Before the applications can be installed and configured, the system must be prepared and database must be installed.
You will need the following installers
Downloads
Please use the Oracle Certification matrix before deciding upon the appropriate product version. The appropriate certification matrix are available at
- System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.0.0) ( xls)
- System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.1.0) ( xls)
- System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.2.0) ( xls)
In case you have a valid Oracle Support in place, you should download the products from the edelivery (https://edelivery.oracle.com) website
Setting up Oracle Enterprise Linux
Start the virtual box with OEL 57 DVD in the drive. Set the following values during initial steps
| Name | Value |
|---|
| Language for Installation | English |
| Keyboard | US English |
| Disk |
Remove all partitions on selected drive and create default layout
|
| Network Devices/Hostname | Active on boot/Uncheck Enable IP V6 support oiam11g |
| Timezone | Asia/Kolkata |
| Root | <password> |
| Selected items for install | Gnome Desktop Environment Base Legacy Software support X Windows System |
- Post reboot, the configuration setup involves, this will reboot the system and reconfigure based on selections
- Accept License agreement
- Firewall (Disabled)
- SELinux Setting (Disabled)
- Date Time (Enable Network Time Protocol)
- Create User (OIAM Admin/oiamadmin)
Enable the yum mechanism
# wget http://public-yum.oracle.com/public-yum-el5.repo
# cp public-yum-el5.repo /etc/yum.repos.d/el5.rep
|
In the el5.repo enable all the repositories that are for el5.
|
You can exclude kernel upgrades by adding "exclude=kernel*" in /etc/yum.conf
|
- Update installation by running "yum update".
Install oracle-validated and one missing item
yum install oracle-validated
yum install unixODBC-2.2.11
/sbin/chkconfig sendmail off
/sbin/chkconfig cups off
|
Redhat Enterprise Linux (5.3) on Amazon Web Service
Since the RHEL and OEL are practically the same, we leverage the same repository to manage the setup
- Start an instance of RHEL 5.9 as available in AWS store. Ensure that instance is setup with small memory size to allow you to install database with basic SGA size of 756MB. Add a separate disk of about 50GB size for the OIAM installation.
Once connected, add the following line in /etc/yum.conf
Upgrade the installation and install all the patches
Fix the perl issue by adding the following to /etc/profile
export LANGUAGE=en_US.UTF-8
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
|
- Prepare the new disk attached to the instance by running the following process
Initialize the disk using /sbin/fdisk /dev/sdb
/sbin/fdisk /dev/sdb
> n
> p
> 1
> 1
> 6527 (default)
> w
|
Create an ext3 file system
/sbin/mkfs -t ext3 /dev/sdb1
|
Mount the new file system
Add the following line to /etc/fstab for automatic mounting going forward
/dev/sdb1 /opt/idm ext3 defaults 0 0
|
Create an area for installers
cd /opt/idm/
mkdir installers
|
Configure the operating system
Disable SELinux by setting the following line in /etc/selinux/config
Install wget
Install oracle-validated by first installing the Oracle's PGP using for signing, then install unixODBC because there are some conflicts which are reported during installation of oracle-validated
cd /opt/idm/installers
wget http://public-yum.oracle.com/RPM-GPG-KEY-oracle-el5
rpm --import ./RPM-GPG-KEY-oracle-el5
yum install unixODBC
yum localinstall oracle-validated-1.0.0-32.el5.x86_64.rpm
|
Change the limits in /etc/security/limits.conf by adding the following lines
* soft nofile 131072
* hard nofile 131072
* soft nproc 131072
* hard nproc 131072
* soft core unlimited
* hard core unlimited
* soft memlock 50000000
* hard memlock 50000000
|
Reboot the server
Install the UI environment
yum groupinstall "GNOME Desktop Environment"
yum install vnc-server
yum install firefox
|
Stop and configure some of the standard services
chkconfig iptables off
chkconfig cups off
chkconfig ip6tables off
chkconfig exim off
|
- Reboot
set hostname to iam.demo.aps or appropriate hostname. Please note that this hostname will get embedded in the OIAM configuration for internal calls, so please choose it carefully.
Add the hostname to /etc/hosts
127.0.0.1 localhost.localdomain localhost iam.demo.aps iam
|
Create a demo user that will be used for all login and sharing purpose.
Create the user
groupadd demo
useradd -c "Demo" -d /home/demo -g demo -m -s /bin/bash demo
|
Add the following to /etc/sudoers to allow easy setup and execution through demo user id
demo ALL=(ALL) NOPASSWD: ALL
|
Configure vncserver for user
Run VNC server for the first time
Kill the server
- Uncomment the lines where indicated in ~demo/.vnc/xstartup
- Start the VNC server again
Provide access to installer directory
sudo chown -R demo:demo /opt/idm/installers
|
- Setup automatic environment setup during startup
Create file /etc/init.d/oim-setup
#!/bin/sh
### BEGIN INIT INFO
# Provides:
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# chkconfig: 345 80 05
# Short-Description: Setup OIM server
# description: Setup Operating system environment
# processname: oim-setup
### END INIT INFO
dir="/home/demo/Desktop"
user="demo"
cmd=""
name=`basename $0`
pid_file="/var/run/$name.pid"
stdout_log="/var/log/$name.log"
stderr_log="/var/log/$name.err"
get_pid() {
cat "$pid_file"
}
is_running() {
[ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
}
case "$1" in
start)
echo "Configuring environment with $name"
hostname iam.demo.aps
sudo -u demo /usr/bin/vncserver
# Add startup scripts for database, directory, weblogic, web server here #
;;
stop)
echo "Cleaning up $name"
sudo -u demo /usr/bin/vncserver -kill :1
# Add shutdown scripts for web server, weblogic, directory, database here #
;;
restart)
$0 stop
$0 start
;;
status)
echo "Capability Not available"
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac
exit 0
|
Install and enable the service for running on startup
sudo /sbin/chkconfig --add oim-setup
sudo /sbin/chkconfig oiam on
|
Java
- cd /opt
- ./jdk-6u30-linux-x64.bin
- ln -sf jdk1.6.0_30/ java
|
Please check the certification matrix of corresponding product before deciding the java version that you are going to use.
|
Database
Setup oracle id with oper group "/usr/sbin/groupadd oper" and "/usr/sbin/usermod -g oinstall -G dba,oper
The default oracle-validate does not contain the oper group and so added this step. Not sure whether this is actually needed.
|
Setup the installation directories as "root"
mkdir /opt/oracle
chown oracle:oinstall /opt/oracle/
chmod 755 /opt/oracle/
|
Add the following to the .bash_profile of the oracle user
# Oracle Settings
TMP=/opt/oracle/tmp; export TMP
TMPDIR=$TMP; export TMPDIR
#ORACLE_HOSTNAME=hostname.localdomain
#export ORACLE_HOSTNAME
ORACLE_BASE=/opt/oracle/db
export ORACLE_BASE
DB_HOME=$ORACLE_BASE/product/11.2.0/dbhome_1
export DB_HOME
ORACLE_HOME=$DB_HOME
export ORACLE_HOME
ORACLE_SID=OIMDB
export ORACLE_SID
ORACLE_TERM=xterm
export ORACLE_TERM
JAVA_HOME=/opt/java
export JAVA_HOME
BASE_PATH=/usr/sbin:$PATH
export BASE_PATH
PATH=$JAVA_HOME/bin:$ORACLE_HOME/bin:$BASE_PATH
export PATH
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
export LD_LIBRARY_PATH
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib
export CLASSPATH
if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
fi
|
Unzip the installers in one location and run installer
su - oracle cd /home/oracle/downloads
unzip linux.x64_11gR2_database_1of2.zip
unzip linux.x64_11gR2_database_2of2.zip
cd database
./runInstaller
|
Provide the following information
| Attribute | Value |
|---|
| I wish to receive Security Update via My Oracle Support | unchecked |
| Installation Option | Install Database Only |
| Grid Option | Single Database |
| Product Language | English |
| Database Edition | Standard Edition |
| Oracle Base | /opt/oracle/db |
| Software location | /opt/oracle/db/product/11.2.0/dbhome_1 |
| Inventory Location | /opt/oracle/oraInventory |
| Oracle Install group Name | oinstall |
| OSDBA Group | dba |
| OSOPER Group | oper |
The validation was failing for memory and swap size. Increased memory to 1.5 (min 1GB required) and created a swap file to pass the validation
cd /opt
mkdir swap
cd swap
dd if=/dev/zero of=/opt/swap/file bs=1M count=2048
chmod 600 /opt/swap/file
/sbin/mkswap /opt/swap/file
/sbin/swapon /opt/swap/file
# Added new line in /etc/fstab file
/opt/swap/file swap swap defaults 0 0
|
- During the installation process, installer will wait for execution of the following items "/opt/oracle/oraInventory/orainstRoot.sh" "/opt/oracle/db/product/11.2.0/dbhome_1/root.sh"
Listener Configuration
login as oracle and execute the command
su - oracle
$ORACLE_HOME/bin/netca
|
Configure the following value
| Name | Value |
|---|
| Listener Name | LISTENER |
| Select Protocol | TCP |
| Standard Port | 1521 |
Database Configuration
Start database configuration
su - oracle
cd $ORACLE_HOME/bin
./dbca
|
Configure following values
| Name | Value |
|---|
| Create a database | Checked |
| Database Template | Custom Database |
| Global Database Name/SID | OIMDB |
| Management Options (Configure Enterprise Manager - checked) | Configure Database control for local management |
| Password for sys/system/dbsnmp/sysman | <password> |
| File System/Storage Type | Use Oracle Managed Files |
| Fast Recovery Area | Default Values |
| Database Components | Default Value, ensure all components are selected |
| Initialization Parameter/Memory/SGA-PGA | 512MB (should be fine for demo/dev environment) |
| Use Automatic Memory Management | checked |
| Initialization Parameter/Sizing/Process Parameter Value | 500 |
| Initialization Parameter/Character set | Use Unicode |
| National Character Set | UTF-8 |
| Default Language | American |
| Default Territory | United States |
| All Initialization Parameters/Show Advance Parameters/open_cursors | 800 (Override Default) |
| java_pool_size | 134217728 (Override Default) |
| session_cached_cursors | 100 (Override Default) |
| SHARED_POOL_SIZE | 150994944 (Override Default) |
Installation takes very long time. Have patience
|
After installation following information is provided
| Name | Value |
|---|
| Log files | /opt/oracle/db/cfgtoollogs/dbca/OIMDB |
| Global Database Name/SID | OIMDB |
| Server Parameters File | /opt/oracle/db/product/11.2.0/dbhome_1/dbs/spfileOIMDB.ora |
| Database Control File | https://oim11gr2.aps.dev:1158/em |
| Management Encryption Key | /opt/oracle/db/product/11.2.0/dbhome_1/oim11gr2.aps.dev_OIMDB/sysman/config/emkey.ora |
| Locked Account | OUTLN, FLOWS_FILES, MDSYS,ORDDATA, ORDSYS, CTXSYS, ANONYMOUS, EXFSYS, WMSYS, XDB, APPQOSSYS,ORDPLUGINS, APEX_030200, SI_INFORMTN_SCHEMA, DIP, APEX_PUBLIC_USER, ORACLE_OCM |
Ensure that the following entry is configured as shown in the /etc/oratab to ensure that database can be started using dbstart utility
OIMDB:/opt/oracle/db/product/11.2.0/dbhome_1:Y
|
Create the following dbstart.sh startup script in the /home/oracle
. ./bash_profile
$ORACLE_HOME/bin/dbstart $ORACLE_HOME
|
. ./bash_profile
bin/dbshut $ORACLE_HOME
|
Weblogic
Setup a new user called oimuser and create directory for OIM Installation
su -
groupadd oimgroup
useradd -c "OIM Install User" -d /home/oimuser -g oimgroup -m -s /bin/bash oimuser
passwd oimuser
cd /opt
mkdir fmw
chown oimuser:oimgroup fmw/
# Add the following line to .bash_profile
export JAVA_HOME=/opt/java
export PATH=$JAVA_HOME/bin:$PATH
su - oimuser
mkdir /opt/fmw/temp
java -Djava.io.tmpdir=/opt/fmw/temp/ -jar wls_generic.jar
|
Install weblogic with following configuration
| Name | Value |
|---|
| New Middleware Home | /opt/fmw/Middleware |
| Skip the security registeration |
|
| Install Type | Typical |
| JDK | Use the installed |
| Product Install (Weblogic) | /opt/fmw/Middleware/wlserver_10.3 |
| Oracle Coherence | /opt/fmw/Middleware/coherence_3.6 |
Oracle HTTP Server
Oracle HTTP Server or other supported web servers are typically used to expose the Oracle Identity and Access Management Servers to end user. This allows you to develop a 3 tier infrastructure in line with standard infrastructure best practices. Please note that unless you have specific requirement to protect IAM Applications, the web server should be replaceable with standard load balancers like f5.
GCC Version Check
Ensure that the correct version of libgcc version is available
| Operating System | Architecture | GCC Libraries | Required Library Version |
|---|
Linux 32-bit
|
x86
|
libgcc_s.so.1
libstdc++.so.5
|
3.3.2
|
Linux 64-bit
|
x64
|
libgcc_s.so.1
libstdc++.so.6
|
3.4.6
|
Solaris 64-bit
|
SPARC
|
libgcc_s.so.1
libstdc++.so.5
|
3.3.2
|
Linux32 on i386 platform
Run the following commands and ensure that their output is always greater than 0:
cd /usr/lib strings -a libgcc_s.so.1 | grep -c "GCC_3.0" strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c "GCC_3.3" file libgcc_s.so.1 | grep "32-bit" | grep -c "80386" file libstdc++.so.5 | grep "32-bit" | grep -c "80386"
|
Linux 64 on x86-64 platform
Run the following commands and ensure that their output is always greater than 0:
cd /usr/lib64 strings -a libgcc_s.so.1 | grep -c "GCC_3.0" strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c "GCC_3.3" strings -a libgcc_s.so.1 | grep -c "GCC_4.2.0" file libgcc_s.so.1 | grep "64-bit" | grep -c "x86-64" file -L libstdc++.so.6 | grep "64-bit" | grep -c "x86-64"
|
Run the following commands and ensure that their output is always greater than 0:
strings -a libgcc_s.so.1 | grep -c "GCC_3.0"strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c "GCC_3.3"file libgcc_s.so.1 | grep "64-bit" | grep -c "SPARC"file libstdc++.so.5 | grep "64-bit" | grep -c "SPARC"
|
Installation
Setup a new user called ohs and create directory for OHS Installation
cd ~iamadmin/downloads
mkdir webtier
cd webtier
unzip ../ofm_webtier_linux_11.1.1.6.0_64_disk1_1of1.zip
su -
groupadd ohs
useradd -c "OHS User" -d /home/ohs -g ohs -m -s /bin/bash ohs
passwd ohs
cd /opt
mkdir ohs
chown ohs:ohs ohs/
mkdir /opt/ohs/inventory
|
Create the file /opt/ohs/inventory/oraInst.loc with content
inventory_loc=/opt/ohs/inventory
inst_group=ohs
|
Run installation
su - ohs
cd ~demo/downloads/webtier/Disk1/
./runInstaller -invPtrLoc /opt/ohs/inventory/oraInst.loc
|
Install with following settings
| Name | Value |
|---|
| Skip Software Update | select |
| Install and Configure | select |
| Middleware Home | /opt/ohs/Middleware |
| Oracle Home Directory | Oracle_WT1 |
| Skip Security update intimation | Select |
| Configure Components | Oracle HTTP Server [Not selected]
Oracle Web Cache [Not selected]
Associate Selected component with weblogic domain [ Not selected] |
- The OHS is installed and configured at
Location: /opt/ohs/Middleware/Oracle_WT1
Configuration
The following steps must be performed to configure the OHS to provide a single URL for all the various components that are part of the setup.
- Create a new instance of OHS web instance
Start the configuration process
cd /opt/idm/web/Middleware/Oracle_WT1/bin
./config.sh
|
Configure Components
| Name | Value |
|---|
| Oracle HTTP Server | Checked |
| Oracle Web Cache | unchecked |
| Associate selected component with weblogic domain | unchecked |
Specify Component Details
| Name | Value |
|---|
| Instance Home Location | /opt/idm/web/server/oam |
| Instance Name | oamWeb |
| OHS component name | oamWeb |
- Configure Ports : Select Auto Port Configuration
- In next step, which is "Specify security update", uncheck the check box to receive security update and click next
- Configuration process will start
- After the process is complete the server is running.
Stop the server to change the configuration
cd /opt/idm/web/server/oam/bin
./opmnctl stopall
|
Make the following changes to /opt/idm/web/server/oam/config/OHS/oamWeb/httpd.conf
Change the listening port to 80
Please note that in order to run the OHS on port 80, you need to do the following
cd /opt/idm/web/Middleware/Oracle_WT1/ohs/bin
sudo chown root .apachectl
sudo chmod 6750 .apachectl
After making the above change, the server can be started on port 80 and 443
|
Replace the old section with this
<IfModule mpm_worker_module>
ServerLimit 20
StartServers 2
MaxClients 1000
MinSpareThreads 200
MaxSpareThreads 800
ThreadsPerChild 50
MaxRequestsPerChild 10000
AcceptMutex fcntl
LockFile "${ORACLE_INSTANCE}/diagnostics/logs/${COMPONENT_TYPE}/${COMPONENT_NAME}/http_lock"
</IfModule>
|
Make the following change in /opt/idm/web/server/oam/config/OHS/oamWeb/ssl.conf
Listen 443
<VirtualHost *:443>
|
In order to allow the OHS to connect to OIAM specific weblogic servers over SSL, ensure that the wallet has been created.
cd /opt/idm/web/server/certs
/opt/idm/fmw/Middleware/oracle_common/bin/orapki wallet create -wallet ./default -pwd <password>
/opt/idm/fmw/Middleware/oracle_common/bin/orapki wallet add -wallet ./default/ -trusted_cert -cert ./opam-cert.pem
/opt/idm/fmw/Middleware/oracle_common/bin/orapki wallet create -wallet ./default -auto_login
/opt/idm/fmw/Middleware/oracle_common/bin/orapki wallet display -wallet ./default
|
Please note that opam-cert.pem is the certificate for the server in the following format
-----BEGIN CERTIFICATE-----
MIIB7TCCAZcCEHmpqyVWgLECwqcjDmTr+gEwDQYJKoZIhvcNAQEEBQAweTELMAkG
A1UEBhMCVVMxEDAOBgNVBAgTB015U3RhdGUxDzANBgNVBAcTBk15VG93bjEXMBUG
A1UEChMOTXlPcmdhbml6YXRpb24xGTAXBgNVBAsTEEZPUiBURVNUSU5HIE9OTFkx
EzARBgNVBAMTCkNlcnRHZW5DQUIwHhcNMTQwMjA4MDM1NjA3WhcNMjkwMjA5MDM1
NjA3WjB7MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTXlTdGF0ZTEPMA0GA1UEBwwG
TXlUb3duMRcwFQYDVQQKDA5NeU9yZ2FuaXphdGlvbjEZMBcGA1UECwwQRk9SIFRF
U1RJTkcgT05MWTEVMBMGA1UEAwwMaWFtLmRlbW8uYXBzMFwwDQYJKoZIhvcNAQEB
BQADSwAwSAJBAMHXWo2dqBy1RAHeG34w4YZvaFWEIa5kuV3yZJeyPzXnfZArFEw0
dQbPXiN5cuHglVamDr8jHMw3EQ9yFoGUpeMCAwEAATANBgkqhkiG9w0BAQQFAANB
AKXsizXZQJbtHp7ZaZbA9xkBFOgGZpnddt2gprWQFaQWKI4Yp7CPi3WDzktdF2hq
WRw/5beDSLO4GsNLw9CFlSE=
-----END CERTIFICATE-----
|
The following values must be defined in the mod_wl_ohs.conf to support all the Identity and Access Management components
###################################
## General Domain Configuration
###################################
# Admin Server and EM
<Location /console>
SetHandler weblogic-handler
WebLogicHost iam.demo.aps
WebLogicPort 7001
</Location>
<Location /consolehelp>
SetHandler weblogic-handler
WebLogicHost iam.demo.aps
WebLogicPort 7001
</Location>
<Location /em>
SetHandler weblogic-handler
WebLogicHost iam.demo.aps
WebLogicPort 7001
</Location>
###################################################
## Entries Required by Oracle Entitlements Server
###################################################
# APM
<Location /apm>
SetHandler weblogic-handler
WebLogicHost iam.demo.aps
WebLogicPort 7001
</Location>
##################################################
## Entries Required by Oracle Unified Directory
##################################################
# OUD ODSM
<Location /odsm>
SetHandler weblogic-handler
WebLogicHost iam.demo.aps
WebLogicPort 7001
</Location>
##############################################
## Entries Required by Oracle Access Manager
##############################################
# OAM Console
<Location /oamconsole>
SetHandler weblogic-handler
WebLogicHost iam.demo.aps
WebLogicPort 7001
</Location>
################################################
## Entries Required by Oracle Identity Manager
################################################
# OIM self and advanced admin webapp consoles(canonic webapp)
<Location /oim>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
WebLogicHost iam.demo.aps
WebLogicPort 14000
</Location>
# OIM, xlWebApp - Legacy 9.x webapp (struts based)
<Location /xlWebApp>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM self service console
<Location /identity>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM Nexaweb WebApp - used for workflow designer and DM
<Location /Nexaweb>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
<Location /sysadmin>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OAM Configuration
<Location /oam>
SetHandler weblogic-handler
WLProxySSL ON
WLProxySSLPassThrough ON
WLCookieName OAM_JSESSIONID
WebLogicHost iam.demo.aps
WebLogicPort 14100
</Location>
<Location /oamsso>
SetHandler weblogic-handler
WLProxySSL ON
WLProxySSLPassThrough ON
WLCookieName OAM_JSESSIONID
WebLogicHost iam.demo.aps
WebLogicPort 14100
</Location>
# Required if using Oracle Identity Federation
<Location /oamfed>
SetHandler weblogic-handler
WLProxySSL ON
WLProxySSLPassThrough ON
WLCookieName OAM_JSESSIONID
WebLogicHost iam.demo.aps
WebLogicPort 14100
</Location>
# Required if using Oracle Identity Federation
<Location /sts>
SetHandler weblogic-handler
WLProxySSL ON
WLProxySSLPassThrough ON
WLCookieName OAM_JSESSIONID
WebLogicHost iam.demo.aps
WebLogicPort 14100
</Location>
##################################################
## Entries Required by Oracle Identity Manager
##################################################
# OIM, xlWebApp - Legacy 9.x webapp (struts based)
<Location /xlWebApp>
SetHandler weblogic-handler
WLProxySSL ON
WLProxySSLPassThrough ON
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM self service console
<Location /identity>
SetHandler weblogic-handler
WLProxySSL ON
WLProxySSLPassThrough ON
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
#################################################
## Entries Required by Oracle Identity Manager
#################################################
# Provide the OIM Managed Server Port
<Location /workflowservice>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, SOA Infra
<Location /soa-infra>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 8001
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, Used for provisioning-callback.
<Location /provisioning-callback>
SetHandler weblogic-handler
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, SOA Callback webservice for SOD - Provide the SOA Managed Server Ports
<Location /sodcheck>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 8001
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, SOA Callback
<Location /integration>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 8001
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, spml xsd profile
<Location /spml-xsd>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, spml dsml profile
<Location /spmlws>
SetHandler weblogic-handler
PathTrim /weblogic
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, role-sod profile
<Location /role-sod>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, used for Callback service.
<Location /callbackResponseService>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
# OIM, UMS Email Support
<Location /ucs>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 8001
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
<Location /reqsvc>
SetHandler weblogic-handler
WLCookieName oimjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14000
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
</Location>
################################
# OAAM Configuration ##
################################
<Location /oaam_admin>
SetHandler weblogic-handler
WLCookieName oaamjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14200
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oaam_component.log"
</Location>
<Location /oaam_offline>
SetHandler weblogic-handler
WLCookieName oaamjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14400
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oaam_component.log"
</Location>
<Location /oaam_server>
SetHandler weblogic-handler
WLCookieName oaamjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 14300
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oaam_component.log"
</Location>
###############################
# OPAM Configuration ##
###############################
<Location /oinav>
SetHandler weblogic-handler
WLCookieName opamjsessionid
WebLogicHost iam.demo.aps
WebLogicPort 18101
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/opam_component.log"
</Location>
#<Location /opam>
# SetHandler weblogic-handler
# WLCookieName opamjsessionid
# WebLogicHost iam.demo.aps
# WebLogicPort 18102
# WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/opam_component.log"
# SecureProxy On
# WlSSLWallet "/opt/idm/web/server/certs/default"
# </Location>
|
- Enable the configuration to prevent http redirect in case of https
- Access the WebLogic Server console
- Click on 'Servers' → '<SSL_Managed_Server>' → 'General' → 'Advanced'
- Check the 'WebLogic Plug-In Enabled' box.
- Click 'Save'
- Restart the Managed Server.
|
Comments
Post a Comment