Click the Security Realms link on the left navigational bar. Click the myrealm default realm entry to configure it. Open the Providers tab within the realm. Click the New button to add a new provider. Enter a name for the provider such as OIDAuthenticator
10.1.2 Credential Store Configuration
A credential store is a repository of security data credentials. A credential can hold user name and password combinations, tickets, or public key certificates. Credentials are used during authentication, when principals are populated in subjects, and, further, during authorization, when determining what actions the subject can perform. In this section, steps are provided to configure Oracle Internet Directory LDAP as a credential store for the Oracle Fusion Middleware WebCenter Enterprise Deployment topology. For more details on credential store configuration, refer to the Configuring the Credential Store chapter in the Oracle Fusion Middleware Security Guide. The following section describe credential store configuration: ■ Section 10.1.2.1, Creating the LDAP Authenticator ■ Section 10.1.2.2, Moving the WebLogic Administrator to LDAP ■ Section 10.1.2.3, Reassociating the Domain Credential Store10.1.2.1 Creating the LDAP Authenticator
To be safe, before you create the LDAP authenticator, you should first back up the relevant configuration files: ORACLE_BASE admindomain_nameaserverdomain_nameconfigconfig.xml ORACLE_BASE admindomain_nameaserverdomain_ nameconfigfmwconfigjps-config.xml ORACLE_BASE admindomain_nameaserverdomain_ nameconfigfmwconfigsystem-jazn-data.xml Also back up the boot.properties file in the ORACLE_BASEadmindomain_ nameaserverdomain_nameserversAdminServersecurity directory for the Administration Server. To configure the credential store to use LDAP, set the proper authenticator using the WebLogic Server Console: 1. Log in to the WebLogic Server Console.2. Click the Security Realms link on the left navigational bar.
3. Click the myrealm default realm entry to configure it.
4. Open the Providers tab within the realm.
5. Observe that there is a DefaultAuthenticator provider configured for the realm.6. Click the New button to add a new provider.
7. Enter a name for the provider such as OIDAuthenticator or OVDAuthenticator
depending on whether Oracle Internet Directory or Oracle Virtual Directory will be used. Note: The backend repository for the policy store and the credential store must use the same kind of LDAP server. To preserve this coherence, note that reassociating one store implies reassociating the other one, that is, the reassociation of both the credential and the policy stores is accomplished as a unit using the Enterprise Manager or the WLST command reassociateSecurityStore. For more information, see Section 10.1.4, Reassociation of Credentials and Policies. Integration With Oracle Identity Management 10-38. Select the OracleInternetDirectoryAuthenticator or
OracleVirtualDirectoryAuthenticator type from the list of authenticators depending on whether Oracle Internet Directory or Oracle Virtual Directory will be used.9. Click OK.
10. In the Providers screen, click the newly created Authenticator.11. Set the control flag to SUFFICIENT. This indicates that if a user can be
authenticated successfully by this authenticator, then it should accept that authentication and should not continue to invoke any additional authenticators. If the authentication fails, it will fall through to the next authenticator in the chain. Make sure all subsequent authenticators also have their control flag set to SUFFICIENT ; in particular, check the DefaultAuthenticator and set that to SUFFICIENT .12. Click Save to save this setting.
Parts
» Oracle Fusion Middleware Online Documentation Library
» What is an Enterprise Deployment? Terminology
» Load Balancer Requirements Web Tier
» Oracle Identity Management Application Tier
» Data Tier What to Install Unicast Requirement
» Installation and Configuration Procedure Overview of Installation Strategies
» Database Host Requirements Supported Database Versions Initialization Parameters
» Loading the Oracle Fusion Metadata Repository in the Oracle RAC Database
» Configuring SOA Schemas for Transactional Recovery Privileges Backing Up the Database
» IPs and Virtual IPs Firewalls and Ports
» Hardware Requirements LDAP as Credential and Policy Store
» Installing Oracle HTTP Server on WEBHOST1 and WEBHOST2
» Validating Oracle HTTP Server Through the Load Balancer Backing Up Oracle HTTP Server
» Installing Oracle WebLogic Server Installing Oracle Fusion Middleware for WebCenter
» Enter HOMEoraInventory, where HOME is the home directory of the user Click Next.
» Applying the Java Required Files JRF Template to the WSM-PM_ Cluster
» Manually Failing Over the Administration Server to SOAHOST2
» Restarting the Administration Server Configuring Oracle Coherence for Deploying Composites
» Setting Connection Destination Identifiers for B2B Queues
» Validating Access Through Setting the Frontend HTTP Host and Port
» Installing Oracle Fusion Middleware Home Extending the Domain for WebCenter Components
» Generating Self-Signed Certificates Using the utils.CertGen Utility
» Configuring Node Manager to Use the Custom Keystores
» Configuring Search Services About Adding Oracle UCM to a Domain
» Extending the Domain to Include Oracle UCM
» Configuring the WC_UCM1 Managed Server
» Reassociating the Domain Policy Store
» Running the OAM Configuration Tool
» Configuring IP Validation for the Webgate Understanding Virtual Host configuration
» Configuring Virtual Hosts for OAM 10g
» The RREG Tool Register the WebGate Agent
» Configuring System Properties Setting Up Discussions Server to Use OAM as SSO Provider
» Monitoring the Topology Configuring UMS Drivers
» Managing Space in the SOA Infrastructure Database
» Performing Backups and Recoveries
Show more