7-14 Oracle Fusion Middleware Third-Party Application Server Guide a. Create an oamsso subdirectory in the following path: WebGate_install_ diroamsso. b. Create and add to the new oamsso directory a login.html file with the following elements: --Sample login Page Code -- form name=loginForm method=post action=accesssso b Username: b input name=userid type=text maxLength=80 size=20 value= b Password: b input type=password maxLength=255 size=20 name=password autocomplete=off input type=submit value=Login name=submit form 3. Proceed to Configuring IBM WebSphere for OAM SSO and the IAP .

7.9 Configuring IBM WebSphere for OAM SSO and the IAP

This section provides the following topics: ■ Configuring a Stand Alone LDAP Registry for OAM in IBM WebSphere ■ Adding and Configuring a Virtual Host in IBM WebSphere ■ Configuring IHS Reverse Proxy in the IBM WebSphere Console ■ Creating the Interceptor Entry in the IBM WebSphere Console ■ Configuring the OAM TAI Configuration File

7.9.1 Configuring a Stand Alone LDAP Registry for OAM in IBM WebSphere

This section describes how to configure a stand-alone LDAP registry for OAM within IBM WebSphere. To configure a stand alone LDAP registry for OAM in IBM WebSphere 1. Login to your IBM WebSphere console. For example: http:host:portibmconsole 2. Go to Security, Global Security. 3. Under User account repository in Available realm definitions, select Standalone Ldap Registry and click Configure. 4. Under General Properties, fill in fields to configure the LDAP directory that is used by OAM: Primary administrative user name OAM admin username Server user identity: keep the default selection Type of Ldap Server: LDAP Directory Type for OAM Host: host name where LDAP directory resides Port : LDAP directory bind port Base DN: LDAP base DN Bind DN: LDAP bind DN Password: LDAP password Search timeout: keep the default value 120 seconds Keep default Reuse connection and Ignore case for authorization checked 5. Click Apply and OK and save this configuration. Managing OAM Identity Assertion on IBM WebSphere 7-15 6. On the same page, under Additional Properties, click Advanced Lightweight Directory Access Protocol LDAP user registry settings and fill in fields under the General Properties: User filter: uid=vobjectclass=inetOrgPerson Group filter: cn=vobjectclass=ldapsubentry User ID Map: uid Group ID Map: cn Group Member ID Map: nsRole:nsRole 7. Click Apply and OK and save this configuration. 8. On the same page, under Related Items, click Trusted authentication realms - inbound and confirm that the LDAP entry host:port is trusted. 9. Click Test connection to verify the connection configuration. 10. Restart IBM WebSphere. If Standalone LDAP Registry is not selected as Current realm then under User account repository in Available realm definitions, select Standalone Ldap Registry and click Set As Current. 11. From now onward, log in to the IBM WebSphere console using OAM LDAP directory login credentials as registered with IBM WebSphere.

7.9.2 Adding and Configuring a Virtual Host in IBM WebSphere