Back Up Configuration Files Setting the Order of Providers
11.2.6 Setting Up WebLogic Authenticators
This section assumes that you have already set up the LDAP authenticator by following the steps in Section 11.1.2.1, Creating the LDAP Authenticator. If you have not already created the LDAP authenticator, do it before continuing with this section. This section covers the following topics: ■ Section 11.2.6.1, Back Up Configuration Files ■ Section 11.2.6.2, Setting Up the OAM ID Asserter ■ Section 11.2.6.3, Setting the Order of Providers11.2.6.1 Back Up Configuration Files
To be safe, first back up the relevant configuration files: ORACLE_BASE admindomain_nameaserverdomain_nameconfigconfig.xml ORACLE_BASE admindomain_nameaserverconfigfmwconfigjps-config.xml ORACLE_BASE admindomain_nameaserverdomain_nameconfigfmwconfig system-jazn-data.xml Also back up the boot.properties file for the Administration Server.11.2.6.2 Setting Up the OAM ID Asserter
Perform these steps to set up the OAM ID Asserter: 1. Log in to Weblogic Console, if not already logged in.2. Click Lock Edit.
3. Navigate to SecurityRealms, then the default realm name, and then Providers.
4. Click New and select OAM Identity Asserter from the dropdown menu.
5. Name the asserter for example, OAM ID Asserter and click OK.
6. Click the newly added asserter to see the configuration screen for OAM Identity Asserter.7. Set the control flag to REQUIRED and click Save.
8. Open the Provider Specific tab to configure the following required settings:
■ Primary Access Server: provide OAM server endpoint information in host:port format. ■ AccessGate Name: name of the AccessGate for example, ECM_EDG_AG. ■ AccessGate Password: password for the AccessGate optional. 9. Save the settings.11.2.6.3 Setting the Order of Providers
Reorder the OAM Identity Asserter, OIDOVD Authenticator, and Default Authenticator by ensuring that the control flag for each authenticator is set as follows: ■ OAM Identity Asserter: REQUIRED ■ OID LDAP Authenticator or OVD LDAP Authenticator: SUFFICIENT ■ Default Authenticator: SUFFICIENT ■ DefaultIdentityAsserter After reordering, save the settings, activate the changes, and restart all servers. Integration with Oracle Identity Management 11-2311.3 Oracle Access Manager 11g Integration
This section describes how to set up Oracle Access Manager 11g as the single sign-on solution for the Oracle Enterprise Content Management Suite enterprise deployment topology. It contains the following sections: ■ Section 11.3.1, Overview of Oracle Access Manager Integration ■ Section 11.3.2, Prerequisites for Oracle Access Manager ■ Section 11.3.3, Setting Up WebGate ■ Section 11.3.4, Registering the WebGate Agent ■ Section 11.3.5, Setting Up the WebLogic Authenticators11.3.1 Overview of Oracle Access Manager Integration
Oracle Access Manager OAM is the recommended single sign-on solution for Oracle Fusion Middleware 11g Release 1. For more information on installing and configuring an OAM installation, see Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management. This section explains the procedure for configuring the Oracle ECM installation with an existing OAM 11g installation and the underlying directory service. Oracle recommends using either Oracle Internet Directory OID or Oracle Virtual Directory OVD or both of these directory services.11.3.2 Prerequisites for Oracle Access Manager
The setup for Oracle Access Manager OAM assumes an existing OAM 11g installation complete with Access Managers and a policy protecting the Policy Manager. For more information on installing and configuring an OAM installation, see Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management. This setup includes a directory service such as Oracle Internet Directory OID, either stand-alone or as part of an Oracle Virtual Directory OVD configuration. This section provides the necessary steps for configuring your enterprise deployment with either OID or OVD. In addition, the OAM installation should have its own Web server configured with WebGate. This section also provides the steps for using the OAM Web server as a delegated authentication server. Note: Do not forget to create a new credential for the new user. See Section 8.15, Configuring BPEL CSF Credentials for further details. This book uses the weblogic_ecm user as an example for SSO. Note: The Oracle ECM enterprise deployment topology described in this guide uses a single sign-on configuration where both the Oracle ECM system and the single sign-on system are in the same network domain mycompany.com. For a multi-domain configuration, please refer to the required configuration steps in Configuring Single Sign-On, of the Oracle Access Manager Access Administration Guide.Parts
» Oracle Fusion Middleware Online Documentation Library
» What Is an Enterprise Deployment? About Oracle Enterprise Content Management Suite
» Built-In Security High Availability
» Terminology Oracle Fusion Middleware Online Documentation Library
» Oracle Identity Management Web Tier
» Abbreviations Hardware Requirements What to Install
» Installation Procedure Oracle Fusion Middleware Online Documentation Library
» Database Host Requirements Supported Database Versions Initialization Parameters
» Loading the Oracle Fusion Middleware Metadata Repository in the Oracle RAC Database
» ecm.mycompany.com admin.mycompany.com soainternal.mycompany.com ecminternal.mycompany.com
» IPs and Virtual IPs Firewalls and Ports
» Terminology for Directories and Directory Environment Variables
» Recommended Locations for the Different Directories
» Shared Storage Configuration Shared Storage and Recommended Directory Structure
» LDAP as Credential and Policy Store
» Configuring the Oracle Web Tier
» Enabling ADMINVHN on SOAHOST1 Running the Configuration Wizard on SOAHOST1 to Create a Domain
» Configuring Oracle HTTP Server for the Administration Server
» Assumptions and Procedure Manually Failing Over the Administration Server to SOAHOST2
» Validating Access Through Oracle HTTP Server Backing Up the Installation
» Configuring Oracle Coherence for Deploying Composites
» Configuring the Java Object Cache for Oracle Web Services Manager
» Configuring Oracle HTTP Server for the WLS_SOA Managed Servers
» Setting the Frontend HTTP Host and Port Validating Access Through Oracle HTTP Server
» Enabling High Availability for Oracle File and FTP Adapters
» About Adding Oracle UCM to a Domain Extending the Domain to Include Oracle UCM
» Restarting the Administration Server Configuring a JMS Persistence Store for Oracle IPM JMS
» Configuring BPEL CSF Credentials
» About Setting Up Node Manager
» Generating Self-Signed Certificates Using the utils.CertGen Utility
» Configuring Node Manager to Use the Custom Keystores
» Configuring Managed WLS Servers to Use the Custom Keystores
» Testing the Server Migration
» Create an LDIF file assumed to be jpstestnode.ldif in this example
» Cataloging Oracle Internet Directory Attributes
» Overview of Oracle Access Manager Integration Prerequisites for Oracle Access Manager
» Running the OAM Configuration Tool
» Installing and Configuring WebGate
» Back Up Configuration Files Setting the Order of Providers
» Move to the following directory under your Oracle Home for Webgate:
» Updating the OAM11gRequest File
» Monitoring the Topology Defining an Optimal Input File Strategy for Oracle IPM
» Configuring UMS Drivers Oracle Fusion Middleware Online Documentation Library
» Choose the Automatic Server Migration Enabled option. This enables Node Click Save.
» Performing Backups and Recoveries
» Page Not Found When Accessing soa-infra Application Through Load Balancer
Show more