15-20 Oracle Fusion Middleware Administrators Guide f. For Preferred HTTP Host, specify the name of the Oracle HTTP Server Web server that is configured for this WebGate. For example, a WebGate deployed on myapphostv4.foo.com must use myapphostv4.foo.com as the Preferred HTTP host. g. To enable IP validation, add the IP address of the Proxy server as the value of the IPValidationException parameter. h. Click Save. i. Repeat for each WebGate and specify name of the Oracle HTTP Server Web server that is configured for this WebGate. 3. From the Access System Console, modify the Form authentication scheme to include a challenge redirect to the Proxy server, as follows: a. Click Access System Configuration, and then click Authentication Management . b. Click the name of the scheme to modify, and then click Modify. c. Configure the challenge redirect value to the Proxy server URL. In this example, the Proxy server URL is http:myapphost.foo.com. d. Click Save.

15.5.5.7 Configuring IPv6: Separate Proxy for Authentication and Resource WebGates

Use the procedure in this section to configure a separate proxy for authentication and resource WebGates. In this configuration, you have multiple proxies: for example a separate proxy for the authentication WebGate and another proxy for the resource WebGate. You can access the application from a browser on the IPv4 network directly to an IPv4 server host name with a login redirect to an IPv6 host. For example: ■ Resource WebGate is on http:myapphostv4.foo.com ■ Authenticating WebGate is on http:myssohostv4.foo.com ■ Proxy used for myapphostv4.foo.com should be myapphostv4.foo.com ■ Proxy used for myssohostv4.foo.com should be myssohostv4.com In the example, OHS_host and OHS_port are the host name and port of the Oracle HTTP Server that is configured for WebGate. Be sure to use values for your own environment. To configure IPv6 with a separate proxy for authentication and resource WebGates: 1. Configure Oracle HTTP Server 11g Release 1 11.1.1 or any other server for multiple proxies, as follows: a. Stop Oracle HTTP Server with the following command: opmnctl stopproc ias-component=component_name b. Edit the following file: UNIX ORACLE_INSTANCEconfigOHSohs_namehttpd.conf Windows ORACLE_INSTANCE\config\OHS\ohs_name\httpd.conf Note: You cannot use the IPv6 proxy name as the Preferred HTTP host in a WebGate profile. Changing Network Configurations 15-21 c. Append the following information for your environment to the httpd.conf file. For example: IfModule mod_proxy.c ProxyRequests Off ProxyPreserveHost On ProxyPass http:OHS_host:OHS_port ProxyPassReverse http:OHS_host:OHS_port IfModule d. Restart Oracle HTTP Server using the following command: opmnctl startproc ias-component=component_name 2. In the Access System Console, set the Preferred HTTP host for each WebGate as follows: a. Log in to the Access System Console. For example: http:hostname:portaccessoblix In the example, hostname refers to the computer that hosts the WebPass Web server; port refers to the HTTP port number of the WebPass Web server instance; accessoblix connects to the Access System Console. The Access System main page appears. b. Click Access System Configuration, and then click AccessGate Configuration . The Search for AccessGates page appears. The Search list contains a selection of attributes that can be searched. Remaining fields allow you to specify search criteria that are appropriate for the selected attribute. c. Select the search attribute and condition from the lists or click All to find all AccessGates, and then click Go. d. Click an AccessGates name to view its details. e. Click Modify. f. For Preferred HTTP Host, specify the name of the Oracle HTTP Server Web server that is configured for this WebGate. For instance, a WebGate deployed on myapphostv4.foo.com must use myapphostv4.foo.com as the Preferred HTTP host. g. To enable IP validation, add the IP address of the Proxy server as the value of the IPValidationException parameter. h. Click Save. i. Repeat for each WebGate and specify the name of the Oracle HTTP Server Web server that is configured for this WebGate. 3. From the Access System Console, modify the Form authentication scheme to include a challenge redirect to the Proxy server, as follows: a. Click Access System Configuration, and then click Authentication Management . b. Click the name of the scheme to modify, and then click Modify.