1  -  Open Mode:    No Encryption                                       

 [ ]  2  -  Simple Mode:  Encryption through SSL and a Public Key Certificate 

 [ ]  3  -  Cert Mode:    Encryption through SSL and a Public Key Certificate

19. Configure the AccessGate for the BEA WLS Connector using the following settings:

Parameter

Value

AccessGate ID

AccessGate_WLS

Password

abcd1234

Access Server ID

AccessSvr_OIAM

Hostname of Access Server

oiam.sttg-poc.com

Access Server Port

6021

Please provide the Access Gate ID, host name, and port number for the Access

Gate connection. You must use a unique ID for each Access Gate you install.

 

   Access Gate ID [] AccessGate_WLS

 

   Password for Access Gate

 

   Access Server ID [] AccessSvr_OIAM

 

   Host name where an Access Server is installed [] oiam.sttg-poc.com

 

   Port number the Access Server listens to [6021]

20. Click Next.

Configuring Access Gate...

 

-------------------------------------------------------------------------------

Oracle Access Manager Security Provider For WebLogic Configuration

 

Please do the following manual tasks to complete the setup

 

 

- Setup Access System policies used by Oracle Access Manager Security Provider

for internal purposes. This can be done manually through access console or

automatically using a tool. To use the tool go to

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools directory

and follow the instructions from the readme file

 

 

- Modify the following environment variables in the weblogic server startup

script.

  -  PATH - Add /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib

- CLASSPATH - Add

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/wlNetPoint.jar,

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/bcprov-jdk14-125.jar,

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/xerces.jar and

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/jobaccess.jar

21. Click Next.

  -  Copy the configuration files to Weblogic domain folder

- Copy

/app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties

and /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf to

Weblogic domain. (e.g. <Weblogic installdir>/user_projects/domains/mydomain).

Copy only the NetPointProvidersConfig.properties file for Portal Domain. (e.g.

<Weblogic installdir>/user_projects/domains/portalDomain).

 

 

 

- Copy the MJF (mbean jar file) to <Weblogic server

installdir>/server/lib/mbeantypes

- If you are using Weblogic 8.1 then copy

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wl8NetPointSecurityProviders.jar

- If you are using Weblogic 7.0 (atleast sp2 is required) then copy

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wl7NetPointSecurityProviders.jar

 

- Start the Weblogic server with the default security realm. When the server is

running execute the script /setupNetPointRealm.cmd (or setupNetPointRealm.sh on

unix). You may have to modify the admin username/password inside the script.

The script will setup the NetPoint security realm and switch the default realm

to NetPointRealm. Now, restart the Weblogic server. Provide the Oracle Access

Manager user credentials during startup. If startup fails then look into the

server logs for details.

 

NOTE: If the script fails then configure the security realm manually through

Weblogic admin console to use the Oracle Access Manager security provider.

Instructions to configure it manually can be found in

/app/OAM/webgate/NetPointSecuProvForWeblogic/readme.htm

22. Click Finish to close the installer.

#>>Policy/Security Domain Pre-Deployment Environment Configuration

[root@oiam ~]# su oracle

1. Backup the files NetPointResourceMap.conf and NetPointProvidersConfig.properties from “/app/OAM/webgate/NetPointSecuProvForWeblogic” directory.

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties.backup

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf.backup

 

2. Edit /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties and modify the below mentioned values.

[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties

Parameter

Value

ObDebugMode

true

OB_ServerLogLevel

debug

ObAuthorization.OnDenyRedirectToUrl

http://oiam.sttg-poc.com/AuthzFailure.html

OB_InstallDir

/app/OAM/webgate/NetPointSecuProvForWeblogic

OB_LogLevel

debug

OB_LogFileName

/app/OAM/webgate/NetPointSecuProvForWeblogic /base_domain.log

OB_WebPassHost

oiam.sttg-poc.com

OB_WebPassPost

80

OB_AdminUserName

weblogic

OB_AdminUserCreds

abcd1234

OB_CookieDomain

.sttg-poc.com

OB_CookiePath

/

OB_WebPassSSLEnabled

false

 

3. Save the changes and exit the editor.

4. Copy the NetPointResourceMap.conf and NetPointProvidersConfig.properties files to the WebLogic APPDOMAIN directory: /app/BEA/user_projects/domains/base_domain.

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPoint* /app/BEA/user_projects/domains/base_domain/

 

5. Copy the file from
 /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wlNetPointSecurityProviders.jar to the directory /app/BEA/weblogic92/server/lib/mbeantypes.

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wlNetPointSecurityProviders.jar /app/BEA/weblogic92/server/lib/mbeantypes/

 

6. Backup the /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh

[oracle@oiam ~]$ cp /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh.backup

 

7. Edit the /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh.

[oracle@oiam ~]$ vi /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh

8. Search for JAVA_OPTIONS before #set the classpath section.
9. Enter the follwoing script after "export JAVA_OPTIONS" section near end of the file setDomainEnv.sh.

# SET WLSConnector CLASSPATH and other paths

OAMWLC="/app/OAM/webgate/NetPointSecuProvForWeblogic"; export OAMWLC

OAMWLCDIR="${OAMWLC}/oblix/lib"; export OAMWLCDIR

LD_LIBRARY_PATH="${OAMWLCDIR}:${LD_LIBRARY_PATH}"; export LD_LIBRARY_PATH

PATH="${PATH}:${OAMWLCDIR}"; export PATH

WLC_LIB_CLASSPATH="${OAMWLCDIR}/wlNetPoint.jar${CLASSPATHSEP}${OAMWLCDIR}/bcprov-jdk14-125.jar${CLASSPATHSEP} ${OAMWLCDIR}/xerces.jar${CLASSPATHSEP}${OAMWLCDIR}/jobaccess.jar"; export WLC_LIB_CLASSPATH

10. Comment the existing classpath seting and enter the follwoing classpath setting.

CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${WLC_LIB_CLASSPATH}${CLASSPATHSEP}${WEBLOGIC_CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}${CLASSPATHSEP}${WLP_POST_CLASSPATH}"

11. Save the changes and exit the editor.
12. Stop and start the WebLogic Server.

[root@oiam ~]# /app/BEA/user_projects/domains/base_domain/bin/stopWebLogic.sh

[root@oiam ~]# /app/BEA/user_projects/domains/base_domain/bin/startWebLogic.sh

 

13. Backup /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties file.

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties.backup

 

Change the following entries to the new values to reflect the current WebLogic Server Administrative user accounts.

[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties

Parameter

Value

exitonerror

false

adminServerListenAddress

wls.sttg-poc.com

adminServerName

AdminServer

domName

base_domain

passWord

abcd1234

overWriteRootDir

true

TimeOut

240000

startedNewServer

0

domainDir

WLSTConfigToScriptDomain

userName

weblogic

adminServerListenPort

7001

startServerJvmArgs

<empty>

14. Save the changes and exit the editor.

#>> Deploying OAM Security Realm to WebLogic Application Server
1. In case of Windows. Set Environment variable JAVA_VENDOR=Sun. In case of Linux run below mentioned commands.

[oracle@oiam ~]$ export JAVA_VENDOR=Sun

[oracle@oiam ~]$ source /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh

[oracle@oiam ~]$ cd /app/OAM/webgate/NetPointSecuProvForWeblogic/
[oracle@oiam ~]$ export PATH=/app/BEA/jdk150_12/bin:$PATH
[oracle@oiam ~]$ /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm_wl92.sh

2. In case of windows execute setupNetPointRealm_wl92.cmd file.
3. You will receive message that “Activation Completed”.
4. Close the command window.

#>>Deploying OAM Policy Domains
1. Backup the file /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties.backup

 

2. Edit the NetPointWeblogicTools.properties file and change the following entries to the new values.

[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties

Parameter

Value

ObWLTools.Debug

true

ObPolicyDomain.Name

WebLogic Server Security Provider

ObPolicyDomain.LoginAttribute

uid

ObWLTools.SetupInitialNetpointSSPIPolicies

true

ObWLTools.DeployPolicy

false

ObWLToolsUnDeployPolicy

false

ObWLSDomain.Dir

/app/BEA/user_projects/domains/base_domain

ObWLAuthenticationScheme.Name

OAM WebLogic Server Basic Authentication

ObWLNoneAuthenticationScheme.Name

OAM WebLogic Anonymous Authentication

ObWLWebResource.usingIdentityAssertion

false


3. Create and edit a new text file in the /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools directory called runDeployerTool.sh for linux and windows create runDeployerTool.bat.

[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh

4. Make the contents of the file as follows:

export CLASSPATHSEP=":"
export OAMWLC="/app/OAM/webgate/NetPointSecuProvForWeblogic"
export OAMWLCDIR="${OAMWLC}/oblix"
export CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${OAMWLCDIR}/lib/jobaccess.jar${CLASSPATHSEP}${OAMWLCDIR}/tools/npWLTools${CLASSPATHSEP}${OAMWLCDIR}/tools/npWLTools/npWLTools.jar"
export PATH="${PATH}:${OAMWLCDIR}/lib"
export LD_LIBRARY_PATH="${OAMWLCDIR}/lib"
echo $CLASSPATH

cd ${OAMWLCDIR}/tools/npWLTools/

/app/BEA/jdk150_12/bin/java com.oblix.weblogic.tools.NetPointPolicyDeployer orcladmin abcd1234

5. Save the changes and exit the editor.

[oracle@oiam ~]$ chmod 755 /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh

6. Execute the file runDeployerTool.sh for linux and runDeployerTool.bat for Windows.
Note: run as OAM installed user ( root ).

[root@oiam ~]# cd /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/

[root@oiam ~]# /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh

7. Examine the NetPointWeblogicTools.log file for details or error messages .
8) Browse to http://oiam.sttg-poc.com/access/oblix
9) Click Policy Manager.
10) Authenticate as orcladmin/abcd1234 or weblogic/abcd1234.
11) Click My Policy Domains.
12) Select the checkbox next to the “WebLogic Server Security Provider” policy domain.
13) Click Enable.
14) Locate and click WebLogic Server Security Provider policy domain.
15) Verify if “/Authen/Basic”, “/Authen/Roles” and “/Authen/Anonymous” resources are created.
16) Verify if Authorization Rule for Admin, Anyone, Authen and Role are created.
17) Click on Policies and verify if “Authen Policy”, “Authen Anonymous Policy”, “Role Policy” and “Common policy to unprotect gif files” are created.
18) Restart OAM Access Server.

#>> Examine WLS Server Security Providers
1) Goto http://wls.sttg-poc.com:7001/console
2) Log in as username weblogic/abcd1234.
3) Click Security Realms in Left Window pane.
4) Click Netpoint Realm in Right window pane.
5) Click Providers Tab > Certification Path > WebLogicCertPathProvider and select current builder as true and save.
6) Click “base_domain” of the Tree Structure on the left hand side.
7) Click Security Tab on the Right hand side.
8) Select default realm as NetpointRealm.
9) Stop WebLogic Server.
10) Remove /app/BEA/user_projects/domains/base_domain/servers/AdminServer/security/boot.properties or Edit it and change the username as weblogic and password as abcd1234.
11) start the BEA WebLogic Application Server. If prompted for user name and password, use weblogic/abcd1234.
12) Open http://wls.sttg-poc.com:7001/console in browser.
13) Log in as weblogic/abcd1234.
14) Navigate to base_domain > Security > Realms > NetPointRealm and expand NetPointRealm.
15) Examine Users and note that users from the OAM Identity repository are now listed.

For detailed steps and more information on the Integration of Weblogic with OAM refer Weblogic.pdf file that it provided along with the installers.

 

相关文章推荐

Integration WebLogic 9.2 with OAM 10.1.4.3(using Proxy)

Environment: OAM and WebLogic 9.2 installed on same RHEL5.4 system.OAM Installed information:       ...

Using Third-Party JDBC Drivers with WebLogic Server

Using Third-Party JDBC Drivers with WebLogic Server WebLogic Server works with third-party JDBC d...

解决MyEclipse 5.5和Weblogic 9.2整合以及清除缓存问题

最近公司需要用到weblogic9.2做开发,关于两者之间的整合网上一搜一大堆,而且和整合tomcat的方法基本相同,本文中只列出相关步骤,在这里我谈一下在整合一下在整合过程中遇到的一些问题,以及在开...

Linux 安装WebLogic9.2 MP2(图文详解 教程下载)

1      安装WebLogic9.2 MP2 1.1 准备安装介质 准备安装介质server922_zh_CN_linx32.bin (大概807M) 1.2 创建用户组和用户 创建用户组...

Weblogic9.2 建立域

1.    运行weblogic目录/home/bea/bea/weblogic92/common/bin/下的config.sh, 并按照提示建立名为web_domain的新域,主要步骤如下: ...

Weblogic9.2 cognos8.3 OpenDS 集成

好不容易整合出来了,本来写成了Word形式,呵呵  偷个懒 直接粘贴出来了,截图没有出来1    安装环境   i.      Windows 2003  ii.      Oracle1...

weblogic的安装和配置--9.2

weblogic的安装和配置 1.weblogic部署前准备 把weblogic的bin包放到/opt/oracle目录下 1.1创建weblogic用户组 groupadd oinstall...

Weblogic 9.2_Compatibility 兼容性

BEA尝试支持 7.0之后的版本(包括7.0)~9.2版本 支持二进制和源码级别的兼容性,包括对1)persistent data 2)已经生成的class文件 3)API 等的兼容性。 在有些...

weblogic9.2怎么去掉端口号和项目名,直接用域名访问

weblogic9.2如何去掉端口号和项目名,直接用域名访问   大家可能都有体会,在weblogic上部署了应用以后。访问的时候都要敲上一堆url。最典型的就是如下:http;//localhos...

在MyEclipse中部署Weblogic9.2中文版j2ee服务器

长久以来,我们都习惯了使用tomcat作为我们j2ee开发的服务器,虽然tomcat作为免费开源的服务器非常好用,但是它最多能支持到servlet而已,像分布式应用,集群等等高级领域统统不支持,毕竟它...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:Integration WebLogic 9.2 with OAM 10.1.4.3(not using Proxy)
举报原因:
原因补充:

(最多只允许输入30个字)