21-16 Oracle Fusion Middleware Administrators Guide c. Click Modify. Then, add the host name and port for the production Web server to the Hostname variations field. d. Click Save. e. From the Access System Configuration tab, select Access Gate Configuration. Then, select the relevant Access Gate. f. In the Details for AccessGate page, click Modify. g. Change the Hostname and Port, specifying the host name and port of the production Web server. h. Change the Preferred HTTP Host, specifying the host name variation that you added in Step c. i. Associate the WebGate to the newly added production Access Server, as described in Associating AccessGates and WebGates with Access Servers in the Oracle Access Manager Access Administration Guide. j. Disable the WebGate temporarily. From the Access System Console, select the Access System Configuration tab, then select AccessGate Configuration. Click Go to search. From the results, select an AccessGate. Then, click Modify. Click Disabled. Then, click Save. You enable it after you install the Access Server. 8. Install the Access Server using the new identifier that you used while creating the WebGates. See Installing the Access Server in the Oracle Access Manager Installation Guide. 9. Install the new WebGate. See Installing the WebGate in the Oracle Access Manager Installation Guide. 10. Verify entries and delete entries related to the test environment: a. From the Identity System Console, select the System Configuration tab, then select Directory Profiles. Verify that the respective Directory Profiles are associated with the new Identity Server, Access Server, and Policy Manager. b. From the Identity System Console, select the System Configuration tab, then select Webpass and delete the entry for the test WebPass. c. From the Identity System Console, select the System Configuration tab, then select Identity Server and delete the entry for the test Identity Server. d. From the Access System Console, select the Access System Configuration tab, then select Access Server Configuration. Delete the entry for the test environment Access Server. 11. From the Identity System Console, select the System Configuration tab, then select Password Policy. If the host and port are set for Password Change Redirect URL, change them to point to the new Identity Server. Note: Resources may become unprotected if you have the same host and port in multiple host identifiers. Ensure that only the host identifier used in the policy domain has the host:port in its definition. Remove host:port from other host identifiers. Moving from a Test to a Production Environment 21-17 12. From the Access System Console, select the Access System Configuration tab, then select Authentication Management. Select the authentication scheme for which Challenge redirect is set. Modify Challenge Redirect to specify the host and port of the new Web server, if the new authentication WebGate is installed. 13. From the Access System Console, select the Access System Configuration tab, then select Authentication Management. Select the authentication scheme for which a password policy is configured. Change the obWebPassURLprefix if it exists to accommodate the new host and port of the production Web server on which WebPass is installed, if WebPass and WebGate reside on different Web servers. For more information, see Configuring Password Policies in the Oracle Access Manager Identity and Common Administration Guide. Task 7 Move Oracle Identity Federation to a New Production Environment To move Oracle Identity Federation to a new production environment: 1. If you are using Oracle Access Manager with Oracle Identity Federation, update the Oracle Coherence host name and port on the production environment: a. Stop the Administration Server and stop all Managed Servers on the test environment, if they are running. b. Update the Coherence host under the CoherenceConfiguration sections in the following file to reflect the target host. DOMAIN_HOMEconfigfmwconfigoam-config.xml 2. Update the host name, port, and SOAP port to reflect the values on the production environment: a. In Fusion Middleware Control, navigate to the Oracle Identity Federation instance. b. from the target menu on the OIF page, choose Administration, then Server Properties. c. Change the Host, Port, and SOAP port to reflect the values on the production environment. If you are using a load balancer or proxy server, use their values. Otherwise use the values for the Managed Server that is serving the requests. d. Click Apply. 3. Update the service provider ID URL: a. In Fusion Middleware Control, from the target menu on the OIF page, choose Administration, then Server Provider. Select the Common tab. b. Update the Provider ID with the value for the production environment. c. If the Default SSO Identity Provider is not the same on the production environment as on the test environment, update the Default SSO Identity Provider. d. If the SSO Authentication Mechanism to identity provider mapping needs to be updated, click Configure. Then, click Add to select the mechanism name and the identity provider. Click OK. e. Click Apply. 4. Update the identity provider ID URL: