Integration WebLogic 9.2 with OAM 10.1.4.3(not using Proxy)

原创 2011年01月14日 15:05:00

Environment:

OAM and WebLogic 9.2 installed on same RHEL5.4 system.

OAM Installed information:

       Hostname: oiam.sttg-poc.com

       OAM installed folder: /app/OAM

              Identity Server: /app/OAM/identity

              Access Server: /app/OAM/access, port is 6201, name is AccessSvr_OIAM

              WebPass and Policy Manager: /app/OAM/webcomponent (using Apache, port is 80)

       OAM Admin user: orcladmin/abcd1234

All OAM components are installed in Open Security Mode.

User and Policy Store use OID, Base DN: dc=sttg-poc,dc=com

WebLogic Installed information:

Hostname: wls.sttg-poc.com

WLS9.2 installed folder: /app/BEA, port is 7001, install user is oracle, group is oinstall.

       WebLogic Admin user: weblogic/abcd1234

       WebLogic Application Domain: base_domain, in:

              /app/BEA/user_projects/domains/base_domain

 

In the OID Admin Console, copy uid=orcladmin to uid=weblogic

 

Solution

#>> Create Master Administrator in Access System Console
http://oiam.sttg-poc.com/access/oblix

1. Click Access System Console.
2. Authenticate as orcladmin/abcd1234.
3. Click System Configuration.
4. Click Administrators.
5. Click Master Access Administrators.
6. Click Select User.
7. Locate and add wlsadmin.
8. Click Done.

#>> Create Master Administrator in Identity System Console
http://oiam.sttg-poc.com/access/oblix

1. Click Identity System Console.
3. Click System Configuration.
4. Click Administrators.
5. Click Master Identity Administrators.
6. Click Select User.
7. Locate and add wlsadmin.
8. Click Done.
9. Click Save.
10. Click Master Administrators.
11. Click Select User.
12. Locate and add wlsadmin.
13. Click Done.
14. Click Save

#>> Add WebLogic Connector Resource Type Definitions
1. Click Access System Console.
2. Click Access System Configuration.
3. Click Common Information Configuration.
4. Click Resource Type Definitions
5. Click Add
A) WL_URL Resource Type Definition:

Parameter

Value

Name

wl_url

Display Name

wl_url

Resource Matching

Case Insensitive

Resource Operation(s)

GET

 

POST

B) WL_SVR Resource Type Definition:

Parameter

Value

Name

wl_svr

Display Name

wl_svr

Resource Matching

Case Insensitive

Resource Operation(s)

BOOT

 

DEFAULT

C) WL_ADM Resource Type Definition:

Parameter

Value

Name

wl_adm

Display Name

wl_adm

Resource Matching

Case Insensitive

Resource Operation(s)

DEFAULT

D) WL_EJB Resource Type Definition:

Parameter

Value

Name

wl_ejb

Display Name

wl_ejb

Resource Matching

Case Insensitive

Resource Operation(s)

EXECUTE

E) WL_AUTHEN Resource Type Definition:

Parameter

Value

Name

wl_authen

Display Name

wl_authen

Resource Matching

Case Insensitive

Resource Operation(s)

LOGIN


#>> Create WebLogic Specific Authentication Schemes.
1. Click Authentication Management.
2. Click Add.
A) OAM WebLogic Server Basic Authentication:

Parameter

Value

Name

OAM WebLogic Server Basic Authentication

Description

Used to authenticate users who access WebLogic resources

Level

1

Challenge Method

<Basic>

Challenge Parameter(s)

realm:Oracle Access and Identity

SSL Required

<No>

Challenge Redirect

<blank>

Enabled

Yes

Plugin credential_mapping

obMappingBase="dc=sttg-poc,dc=com",obMappingFilter="(&(&(objectclass=inetorgperson)(uid=%userid%))(|(!(obuseraccountcontrol=*))(obuseraccountcontrol=ACTIVATED)))"

Plugin validate_password

obCredentialPassword="password"

B) OAM WebLogic Anonymous Authentication:

Parameter

Value

Name

OAM WebLogic Anonymous Authentication

Description

Used to un-protect GIFs, etc.

Level

0

Challenge Method

<None>

Challenge Parameter(s)

<blank>

SSL Required

<No>

Challenge Redirect

<blank>

Enabled

Yes

Plugin credential_mapping

obMappingBase="dc=sttg-poc,dc=com",obMappingFilter="(uid=OblixAnonymous)"


#>>Define AccessGate for BEA WebLogic Server Connector
1. Click Host Identifiers and click Add to define a new host identifier for WebLogic AccessGate, Host identifier details as following:

Parameter

Value

Name

wls.sttg-poc.com

Description

 

Hostname variations

wls.sttg-poc.com

 

wls.sttg-poc.com:7001


2. Click Add New AccessGate. Define a new AccessGate for the BEA WebLogic Application Server.
A) WebLogic AccessGate Configuration.

Parameter

Value

AccessGate Name

AccessGate_WLS

Description

AccessGate to protect WebLogic Server(non-proxied)

Hostname

wls.sttg-poc.com

Port

<no port specified>

AccessGate Password

abcd1234

Debug

<off>

Maximum user session time (seconds)

3600

Idle Session Time (seconds)

3600

Maximum Connections

1

Transport Security

<open>

IP Validation

<On>

IP Validation Exception

<Leave Blank>

Maximum Client Session Time (hours)

24

Failover Threshold

<Leave Blank>

Access server timeout threshold

<Leave Blank>

Sleep for (seconds)

60

Maximum elements in cache

100000

Cache timeout (seconds)

1800

Impersonation Username

<leave blank>

Impersonation Password

<leave blank>

Access Management Service

<On>

Preferred HTTP Cookie Domain

.sttg-poc.com

Preferred HTTP Host

wls.sttg-poc.com

Deny on not protected

<Off>

CachePragmaHeader

no-cache

CacheControlHeader

no-cache

LogOutURLs

<leave blank>

User Defined Parameters

<leave blank>

Primary Access Server

oiam.sttg-poc.com:6021


2. Save the new AccessGate configuration.
3. Close the browser
4. Restart the Access Server Services.

#>>OAM BEA WebLogic SSPI Connector Installation
1. Start the WebLogic SSPI Connector installer.

[root@oiam ~]# ./ Oracle_Access_Manager10_1_4_2_2_linux_BEA_WL_SSPI

2. Click Next.
3. In case of Linux enter the user name and group WebLogic Server runs as, (username is oracle, group is oinstall).

The product that you are about to install needs to be owned by the same user

as the WebLogic server is running as. Most of the time it is run as `root' or

`nobody'. Doing a `ps' on the server process is a quick way to find out who

the owner is.

 

   Enter the username the WebLogic server is running as [nobody] oracle

 

   Enter the Group for the above username [nobody] oinstall

4. Click Next.
5. Provide the installation directory. Incase of Linux /app/OAM/webgate. ( SSPI installation directory is /app/OAM/webgate/NetPointSecuProvForWeblogic)

Please specify the installation directory for Oracle Access Manager 10.1.4.2.2

Security Provider For WebLogic.

 

   Please specify a directory name or press Enter [/opt/netpoint] /app/OAM/webgate

6. If you are installing on Linux provide the location of GCC libraries.

To proceed with installation of Oracle Access Manager 10.1.4.2.2 Security

Provider For WebLogic and for successfully running the product, you must

install additional GCC runtime libraries, namely libgcc_s.so.1 and

libstdc++.so.5. Note that these libraries should be compatible with GCC 3.3.2.

The libraries are available for download from either of the following

locations - http://metalink.oracle.com (requires login), or

http://www.oracle.com/technology/products/ias/index.html. Once these libraries

are locally available, please specify the directory containing the files and

proceed with the installation.

 

   Location of GCC runtime libraries []: /tmp/gcc32

7. Click Next.
8. Select Advanced Configuration option.

Configuration options. Typical option will require minimal inputs. Advanced

option enables overriding of all defaults.

 [ ]  1  -  Typical 

 [X]  2  -  Advanced

9. Examine the Action Type and other Security Provider configurations for this installation and click Next.
10. Confirm that the wl_authen resource type and the authentication scheme configurations matched the configuration you did in the Add WebLogic Connector Resource Type Definitions step above.

   Oracle Access Manager Security Provider uses a special policy to

   authenticate users in WebLogic. Please specify the following configuration

   to setup this policy.

  

    Resource type [wl_authen]

 

   Resource name [/Authen/Basic]

 

   Resource name used for anonymous access [/Authen/Anonymous]

 

   Resource operation [LOGIN]

 

   LoginId parameter used in credential_mapping plugin of authentication

   scheme [userid]

 

   Password parameter used in validate_password of authentication scheme

   [password]

 

   Action Type (action is configured to get the loginId from ObSSOCookie)

   [WL_REALM]

 

   Action Name (action is configured to get the loginId from ObSSOCookie)

   [uid]

 

   Dummy username used by form login for doing SSO when there is no WebGate

   on proxy HTTP server [obdummyuser]

 

   WebLogic resource types used for web applications(comma separated)

   [<url>,<web>]

 

   Oracle Access Manager Security Provider uses a special policy to get

   roles for a user. Please specify the following configuration to setup this

   policy.

  

    TTL(time to live) of elements in roles cache [60]

 

   Time to delete expired elements of cache (in seconds) [60]

 

   Resource type [wl_authen]

 

   Resource name [/Authen/Roles]

 

   Resource operation [LOGIN]

 

   Action Type in authorization rule to get roles. [WL_REALM]

11. Click Next.
12. Configure the connector using the following settings.

Parameter

Value

Default access to resources NOT protected

allow

Map authorization abstain

allow

Debug

<on>

   Default access to resources not protected by Oracle Access Manager

   (allow,deny,abstain) [allow]

 

   Map the authorization result abstain to (allow,deny) [] allow

 

Set debugging (This should be set to Off for production systems)

 [X]  1  -  On

 [ ]  2  -  Off

13. Click Next.
14. Configure the BEA WLS Connector WebPass Communication using the following settings.

Parameter

Value

WebPass Hostname

oiam.sttg-poc.com

WebPass Port

80

Protected by WebGate

<no>

   Hostname of WebPass. [] oiam.sttg-poc.com

 

   Port Number of WebPass. [] 80

 

Is WebPass protected by WebGate ?

 [ ]  1  -  Yes

 [X]  2  -  No 

15. Click Next.
16. Configure more of the BEA WLS Connector WebPass Configuration using the following settings.

Parameter

Value

Connect via HTTPS

<no>

User Attribute

uid

User Search Attribute

cn

Group Search Attribute

cn

Do you want the Oracle Access Manager Connector to connect to WebPass using

https ?

 [ ]  1  -  Yes

 [X]  2  -  No

   To select an item enter its number, or 0 when you are finished [0]:

 

   User attribute. [uid]

 

   User search attribute. [cn]

 

   Group search attribute. [cn]

17. Click Next.
18. Select <Mode> for the Transport Security Mode and click Next.

Security provider uses AccessGate internally to communicate with Access

Server. Following configuration sets up the AccessGate. Please create

AccessGate entry through Access System console before proceeding.

 

 Specify the transport security mode

 [X]  1  -  Open Mode:    No Encryption                                       

 [ ]  2  -  Simple Mode:  Encryption through SSL and a Public Key Certificate 

 [ ]  3  -  Cert Mode:    Encryption through SSL and a Public Key Certificate

19. Configure the AccessGate for the BEA WLS Connector using the following settings:

Parameter

Value

AccessGate ID

AccessGate_WLS

Password

abcd1234

Access Server ID

AccessSvr_OIAM

Hostname of Access Server

oiam.sttg-poc.com

Access Server Port

6021

Please provide the Access Gate ID, host name, and port number for the Access

Gate connection. You must use a unique ID for each Access Gate you install.

 

   Access Gate ID [] AccessGate_WLS

 

   Password for Access Gate

 

   Access Server ID [] AccessSvr_OIAM

 

   Host name where an Access Server is installed [] oiam.sttg-poc.com

 

   Port number the Access Server listens to [6021]

20. Click Next.

Configuring Access Gate...

 

-------------------------------------------------------------------------------

Oracle Access Manager Security Provider For WebLogic Configuration

 

Please do the following manual tasks to complete the setup

 

 

- Setup Access System policies used by Oracle Access Manager Security Provider

for internal purposes. This can be done manually through access console or

automatically using a tool. To use the tool go to

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools directory

and follow the instructions from the readme file

 

 

- Modify the following environment variables in the weblogic server startup

script.

  -  PATH - Add /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib

- CLASSPATH - Add

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/wlNetPoint.jar,

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/bcprov-jdk14-125.jar,

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/xerces.jar and

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/jobaccess.jar

21. Click Next.

  -  Copy the configuration files to Weblogic domain folder

- Copy

/app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties

and /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf to

Weblogic domain. (e.g. <Weblogic installdir>/user_projects/domains/mydomain).

Copy only the NetPointProvidersConfig.properties file for Portal Domain. (e.g.

<Weblogic installdir>/user_projects/domains/portalDomain).

 

 

 

- Copy the MJF (mbean jar file) to <Weblogic server

installdir>/server/lib/mbeantypes

- If you are using Weblogic 8.1 then copy

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wl8NetPointSecurityProviders.jar

- If you are using Weblogic 7.0 (atleast sp2 is required) then copy

/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wl7NetPointSecurityProviders.jar

 

- Start the Weblogic server with the default security realm. When the server is

running execute the script /setupNetPointRealm.cmd (or setupNetPointRealm.sh on

unix). You may have to modify the admin username/password inside the script.

The script will setup the NetPoint security realm and switch the default realm

to NetPointRealm. Now, restart the Weblogic server. Provide the Oracle Access

Manager user credentials during startup. If startup fails then look into the

server logs for details.

 

NOTE: If the script fails then configure the security realm manually through

Weblogic admin console to use the Oracle Access Manager security provider.

Instructions to configure it manually can be found in

/app/OAM/webgate/NetPointSecuProvForWeblogic/readme.htm

22. Click Finish to close the installer.

#>>Policy/Security Domain Pre-Deployment Environment Configuration

[root@oiam ~]# su oracle

1. Backup the files NetPointResourceMap.conf and NetPointProvidersConfig.properties from “/app/OAM/webgate/NetPointSecuProvForWeblogic” directory.

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties.backup

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf.backup

 

2. Edit /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties and modify the below mentioned values.

[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties

Parameter

Value

ObDebugMode

true

OB_ServerLogLevel

debug

ObAuthorization.OnDenyRedirectToUrl

http://oiam.sttg-poc.com/AuthzFailure.html

OB_InstallDir

/app/OAM/webgate/NetPointSecuProvForWeblogic

OB_LogLevel

debug

OB_LogFileName

/app/OAM/webgate/NetPointSecuProvForWeblogic /base_domain.log

OB_WebPassHost

oiam.sttg-poc.com

OB_WebPassPost

80

OB_AdminUserName

weblogic

OB_AdminUserCreds

abcd1234

OB_CookieDomain

.sttg-poc.com

OB_CookiePath

/

OB_WebPassSSLEnabled

false

 

3. Save the changes and exit the editor.

4. Copy the NetPointResourceMap.conf and NetPointProvidersConfig.properties files to the WebLogic APPDOMAIN directory: /app/BEA/user_projects/domains/base_domain.

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPoint* /app/BEA/user_projects/domains/base_domain/

 

5. Copy the file from
 /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wlNetPointSecurityProviders.jar to the directory /app/BEA/weblogic92/server/lib/mbeantypes.

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wlNetPointSecurityProviders.jar /app/BEA/weblogic92/server/lib/mbeantypes/

 

6. Backup the /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh

[oracle@oiam ~]$ cp /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh.backup

 

7. Edit the /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh.

[oracle@oiam ~]$ vi /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh

8. Search for JAVA_OPTIONS before #set the classpath section.
9. Enter the follwoing script after "export JAVA_OPTIONS" section near end of the file setDomainEnv.sh.

# SET WLSConnector CLASSPATH and other paths

OAMWLC="/app/OAM/webgate/NetPointSecuProvForWeblogic"; export OAMWLC

OAMWLCDIR="${OAMWLC}/oblix/lib"; export OAMWLCDIR

LD_LIBRARY_PATH="${OAMWLCDIR}:${LD_LIBRARY_PATH}"; export LD_LIBRARY_PATH

PATH="${PATH}:${OAMWLCDIR}"; export PATH

WLC_LIB_CLASSPATH="${OAMWLCDIR}/wlNetPoint.jar${CLASSPATHSEP}${OAMWLCDIR}/bcprov-jdk14-125.jar${CLASSPATHSEP} ${OAMWLCDIR}/xerces.jar${CLASSPATHSEP}${OAMWLCDIR}/jobaccess.jar"; export WLC_LIB_CLASSPATH

10. Comment the existing classpath seting and enter the follwoing classpath setting.

CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${WLC_LIB_CLASSPATH}${CLASSPATHSEP}${WEBLOGIC_CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}${CLASSPATHSEP}${WLP_POST_CLASSPATH}"

11. Save the changes and exit the editor.
12. Stop and start the WebLogic Server.

[root@oiam ~]# /app/BEA/user_projects/domains/base_domain/bin/stopWebLogic.sh

[root@oiam ~]# /app/BEA/user_projects/domains/base_domain/bin/startWebLogic.sh

 

13. Backup /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties file.

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties.backup

 

Change the following entries to the new values to reflect the current WebLogic Server Administrative user accounts.

[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties

Parameter

Value

exitonerror

false

adminServerListenAddress

wls.sttg-poc.com

adminServerName

AdminServer

domName

base_domain

passWord

abcd1234

overWriteRootDir

true

TimeOut

240000

startedNewServer

0

domainDir

WLSTConfigToScriptDomain

userName

weblogic

adminServerListenPort

7001

startServerJvmArgs

<empty>

14. Save the changes and exit the editor.

#>> Deploying OAM Security Realm to WebLogic Application Server
1. In case of Windows. Set Environment variable JAVA_VENDOR=Sun. In case of Linux run below mentioned commands.

[oracle@oiam ~]$ export JAVA_VENDOR=Sun

[oracle@oiam ~]$ source /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh

[oracle@oiam ~]$ cd /app/OAM/webgate/NetPointSecuProvForWeblogic/
[oracle@oiam ~]$ export PATH=/app/BEA/jdk150_12/bin:$PATH
[oracle@oiam ~]$ /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm_wl92.sh

2. In case of windows execute setupNetPointRealm_wl92.cmd file.
3. You will receive message that “Activation Completed”.
4. Close the command window.

#>>Deploying OAM Policy Domains
1. Backup the file /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties

[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties.backup

 

2. Edit the NetPointWeblogicTools.properties file and change the following entries to the new values.

[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties

Parameter

Value

ObWLTools.Debug

true

ObPolicyDomain.Name

WebLogic Server Security Provider

ObPolicyDomain.LoginAttribute

uid

ObWLTools.SetupInitialNetpointSSPIPolicies

true

ObWLTools.DeployPolicy

false

ObWLToolsUnDeployPolicy

false

ObWLSDomain.Dir

/app/BEA/user_projects/domains/base_domain

ObWLAuthenticationScheme.Name

OAM WebLogic Server Basic Authentication

ObWLNoneAuthenticationScheme.Name

OAM WebLogic Anonymous Authentication

ObWLWebResource.usingIdentityAssertion

false


3. Create and edit a new text file in the /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools directory called runDeployerTool.sh for linux and windows create runDeployerTool.bat.

[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh

4. Make the contents of the file as follows:

export CLASSPATHSEP=":"
export OAMWLC="/app/OAM/webgate/NetPointSecuProvForWeblogic"
export OAMWLCDIR="${OAMWLC}/oblix"
export CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${OAMWLCDIR}/lib/jobaccess.jar${CLASSPATHSEP}${OAMWLCDIR}/tools/npWLTools${CLASSPATHSEP}${OAMWLCDIR}/tools/npWLTools/npWLTools.jar"
export PATH="${PATH}:${OAMWLCDIR}/lib"
export LD_LIBRARY_PATH="${OAMWLCDIR}/lib"
echo $CLASSPATH

cd ${OAMWLCDIR}/tools/npWLTools/

/app/BEA/jdk150_12/bin/java com.oblix.weblogic.tools.NetPointPolicyDeployer orcladmin abcd1234

5. Save the changes and exit the editor.

[oracle@oiam ~]$ chmod 755 /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh

6. Execute the file runDeployerTool.sh for linux and runDeployerTool.bat for Windows.
Note: run as OAM installed user ( root ).

[root@oiam ~]# cd /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/

[root@oiam ~]# /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh

7. Examine the NetPointWeblogicTools.log file for details or error messages .
8) Browse to http://oiam.sttg-poc.com/access/oblix
9) Click Policy Manager.
10) Authenticate as orcladmin/abcd1234 or weblogic/abcd1234.
11) Click My Policy Domains.
12) Select the checkbox next to the “WebLogic Server Security Provider” policy domain.
13) Click Enable.
14) Locate and click WebLogic Server Security Provider policy domain.
15) Verify if “/Authen/Basic”, “/Authen/Roles” and “/Authen/Anonymous” resources are created.
16) Verify if Authorization Rule for Admin, Anyone, Authen and Role are created.
17) Click on Policies and verify if “Authen Policy”, “Authen Anonymous Policy”, “Role Policy” and “Common policy to unprotect gif files” are created.
18) Restart OAM Access Server.

#>> Examine WLS Server Security Providers
1) Goto http://wls.sttg-poc.com:7001/console
2) Log in as username weblogic/abcd1234.
3) Click Security Realms in Left Window pane.
4) Click Netpoint Realm in Right window pane.
5) Click Providers Tab > Certification Path > WebLogicCertPathProvider and select current builder as true and save.
6) Click “base_domain” of the Tree Structure on the left hand side.
7) Click Security Tab on the Right hand side.
8) Select default realm as NetpointRealm.
9) Stop WebLogic Server.
10) Remove /app/BEA/user_projects/domains/base_domain/servers/AdminServer/security/boot.properties or Edit it and change the username as weblogic and password as abcd1234.
11) start the BEA WebLogic Application Server. If prompted for user name and password, use weblogic/abcd1234.
12) Open http://wls.sttg-poc.com:7001/console in browser.
13) Log in as weblogic/abcd1234.
14) Navigate to base_domain > Security > Realms > NetPointRealm and expand NetPointRealm.
15) Examine Users and note that users from the OAM Identity repository are now listed.

For detailed steps and more information on the Integration of Weblogic with OAM refer Weblogic.pdf file that it provided along with the installers.

 

【ArcGIS 10.2新特性】地理数据(Geodatabase 和database)10.2 新特性

1、 大数据支持         ArcGIS与Hadoop集成,将提供一个开源的工具包用于大数据的空间分析,开发者将通过该工具包构建定制化的工作流并在ArcGIS当中执行。         支持更多...
  • arcgis_all
  • arcgis_all
  • 2013年08月05日 16:16
  • 2478

weblogic10.3单点登录问题处理经验分享

环境信息:JDK6_24,weblogic10.3 最近在weblogic10.3上发布应用,并集成cas单点登录后,登录时出现了问题, 具体表现为: 1.访问新应用 2.跳转到统一的login页...
  • t8500071
  • t8500071
  • 2013年01月21日 14:31
  • 1204

总结使用Apache作为WebLogic集群代理

使用服务器集群,结合负载均衡器,可以提高系统并发访问量。通常会有两种负载均衡的方式:硬件方式和软件方式。以硬件作负载均衡器的方式,成本较高,所以经常使用软件作为负载均衡器。具体有哪些硬件、软件可以作为...
  • huihuijor
  • huihuijor
  • 2014年04月03日 22:46
  • 1660

关于OAM技术的知识总结

以太网最初是为局域网设计的,由于局域网本身已具备较高的可靠性和稳定性,因此在设计以太网之初并未建立管理,维护的机制,而随着以太网在局域网、城域网以及广域网上的广泛应用,以太网管理维护机制的缺乏的缺点被...
  • hitzyy
  • hitzyy
  • 2016年11月06日 10:36
  • 697

Using命名空间作用9.2

刚开始编程的程序员在给unity项目写脚本的时候,看到自己新建好的一个类,系统会在脚本开头自动写入 using System; using UnityEngine; ... 这...
  • juAresan
  • juAresan
  • 2016年09月02日 09:17
  • 1384

Weblogic 12c 负载均衡和session复制

在上一篇,我们介绍了weblogic集群的部署和session的复制,如何将请求负载均衡到这个三个服务器上呢?这里提供两种方式:(1)weblogic自带的proxy代理        (2) ngi...
  • yulei_qq
  • yulei_qq
  • 2016年10月10日 21:25
  • 4062

Spring 框架参考文档(六)-Integration之任务执行与调度

Spring 框架参考文档(六)-Integration之任务执行与调度 Part VI. Integration This part of the...
  • xiangjai
  • xiangjai
  • 2017年01月03日 09:45
  • 631

关于Weblogic线程数的几点使用

关于Weblogic线程数的几点使用   一、背景 最近负责做一个平台的poc测试,性能测试要求测试1000并发下平台的表现,web服务器采用的是weblogic,版本是11...
  • down177
  • down177
  • 2015年06月17日 09:59
  • 1480

分组传送网MPLS-TP OAM标准进展及升级策略

1概述   分组传送网(PTN)是基于分组交换的、面向连接的多业务传送技术,能够提供高效率的多业务承载,具备强大的保护、OAM和网管功能,灵活的统计复用、严格的QoS和时间同步等电信级传送网能力...
  • tyutzxp1
  • tyutzxp1
  • 2014年02月25日 11:01
  • 1180

关于weblogic.xml的配置

weblogic.xml   true ---设成true jsp就会报classcastException false ---设成false就没有问题了。   ...
  • hanyuyang429
  • hanyuyang429
  • 2017年07月04日 16:00
  • 1605
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:Integration WebLogic 9.2 with OAM 10.1.4.3(not using Proxy)
举报原因:
原因补充:

(最多只允许输入30个字)