Integration with Oracle Identity Management 11-17 4. A page appears showing the primary or secondary Access Servers currently configured for this WebGate. Click Add. 5. On the Add a New Access Server page, select an Access Server from the Select Server list, specify Primary Server, and define two connections for the WebGate. Click the Add button to complete the association. 6. A page appears, showing the association of the Access Server with the WebGate. Click the link to display a summary and print this page for later use. 7. Repeat steps 3 through 6 to associate more access servers to the WebGate.

11.2.3.9 Configuring Delegated Form Authentication

Perform these steps to configure the form authentication to redirect to the WebGate that was installed with the OAM installation:

1. Open the Access System Console.

2. In the Access System Configuration screen, select Authentication Management

from the left-hand bar.

3. Select OraDefaultFormAuthNScheme.

4. Click Modify.

5. In the Challenge Redirect field, enter the host and port of the IDM installation; for

example: http:sso.mycompany.com. Click Save when you are done. A WebGate should already be installed in the IDM installation. Refer to Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management for details.

11.2.4 Installing and Configuring WebGate

WebGate needs to be installed on each of the WEBHOSTn machines in order to secure the web tier: Note: There is a known issue with the Oracle Access Manager installer that sometimes manifests as a hang at install time on Linux. This is a third-party issue caused by InstallShield. To work around this issue, follow these steps: 1. Copy and paste the following in the shell where you start the installer: cd tmp mkdir bin. cd bin. cat mount EOF binsh exec bintrue EOF chmod 755 mount export PATH=`pwd`:PATH 2. Run the installation. 3. When the installer is finished running, clean the temporary directory using this command: rm -r tmpbin. 11-18 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle ECM Suite 1. Launch the WebGate installer see Section 1.8, What to Install for information on where to obtain it using the following command: WEBHOSTn .Oracle_Access_Manager10_1_4_3_0_linux_OHS11g_WebGate –gui

2. The Welcome screen opens. Click Next.

3. In the Customer Information screen Figure 11–1 , enter the user name and user group that the web server is running as. Click Next to continue. Figure 11–1 Customer Information Screen 4. In the installation target screen Figure 11–2 , specify the directory where WebGate should be installed. Click Next to continue. Figure 11–2 Installation Target Screen Integration with Oracle Identity Management 11-19

5. In the installation summary screen, click Next.

6. Download the required GCC runtime libraries for WebGate as instructed in the WebGate configuration screen Figure 11–3 , and use Browse to point to their location on the local computer. Click Next to continue. Figure 11–3 Runtime Libraries Screen

7. The installer now creates the required artifacts. After that is completed, click Next

to continue.

8. In the transport security mode screen

Figure 11–4 , select Open Mode: No Encryption and click Next to continue. Figure 11–4 Transport Security Mode Screen 11-20 Oracle Fusion Middleware Enterprise Deployment Guide for Oracle ECM Suite 9. In the WebGate configuration screen, provide the details of the access server that will be used. You must provide the following information: ■ WebGate ID , as provided when the OAM configuration tool was executed ■ Password for WebGate ■ Access Server ID , as reported by the OAM Access Server configuration ■ Access Server host name , as reported by the OAM Access Server configuration ■ Access Server port number , as reported by the OAM Access Server configuration You can obtain these details from your Oracle Access Manager administrator. Click Next to continue. Figure 11–5 Access Server Configuration Screen

10. In the Configure Web Server screen, click Yes to automatically update the web

server. Click Next to continue. 11. In the next Configure Web Server screen, specify the full path of the directory containing the httpd.conf file. This file is located in the following directory: ORACLE_BASE adminOHS_InstanceconfigOHSOHS_Component_Name For example: u01apporacleadminohs_instance2configOHSohs2httpd.conf Click Next to continue. 12. In the next Configure Web Server page, a message informs you that the Web server configuration has been modified for WebGate. Click Yes to confirm. Note: The Access Server ID, host name, and port are all required. Integration with Oracle Identity Management 11-21 13. Stop and start your Web server for the configuration updates to take effect. Click Next to continue. 14. In the next Configure Web Server screen, the following message is displayed: If the web server is set up in SSL mode, then the httpd.conf file needs to be configured with the SSL related parameters. To manually tune your SSL configuration, please follow the instructions that come up. Click Next to continue. 15. In the next Configure Web Server screen, a message with the location of the document that has information on the rest of the product setup and Web server configuration is displayed. Choose No and click Next to continue. 16. The final Configure Web Server screen appears with a message to manually launch a browser and open the HTML document for further information on configuring your Web server. Click Next to continue. 17. The Oracle COREid Readme screen appears. Review the information on the screen and click Next to continue. 18. A message appears along with the details of the installation informing you that the installation was successful.

11.2.5 Configuring IP Validation for the EDG Webgate