Environment:
OAM and WebLogic 9.2 installed on same RHEL5.4 system.
OAM Installed information:
Hostname: oiam.sttg-poc.com
OAM installed folder: /app/OAM
Identity Server: /app/OAM/identity
Access Server: /app/OAM/access, port is 6201, name is AccessSvr_OIAM
WebPass and Policy Manager: /app/OAM/webcomponent (using Apache, port is 80)
OAM Admin user: orcladmin/abcd1234
All OAM components are installed in Open Security Mode.
User and Policy Store use OID, Base DN: dc=sttg-poc,dc=com
WebLogic Installed information:
Hostname: wls.sttg-poc.com
WLS9.2 installed folder: /app/BEA, port is 7001, install user is oracle, group is oinstall.
WebLogic Admin user: weblogic/abcd1234
WebLogic Application Domain: base_domain, in:
/app/BEA/user_projects/domains/base_domain
In the OID Admin Console, copy uid=orcladmin to uid=weblogic
#>> Create Master Administrator in Access System Console
http://oiam.sttg-poc.com/access/oblix
1. Click Access System Console.
2. Authenticate as orcladmin/abcd1234.
3. Click System Configuration.
4. Click Administrators.
5. Click Master Access Administrators.
6. Click Select User.
7. Locate and add wlsadmin.
8. Click Done.
#>> Create Master Administrator in Identity System Console
http://oiam.sttg-poc.com/access/oblix
1. Click Identity System Console.
3. Click System Configuration.
4. Click Administrators.
5. Click Master Identity Administrators.
6. Click Select User.
7. Locate and add wlsadmin.
8. Click Done.
9. Click Save.
10. Click Master Administrators.
11. Click Select User.
12. Locate and add wlsadmin.
13. Click Done.
14. Click Save
#>> Add WebLogic Connector Resource Type Definitions
1. Click Access System Console.
2. Click Access System Configuration.
3. Click Common Information Configuration.
4. Click Resource Type Definitions
5. Click Add
A) WL_URL Resource Type Definition:
| Parameter | Value |
| Name | wl_url |
| Display Name | wl_url |
| Resource Matching | Case Insensitive |
| Resource Operation(s) | GET |
| POST |
B) WL_SVR Resource Type Definition:
| Parameter | Value |
| Name | wl_svr |
| Display Name | wl_svr |
| Resource Matching | Case Insensitive |
| Resource Operation(s) | BOOT |
| DEFAULT |
C) WL_ADM Resource Type Definition:
| Parameter | Value |
| Name | wl_adm |
| Display Name | wl_adm |
| Resource Matching | Case Insensitive |
| Resource Operation(s) | DEFAULT |
D) WL_EJB Resource Type Definition:
| Parameter | Value |
| Name | wl_ejb |
| Display Name | wl_ejb |
| Resource Matching | Case Insensitive |
| Resource Operation(s) | EXECUTE |
E) WL_AUTHEN Resource Type Definition:
| Parameter | Value |
| Name | wl_authen |
| Display Name | wl_authen |
| Resource Matching | Case Insensitive |
| Resource Operation(s) | LOGIN |
#>> Create WebLogic Specific Authentication Schemes.
1. Click Authentication Management.
2. Click Add.
A) OAM WebLogic Server Basic Authentication:
| Parameter | Value |
| Name | OAM WebLogic Server Basic Authentication |
| Description | Used to authenticate users who access WebLogic resources |
| Level | 1 |
| Challenge Method | <Basic> |
| Challenge Parameter(s) | realm:Oracle Access and Identity |
| SSL Required | <No> |
| Challenge Redirect | <blank> |
| Enabled | Yes |
| Plugin credential_mapping | obMappingBase="dc=sttg-poc,dc=com",obMappingFilter="(&(&(objectclass=inetorgperson)(uid=%userid%))(|(!(obuseraccountcontrol=*))(obuseraccountcontrol=ACTIVATED)))" |
| Plugin validate_password | obCredentialPassword="password" |
B) OAM WebLogic Anonymous Authentication:
| Parameter | Value |
| Name | OAM WebLogic Anonymous Authentication |
| Description | Used to un-protect GIFs, etc. |
| Level | 0 |
| Challenge Method | <None> |
| Challenge Parameter(s) | <blank> |
| SSL Required | <No> |
| Challenge Redirect | <blank> |
| Enabled | Yes |
| Plugin credential_mapping | obMappingBase="dc=sttg-poc,dc=com",obMappingFilter="(uid=OblixAnonymous)" |
#>>Define AccessGate for BEA WebLogic Server Connector
1. Click Host Identifiers and click Add to define a new host identifier for WebLogic AccessGate, Host identifier details as following:
| Parameter | Value |
| Name | wls.sttg-poc.com |
| Description | |
| Hostname variations | wls.sttg-poc.com |
| wls.sttg-poc.com:7001 |
2. Click Add New AccessGate. Define a new AccessGate for the BEA WebLogic Application Server.
A) WebLogic AccessGate Configuration.
| Parameter | Value |
| AccessGate Name | AccessGate_WLS |
| Description | AccessGate to protect WebLogic Server(non-proxied) |
| Hostname | wls.sttg-poc.com |
| Port | <no port specified> |
| AccessGate Password | abcd1234 |
| Debug | <off> |
| Maximum user session time (seconds) | 3600 |
| Idle Session Time (seconds) | 3600 |
| Maximum Connections | 1 |
| Transport Security | <open> |
| IP Validation | <On> |
| IP Validation Exception | <Leave Blank> |
| Maximum Client Session Time (hours) | 24 |
| Failover Threshold | <Leave Blank> |
| Access server timeout threshold | <Leave Blank> |
| Sleep for (seconds) | 60 |
| Maximum elements in cache | 100000 |
| Cache timeout (seconds) | 1800 |
| Impersonation Username | <leave blank> |
| Impersonation Password | <leave blank> |
| Access Management Service | <On> |
| Preferred HTTP Cookie Domain | .sttg-poc.com |
| Preferred HTTP Host | wls.sttg-poc.com |
| Deny on not protected | <Off> |
| CachePragmaHeader | no-cache |
| CacheControlHeader | no-cache |
| LogOutURLs | <leave blank> |
| User Defined Parameters | <leave blank> |
| Primary Access Server | oiam.sttg-poc.com:6021 |
2. Save the new AccessGate configuration.
3. Close the browser
4. Restart the Access Server Services.
#>>OAM BEA WebLogic SSPI Connector Installation
1. Start the WebLogic SSPI Connector installer.
[root@oiam ~]# ./ Oracle_Access_Manager10_1_4_2_2_linux_BEA_WL_SSPI
2. Click Next.
3. In case of Linux enter the user name and group WebLogic Server runs as, (username is oracle, group is oinstall).
The product that you are about to install needs to be owned by the same user
as the WebLogic server is running as. Most of the time it is run as `root' or
`nobody'. Doing a `ps' on the server process is a quick way to find out who
the owner is.
Enter the username the WebLogic server is running as [nobody] oracle
Enter the Group for the above username [nobody] oinstall
4. Click Next.
5. Provide the installation directory. Incase of Linux /app/OAM/webgate. ( SSPI installation directory is /app/OAM/webgate/NetPointSecuProvForWeblogic)
Please specify the installation directory for Oracle Access Manager 10.1.4.2.2
Security Provider For WebLogic.
Please specify a directory name or press Enter [/opt/netpoint] /app/OAM/webgate
6. If you are installing on Linux provide the location of GCC libraries.
To proceed with installation of Oracle Access Manager 10.1.4.2.2 Security
Provider For WebLogic and for successfully running the product, you must
install additional GCC runtime libraries, namely libgcc_s.so.1 and
libstdc++.so.5. Note that these libraries should be compatible with GCC 3.3.2.
The libraries are available for download from either of the following
locations - http://metalink.oracle.com (requires login), or
http://www.oracle.com/technology/products/ias/index.html. Once these libraries
are locally available, please specify the directory containing the files and
proceed with the installation.
Location of GCC runtime libraries []: /tmp/gcc32
7. Click Next.
8. Select Advanced Configuration option.
Configuration options. Typical option will require minimal inputs. Advanced
option enables overriding of all defaults.
[ ] 1 - Typical
[X] 2 - Advanced
9. Examine the Action Type and other Security Provider configurations for this installation and click Next.
10. Confirm that the wl_authen resource type and the authentication scheme configurations matched the configuration you did in the Add WebLogic Connector Resource Type Definitions step above.
Oracle Access Manager Security Provider uses a special policy to
authenticate users in WebLogic. Please specify the following configuration
to setup this policy.
Resource type [wl_authen]
Resource name [/Authen/Basic]
Resource name used for anonymous access [/Authen/Anonymous]
Resource operation [LOGIN]
LoginId parameter used in credential_mapping plugin of authentication
scheme [userid]
Password parameter used in validate_password of authentication scheme
[password]
Action Type (action is configured to get the loginId from ObSSOCookie)
[WL_REALM]
Action Name (action is configured to get the loginId from ObSSOCookie)
[uid]
Dummy username used by form login for doing SSO when there is no WebGate
on proxy HTTP server [obdummyuser]
WebLogic resource types used for web applications(comma separated)
[<url>,<web>]
Oracle Access Manager Security Provider uses a special policy to get
roles for a user. Please specify the following configuration to setup this
policy.
TTL(time to live) of elements in roles cache [60]
Time to delete expired elements of cache (in seconds) [60]
Resource type [wl_authen]
Resource name [/Authen/Roles]
Resource operation [LOGIN]
Action Type in authorization rule to get roles. [WL_REALM]
11. Click Next.
12. Configure the connector using the following settings.
| Parameter | Value |
| Default access to resources NOT protected | allow |
| Map authorization abstain | allow |
| Debug | <on> |
Default access to resources not protected by Oracle Access Manager
(allow,deny,abstain) [allow]
Map the authorization result abstain to (allow,deny) [] allow
Set debugging (This should be set to Off for production systems)
[X] 1 - On
[ ] 2 - Off
13. Click Next.
14. Configure the BEA WLS Connector WebPass Communication using the following settings.
| Parameter | Value |
| WebPass Hostname | oiam.sttg-poc.com |
| WebPass Port | 80 |
| Protected by WebGate | <no> |
Hostname of WebPass. [] oiam.sttg-poc.com
Port Number of WebPass. [] 80
Is WebPass protected by WebGate ?
[ ] 1 - Yes
[X] 2 - No
15. Click Next.
16. Configure more of the BEA WLS Connector WebPass Configuration using the following settings.
| Parameter | Value |
| Connect via HTTPS | <no> |
| User Attribute | uid |
| User Search Attribute | cn |
| Group Search Attribute | cn |
Do you want the Oracle Access Manager Connector to connect to WebPass using
https ?
[ ] 1 - Yes
[X] 2 - No
To select an item enter its number, or 0 when you are finished [0]:
User attribute. [uid]
User search attribute. [cn]
Group search attribute. [cn]
17. Click Next.
18. Select <Mode> for the Transport Security Mode and click Next.
Security provider uses AccessGate internally to communicate with Access
Server. Following configuration sets up the AccessGate. Please create
AccessGate entry through Access System console before proceeding.
Specify the transport security mode
[X] 1 - Open Mode: No Encryption
[ ] 2 - Simple Mode: Encryption through SSL and a Public Key Certificate
[ ] 3 - Cert Mode: Encryption through SSL and a Public Key Certificate
19. Configure the AccessGate for the BEA WLS Connector using the following settings:
| Parameter | Value |
| AccessGate ID | AccessGate_WLS |
| Password | abcd1234 |
| Access Server ID | AccessSvr_OIAM |
| Hostname of Access Server | oiam.sttg-poc.com |
| Access Server Port | 6021 |
Please provide the Access Gate ID, host name, and port number for the Access
Gate connection. You must use a unique ID for each Access Gate you install.
Access Gate ID [] AccessGate_WLS
Password for Access Gate
Access Server ID [] AccessSvr_OIAM
Host name where an Access Server is installed [] oiam.sttg-poc.com
Port number the Access Server listens to [6021]
20. Click Next.
Configuring Access Gate...
-------------------------------------------------------------------------------
Oracle Access Manager Security Provider For WebLogic Configuration
Please do the following manual tasks to complete the setup
- Setup Access System policies used by Oracle Access Manager Security Provider
for internal purposes. This can be done manually through access console or
automatically using a tool. To use the tool go to
/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools directory
and follow the instructions from the readme file
- Modify the following environment variables in the weblogic server startup
script.
- PATH - Add /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib
- CLASSPATH - Add
/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/wlNetPoint.jar,
/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/bcprov-jdk14-125.jar,
/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/xerces.jar and
/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/jobaccess.jar
21. Click Next.
- Copy the configuration files to Weblogic domain folder
- Copy
/app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties
and /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf to
Weblogic domain. (e.g. <Weblogic installdir>/user_projects/domains/mydomain).
Copy only the NetPointProvidersConfig.properties file for Portal Domain. (e.g.
<Weblogic installdir>/user_projects/domains/portalDomain).
- Copy the MJF (mbean jar file) to <Weblogic server
installdir>/server/lib/mbeantypes
- If you are using Weblogic 8.1 then copy
/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wl8NetPointSecurityProviders.jar
- If you are using Weblogic 7.0 (atleast sp2 is required) then copy
/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wl7NetPointSecurityProviders.jar
- Start the Weblogic server with the default security realm. When the server is
running execute the script /setupNetPointRealm.cmd (or setupNetPointRealm.sh on
unix). You may have to modify the admin username/password inside the script.
The script will setup the NetPoint security realm and switch the default realm
to NetPointRealm. Now, restart the Weblogic server. Provide the Oracle Access
Manager user credentials during startup. If startup fails then look into the
server logs for details.
NOTE: If the script fails then configure the security realm manually through
Weblogic admin console to use the Oracle Access Manager security provider.
Instructions to configure it manually can be found in
/app/OAM/webgate/NetPointSecuProvForWeblogic/readme.htm
22. Click Finish to close the installer.
#>>Policy/Security Domain Pre-Deployment Environment Configuration
[root@oiam ~]# su oracle
1. Backup the files NetPointResourceMap.conf and NetPointProvidersConfig.properties from “/app/OAM/webgate/NetPointSecuProvForWeblogic” directory.
[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties.backup
[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointResourceMap.conf.backup
2. Edit /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties and modify the below mentioned values.
[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPointProvidersConfig.properties
| Parameter | Value |
| ObDebugMode | true |
| OB_ServerLogLevel | debug |
| ObAuthorization.OnDenyRedirectToUrl | |
| OB_InstallDir | /app/OAM/webgate/NetPointSecuProvForWeblogic |
| OB_LogLevel | debug |
| OB_LogFileName | /app/OAM/webgate/NetPointSecuProvForWeblogic /base_domain.log |
| OB_WebPassHost | oiam.sttg-poc.com |
| OB_WebPassPost | 80 |
| OB_AdminUserName | weblogic |
| OB_AdminUserCreds | abcd1234 |
| OB_CookieDomain | .sttg-poc.com |
| OB_CookiePath | / |
| OB_WebPassSSLEnabled | false |
3. Save the changes and exit the editor.
4. Copy the NetPointResourceMap.conf and NetPointProvidersConfig.properties files to the WebLogic APPDOMAIN directory: /app/BEA/user_projects/domains/base_domain.
[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/NetPoint* /app/BEA/user_projects/domains/base_domain/
5. Copy the file from
/app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wlNetPointSecurityProviders.jar to the directory /app/BEA/weblogic92/server/lib/mbeantypes.
[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/lib/mbeantypes/wlNetPointSecurityProviders.jar /app/BEA/weblogic92/server/lib/mbeantypes/
6. Backup the /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh
[oracle@oiam ~]$ cp /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh.backup
7. Edit the /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh.
[oracle@oiam ~]$ vi /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh
8. Search for JAVA_OPTIONS before #set the classpath section.
9. Enter the follwoing script after "export JAVA_OPTIONS" section near end of the file setDomainEnv.sh.
| # SET WLSConnector CLASSPATH and other paths OAMWLC="/app/OAM/webgate/NetPointSecuProvForWeblogic"; export OAMWLC OAMWLCDIR="${OAMWLC}/oblix/lib"; export OAMWLCDIR LD_LIBRARY_PATH="${OAMWLCDIR}:${LD_LIBRARY_PATH}"; export LD_LIBRARY_PATH PATH="${PATH}:${OAMWLCDIR}"; export PATH WLC_LIB_CLASSPATH="${OAMWLCDIR}/wlNetPoint.jar${CLASSPATHSEP}${OAMWLCDIR}/bcprov-jdk14-125.jar${CLASSPATHSEP} ${OAMWLCDIR}/xerces.jar${CLASSPATHSEP}${OAMWLCDIR}/jobaccess.jar"; export WLC_LIB_CLASSPATH |
10. Comment the existing classpath seting and enter the follwoing classpath setting.
| CLASSPATH="${PRE_CLASSPATH}${CLASSPATHSEP}${WLC_LIB_CLASSPATH}${CLASSPATHSEP}${WEBLOGIC_CLASSPATH}${CLASSPATHSEP}${POST_CLASSPATH}${CLASSPATHSEP}${WLP_POST_CLASSPATH}" |
11. Save the changes and exit the editor.
12. Stop and start the WebLogic Server.
[root@oiam ~]# /app/BEA/user_projects/domains/base_domain/bin/stopWebLogic.sh
[root@oiam ~]# /app/BEA/user_projects/domains/base_domain/bin/startWebLogic.sh
13. Backup /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties file.
[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties.backup
Change the following entries to the new values to reflect the current WebLogic Server Administrative user accounts.
[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm.properties
| Parameter | Value |
| exitonerror | false |
| adminServerListenAddress | wls.sttg-poc.com |
| adminServerName | AdminServer |
| domName | base_domain |
| passWord | abcd1234 |
| overWriteRootDir | true |
| TimeOut | 240000 |
| startedNewServer | 0 |
| domainDir | WLSTConfigToScriptDomain |
| userName | weblogic |
| adminServerListenPort | 7001 |
| startServerJvmArgs | <empty> |
14. Save the changes and exit the editor.
#>> Deploying OAM Security Realm to WebLogic Application Server
1. In case of Windows. Set Environment variable JAVA_VENDOR=Sun. In case of Linux run below mentioned commands.
[oracle@oiam ~]$ export JAVA_VENDOR=Sun
[oracle@oiam ~]$ source /app/BEA/user_projects/domains/base_domain/bin/setDomainEnv.sh
[oracle@oiam ~]$ cd /app/OAM/webgate/NetPointSecuProvForWeblogic/
[oracle@oiam ~]$ export PATH=/app/BEA/jdk150_12/bin:$PATH
[oracle@oiam ~]$ /app/OAM/webgate/NetPointSecuProvForWeblogic/setupNetPointRealm_wl92.sh
2. In case of windows execute setupNetPointRealm_wl92.cmd file.
3. You will receive message that “Activation Completed”.
4. Close the command window.
#>>Deploying OAM Policy Domains
1. Backup the file /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties
[oracle@oiam ~]$ cp /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties.backup
2. Edit the NetPointWeblogicTools.properties file and change the following entries to the new values.
[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/NetPointWeblogicTools.properties
| Parameter | Value |
| ObWLTools.Debug | true |
| ObPolicyDomain.Name | WebLogic Server Security Provider |
| ObPolicyDomain.LoginAttribute | uid |
| ObWLTools.SetupInitialNetpointSSPIPolicies | true |
| ObWLTools.DeployPolicy | false |
| ObWLToolsUnDeployPolicy | false |
| ObWLSDomain.Dir | /app/BEA/user_projects/domains/base_domain |
| ObWLAuthenticationScheme.Name | OAM WebLogic Server Basic Authentication |
| ObWLNoneAuthenticationScheme.Name | OAM WebLogic Anonymous Authentication |
| ObWLWebResource.usingIdentityAssertion | false |
3. Create and edit a new text file in the /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools directory called runDeployerTool.sh for linux and windows create runDeployerTool.bat.
[oracle@oiam ~]$ vi /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh
4. Make the contents of the file as follows:
export CLASSPATHSEP=":"
export OAMWLC="/app/OAM/webgate/NetPointSecuProvForWeblogic"
export OAMWLCDIR="${OAMWLC}/oblix"
export CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${OAMWLCDIR}/lib/jobaccess.jar${CLASSPATHSEP}${OAMWLCDIR}/tools/npWLTools${CLASSPATHSEP}${OAMWLCDIR}/tools/npWLTools/npWLTools.jar"
export PATH="${PATH}:${OAMWLCDIR}/lib"
export LD_LIBRARY_PATH="${OAMWLCDIR}/lib"
echo $CLASSPATH
cd ${OAMWLCDIR}/tools/npWLTools/
/app/BEA/jdk150_12/bin/java com.oblix.weblogic.tools.NetPointPolicyDeployer orcladmin abcd1234
5. Save the changes and exit the editor.
[oracle@oiam ~]$ chmod 755 /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh
6. Execute the file runDeployerTool.sh for linux and runDeployerTool.bat for Windows.
Note: run as OAM installed user ( root ).
[root@oiam ~]# cd /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/
[root@oiam ~]# /app/OAM/webgate/NetPointSecuProvForWeblogic/oblix/tools/npWLTools/runDeployerTool.sh
7. Examine the NetPointWeblogicTools.log file for details or error messages .
8) Browse to http://oiam.sttg-poc.com/access/oblix
9) Click Policy Manager.
10) Authenticate as orcladmin/abcd1234 or weblogic/abcd1234.
11) Click My Policy Domains.
12) Select the checkbox next to the “WebLogic Server Security Provider” policy domain.
13) Click Enable.
14) Locate and click WebLogic Server Security Provider policy domain.
15) Verify if “/Authen/Basic”, “/Authen/Roles” and “/Authen/Anonymous” resources are created.
16) Verify if Authorization Rule for Admin, Anyone, Authen and Role are created.
17) Click on Policies and verify if “Authen Policy”, “Authen Anonymous Policy”, “Role Policy” and “Common policy to unprotect gif files” are created.
18) Restart OAM Access Server.
#>> Examine WLS Server Security Providers
1) Goto http://wls.sttg-poc.com:7001/console
2) Log in as username weblogic/abcd1234.
3) Click Security Realms in Left Window pane.
4) Click Netpoint Realm in Right window pane.
5) Click Providers Tab > Certification Path > WebLogicCertPathProvider and select current builder as true and save.
6) Click “base_domain” of the Tree Structure on the left hand side.
7) Click Security Tab on the Right hand side.
8) Select default realm as NetpointRealm.
9) Stop WebLogic Server.
10) Remove /app/BEA/user_projects/domains/base_domain/servers/AdminServer/security/boot.properties or Edit it and change the username as weblogic and password as abcd1234.
11) start the BEA WebLogic Application Server. If prompted for user name and password, use weblogic/abcd1234.
12) Open http://wls.sttg-poc.com:7001/console in browser.
13) Log in as weblogic/abcd1234.
14) Navigate to base_domain > Security > Realms > NetPointRealm and expand NetPointRealm.
15) Examine Users and note that users from the OAM Identity repository are now listed.
For detailed steps and more information on the Integration of Weblogic with OAM refer Weblogic.pdf file that it provided along with the installers.
1400
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
