20. Installation Oracle Access Manager
[appoam@slcr12devtap1 Disk1]$ ./runInstaller
Starting Oracle Universal Installer...
Checking if CPU speed is above 300 MHz. Actual 2294 MHz Passed
Checking Temp space: must be greater than 150 MB. Actual 8411 MB Passed
Checking swap space: must be greater than 512 MB. Actual 7684 MB Passed
Checking monitor: must be configured to display at least 256 colors. Actual 16777216
Passed
Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-18_07-22-22PM.
Please wait ...
Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist
:/apps/jrockit-jdk1.6.0_51
Click Next
26. Click Finish
Completed installing the oracle accessmanager
Configuring the Oracle Access Manager
[appoam@slcr12devtap1 Disk1]$ export WL_HOME=/apps/Middleware/MW_HOME/OAM/
[appoam@slcr12devtap1 Disk1]$ export
ORACLE_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM
[appoam@slcr12devtap1 Disk1]$ cd $ORACLE_HOME
[appoam@slcr12devtap1 Oracle_OAM]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAM
[appoam@slcr12devtap1 Oracle_OAM]$ cd common
[appoam@slcr12devtap1 common]$ cd bin
[appoam@slcr12devtap1 bin]$
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46. Completed configuring the Oracle Access Manager
==============================================================================
=======
Configuring Database Security Store for an Oracle Identity and Access Management Domain
appoam@slcr12devtap1 domains]$ cd
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain
[appoam@slcr12devtap1 oamdomain]$
/apps/Middleware/MW_HOME/OAM/oracle_common/common/bin/wlst.sh
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/common/tools/configureSecurityStore.p
y -d /apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain -c IAM -u
dev_opss -p Passw0rd -m create
Below Is the output of above script
CLASSPATH=/apps/Middleware/MW_HOME/OAM/patch_wls1036/profiles/default/sys_manife
st_classpath/weblogic_patch.jar:/apps/Middleware/MW_HOME/OAM/patch_ocp371/profiles/
default/sys_manifest_classpath/weblogic_patch.jar:/apps/jrockit-
53. 2014-04-19 10:02:13.422 rcu:Statement Type: 'DDL Statement'
2014-04-19 10:02:13.476 rcu:Extracting Statement from File Name:
'/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops
s_upgrade_111160_111161.sql'Line Number: 122
2014-04-19 10:02:13.476 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_CLASS ON
CT_6 (PRINCIPAL_CLASS) ]
2014-04-19 10:02:13.477 rcu:Statement Type: 'DDL Statement'
2014-04-19 10:02:13.512 rcu:Extracting Statement from File Name:
'/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops
s_upgrade_111160_111161.sql'Line Number: 123
2014-04-19 10:02:13.512 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_NAME ON
CT_6 (NAME) ]
2014-04-19 10:02:13.512 rcu:Statement Type: 'DDL Statement'
2014-04-19 10:02:13.540 rcu:Extracting Statement from File Name:
'/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops
s_upgrade_111160_111161.sql'Line Number: 124
2014-04-19 10:02:13.540 rcu:Extracted SQL Statement: [CREATE INDEX IDX_CT_6_PRINCIPAL
ON CT_6 (CONCAT(PRINCIPAL_CLASS, NAME))]
2014-04-19 10:02:13.541 rcu:Statement Type: 'DDL Statement'
2014-04-19 10:02:13.568 rcu:Extracting Statement from File Name:
'/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops
s_upgrade_111160_111161.sql'Line Number: 127
2014-04-19 10:02:13.568 rcu:Extracted SQL Statement: [UPDATE JPS_ATTRS SET
ATTRVAL='11.1.1.6.1' WHERE ATTRNAME='orclProductVersion' AND (ATTRVAL='11.1.1.6.0')]
2014-04-19 10:02:13.569 rcu:Statement Type: 'DML Statement'
2014-04-19 10:02:13.579 rcu:Extracting Statement from File Name:
'/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops
s_upgrade_111160_111161.sql'Line Number: 128
2014-04-19 10:02:13.579 rcu:Extracted SQL Statement: []
2014-04-19 10:02:13.584 rcu:Extracting Statement from File Name:
'/apps/Middleware/MW_HOME/OAM/oracle_common/common/sql/opss/oracle/upgrade/ops
s_upgrade_111160_111161.sql'Line Number: 128
2014-04-19 10:02:13.584 rcu:Extracted SQL Statement: [COMMIT;]
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup -
done
Apr 19, 2014 10:02:47 AM
oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator
schemaCompatibleHandler
INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.6.1 is
compatible to the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSchema -
Store schema has been seeded completely
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator]
updateServiceConfiguration - done
54. Apr 19, 2014 10:02:50 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl
migrateCredentialData
INFO: Migration of Credential Store data in progress.....
Apr 19, 2014 10:02:59 AM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl
migrateCredentialData
INFO: Migration of Credential Store data completed, Time taken for migration is 00:00:08
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] migrateData - done
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] testJpsService - done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup -
done
Apr 19, 2014 10:02:59 AM
oracle.security.jps.internal.config.ldap.LdapKeyStoreServiceConfigurator
schemaCompatibleHandler
INFO: Keystore schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to
the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSchema -
Store schema has been seeded completely
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator]
updateServiceConfiguration - done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] migrateData - done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] testJpsService - done
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup -
done
Apr 19, 2014 10:03:03 AM
oracle.security.jps.internal.config.ldap.LdapPolicyStoreServiceConfigurator
schemaCompatibleHandler
INFO: Policy schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible to
the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSchema -
Store schema has been seeded completely
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator]
updateServiceConfiguration - done
WLS ManagedService is not up running. Fall back to use system properties for configuration.
Apr 19, 2014 10:03:23 AM
oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData
INFO: Migration of Admin Role Members started
Apr 19, 2014 10:03:24 AM
oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData
INFO: Migration of Admin Role Members completed in 00:00:00
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] migrateData - done
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] testJpsService - done
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup -
done
55. Apr 19, 2014 10:03:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator
schemaCompatibleHandler
INFO: Audit store schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible
to the seed schema version 11.1.1.4.0
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSchema -
Store schema has been seeded completely
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator]
updateServiceConfiguration - done
Apr 19, 2014 10:03:25 AM
oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData
INFO: Migration of Audit Store data in progress.....
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] migrateData - done
Apr 19, 2014 10:04:52 AM
oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData
INFO: Migration of Audit Store data completed, Time taken for migration is 00:01:27
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] testJpsService - done
persist to output:
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig -
done
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup -
done
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator]
updateServiceConfiguration - done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup -
done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator]
updateServiceConfiguration - done
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup -
done
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator]
updateServiceConfiguration - done
Apr 19, 2014 10:05:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator
checkIfConfigurationValid
INFO: Audit store re-association not supported.
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup -
Audit store re-association not supported.
persist to output:
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig –
done
Apr 19, 2014 10:03:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator
schemaCompatibleHandler
INFO: Audit store schema upgrade not required. Store Schema version 11.1.1.6.1 is compatible
to the seed schema version 11.1.1.4.0
56. [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSchema -
Store schema has been seeded completely
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator]
updateServiceConfiguration - done
Apr 19, 2014 10:03:25 AM
oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData
INFO: Migration of Audit Store data in progress.....
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] migrateData - done
Apr 19, 2014 10:04:52 AM
oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData
INFO: Migration of Audit Store data completed, Time taken for migration is 00:01:27
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] testJpsService - done
persist to output:
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig -
done
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup -
done
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator]
updateServiceConfiguration - done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup -
done
[oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator]
updateServiceConfiguration - done
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup -
done
[oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator]
updateServiceConfiguration - done
Apr 19, 2014 10:05:24 AM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator
checkIfConfigurationValid
INFO: Audit store re-association not supported.
[oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup -
Audit store re-association not supported.
persist to output:
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig -
done
INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA
will not be used.
INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA
will not be used.
Using default context in
/apps/Middleware/MW_HOME/OAM/user_projects/domains/oamdomain/config/fmwconfig/j
ps-config-migration.xml file for credential store.
Credential store location : jdbc:oracle:thin:@usaslcoamdbr12t.goldbar.barrick.com:1531/oamd
Credential with map Oracle-IAM-Security-Store-Diagnostics key Test-Cred stored successfully!
57. Credential for map Oracle-IAM-Security-Store-Diagnostics and key Test-Cred is:
GenericCredential
Info: diagnostic credential created in the credential store.
Info: Create operation has completed successfully.
appoam@slcr12devtap1 lib]$ ls -ltr rdbms*
-rwxr-x--- 1 appoam oinstall 8310 Apr 18 19:21 rdbms_security_store_db2.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_db2_remove.sql
-rwxr-x--- 1 appoam oinstall 8302 Apr 18 19:21 rdbms_security_store_derby.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_derby_remove.sql
-rwxr-x--- 1 appoam oinstall 8508 Apr 18 19:21 rdbms_security_store_oracle.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_oracle_remove.sql
-rwxr-x--- 1 appoam oinstall 8172 Apr 18 19:21 rdbms_security_store_sqlserver.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_sqlserver_remove.sql
-rwxr-x--- 1 appoam oinstall 10591 Apr 18 19:21 rdbms_security_store_sybase.sql
-rwxr-x--- 1 appoam oinstall 801 Apr 18 19:21 rdbms_security_store_sybase_remove.sql
[appoam@slcr12devtap1 lib]$ scp -r rdbms_security_store_oracle.sql
oraOAMD@usaslcomadbr12t:/home/oraOAMD
ssh: Could not resolve hostname usaslcomadbr12t: Name or service not known
lost connection
[appoam@slcr12devtap1 lib]$ scp -r rdbms_security_store_oracle.sql
oraOAMD@usaslcoamdbr12t:/home/oraOAMD
The authenticity of host 'usaslcoamdbr12t (10.13.80.176)' can't be established.
RSA key fingerprint is 9c:e2:b5:d5:f3:69:58:53:0c:d6:7a:6c:1c:bb:74:90.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'usaslcoamdbr12t,10.13.80.176' (RSA) to the list of known hosts.
oraOAMD@usaslcoamdbr12t's password:
rdbms_security_store_oracle.sql
100% 8508 8.3KB/s 00:00
[appoam@slcr12devtap1 lib]$ pwd
/apps/Middleware/MW_HOME/OAM/wlserver_10.3/server/lib
-rwxr-x--- 1 oraOAMD dba 8508 Apr 19 10:09 rdbms_security_store_oracle.sql
[oraOAMD@usaslcoamdbr12t ~]$ sqlplus dev_opss
SQL*Plus: Release 11.2.0.4.0 Production on Sat Apr 19 10:09:54 2014
Copyright (c) 1982, 2013, Oracle. All rights reserved.
58. Enter password:
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> @rdbms_security_store_oracle.sql;
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
59. Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
Table created.
1 row created.
Commit complete.
SQL> exit
Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit
Production
With the Partitioning, OLAP,
OAM patches:
18138998 --- Oracle Identity Management Suite BP patch of 11.1.2.1.3
17496113: WARNING: COULD NOT OBTAIN LOCK ON POLLTRACKING.LCK
60. Start OAM services
/apps/Middleware/MW_HOME/OAM/oracle_common/common/bin/setNMProps.sh
~/bin/start_node_manager.sh
/apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMdomain/bin/startWebLogic.
sh
/apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMdomain/bin/startManaged
WebLogic.sh oam_server1
Installing Oracle HTTP Server
[appoam@slcr12devtap1 common]$ cd /mnt/shared/software_dump/HTTP_WEB_SERVER/
[appoam@slcr12devtap1 HTTP_WEB_SERVER]$ ls -ltr
total 1760516
drwxr-xr-x 6 appoam oinstall 4096 Mar 2 2013 Disk1
drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 Disk2
drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 Disk3
-rw-r--r-- 1 appoam oinstall 22806 Mar 12 2013 readme.html
-rw-r--r-- 1 appoam oinstall 1802723467 Apr 17 16:47 V37384-01.zip
[appoam@slcr12devtap1 HTTP_WEB_SERVER]$ cd Disk1
[appoam@slcr12devtap1 Disk1]$ ls -ltr
total 36
-rwxrwxr-x 1 appoam oinstall 16532 Oct 25 2012 runInstaller
drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 plugins
drwxrwxr-x 6 appoam oinstall 4096 Mar 2 2013 doc
drwxr-xr-x 12 appoam oinstall 4096 Mar 2 2013 stage
drwxrwxr-x 3 appoam oinstall 4096 Mar 2 2013 install
[appoam@slcr12devtap1 Disk1]$ ./runInstaller
Starting Oracle Universal Installer...
Checking Temp space: must be greater than 400 MB. Actual 8339 MB Passed
Checking swap space: must be greater than 500 MB. Actual 7553 MB Passed
Checking monitor: must be configured to display at least 256 colors. Actual 16777216
Passed
61. Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-28_04-51-50PM.
Please wait ...[appoam@slcr12devtap1 Disk1]$ Log: /apps/oraInventory/logs/install2014-04-
28_04-51-50PM.log
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72. Completed installation of oracle HTTP server
Installing oracle webgate
[appoam@slcr12devtap1 Disk1]$ ls -ltr
total 100
-rwxrwxr-x 1 appoam oinstall 73728 Sep 15 2011 setup.exe
-rwxrwxr-x 1 appoam oinstall 16454 Sep 19 2011 runInstaller
drwxrwxr-x 12 appoam oinstall 4096 Apr 18 2013 install
drwxr-xr-x 13 appoam oinstall 4096 Apr 18 2013 stage
[appoam@slcr12devtap1 Disk1]$ ./runInstaller
Starting Oracle Universal Installer...
Checking if CPU speed is above 300 MHz. Actual 2294 MHz Passed
Checking Temp space: must be greater than 150 MB. Actual 8345 MB Passed
Checking swap space: must be greater than 512 MB. Actual 7537 MB Passed
73. Checking monitor: must be configured to display at least 256 colors. Actual 16777216
Passed
Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-28_05-15-54PM.
Please wait ...
Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist :^C
[appoam@slcr12devtap1 Disk1]$ echo $JAVA_HOME
/apps/jrockit-jdk1.6.0_51
[appoam@slcr12devtap1 Disk1]$ ./runInstaller
Starting Oracle Universal Installer...
Checking if CPU speed is above 300 MHz. Actual 2294 MHz Passed
Checking Temp space: must be greater than 150 MB. Actual 8345 MB Passed
Checking swap space: must be greater than 512 MB. Actual 7537 MB Passed
Checking monitor: must be configured to display at least 256 colors. Actual 16777216
Passed
Preparing to launch Oracle Universal Installer from /tmp/OraInstall2014-04-28_05-16-11PM.
Please wait ...
Please specify JRE/JDK location ( Ex. /home/jre ), <location>/bin/java should exist
:/apps/jrockit-jdk1.6.0_51
[appoam@slcr12devtap1 Disk1]$ [WARN ][jrockit] MaxPermSize=512m ignored: Not a valid
option for JRockit
Log: /apps/oraInventory/logs/install2014-04-28_05-16-11PM.log
74.
75.
76.
77.
78.
79. Completed installation of wegate
==============================================================================
=======
Install and Configure WebGate on the WebTier
[appoam@slcr12devtap1 deployWebGate]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/deployWeb
Gate
[appoam@slcr12devtap1 deployWebGate]$ echo $MW_HOME
[appoam@slcr12devtap1 deployWebGate]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/deployWeb
Gate
[appoam@slcr12devtap1 deployWebGate]$ export
MW_HOME=/apps/Middleware/MW_HOME/OAM
80. [appoam@slcr12devtap1 deployWebGate]$ ./deployWebGateInstance.sh -w
$MW_HOME/Oracle_WT1/instances/instance1/config/OHS/ohs1 -oh
$MW_HOME/Oracle_OAMWebGate1
Copying files from WebGate Oracle Home to WebGate Instancedir
[appoam@slcr12devtap1 Oracle_OAMWebGate1]$ export
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/apps/Middleware/MW_HOME/OAM/Oracle_WT1/lib
[appoam@slcr12devtap1 Oracle_OAMWebGate1]$ cd
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/tools/setup/Install
Tools
[appoam@slcr12devtap1 InstallTools]$
[appoam@slcr12devtap1 InstallTools]$ ./EditHttpConf -w
$MW_HOME/Oracle_WT1/instances/instance1/config/OHS/ohs1 -oh
$MW_HOME/Oracle_OAMWebGate1
The web server configuration file was successfully updated
/apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/http
d.conf has been backed up as
/apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/http
d.conf.ORIG
[appoam@slcr12devtap1 InstallTools]$
Setting Up the RREG Tool
To set up the RREG tool, complete the following steps:
On UNIX
After installing and configuring Oracle Access Manager, go to the following directory:
Oracle_IDM2/oam/server/rreg/client
Untar the RREG.tar.gz file.
Example:
gunzip RREG.tar.gz
tar -xvf RREG.tar
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/client
[appoam@slcr12devtap1 client]$ ls -ltr
84. <agentBaseUrl>http://usaslcoamr12t.goldbar.barrick.com:7777</agentBaseUrl>
<logOutUrls><url>/logout</url></logOutUrls>
</OAM11GRegRequest>
[appoam@slcr12devtap1 input]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/input
Create ebs.oam.conf file
[appoam@slcr12devtap1 input]$ vi ebs.oam.conf
[appoam@slcr12devtap1 input]$
##############################################################################
#
# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
#
# This is a configuration file, to be used with the OAM Config Tool, for
# configuring policies in OAM in order to facilitate Single Sign On.
#
# Protected URIs:-
# A Protected URI (resource) implies that an user must be authenticated
# before he could access that resource. Upon accessing a protected uri, the
# user would be redirected to the OAM login page for authentication.
# Subsequently, upon successful authentication, he would be redirected to the
# original requested resource.
#
# Public URIs:-
# A Public URI (resource), on the contrary, implies that a user be allowed
# access to that resource without authentication.
#
# This file essentially contains a list of protected and public URIs belonging
# to an Application.
#
# Please refer to the documentation of OAM Config Tool for anything related to
# the OAM Config tool's usage and the documentation of OAM for anything
# related to OAM in general.
#
##########################
# File format description
##########################
# 1. Any line beginning with '#' is considered a comment and would be ignored
85. # 2. Likewise any empty line or any line beginning with ' ' (space) would be
# ignored
# 3. All the Protected URIs must be listed followed by the key-word:
# "protected_uris".
# 4. All the Public URIs must be listed followed by the key-word: "public_uris"
#
# Note that Public URIs are optional. But you need to have at least one
# Protected URI listed
#
#
########################
#Product Name: E-Business Suite
########################
###########################
protected_uris
###########################
/ebsauth_devt12
/index.html
###########################
public_uris
###########################
/ebsauth_devt12/style/
/ebsauth_devt12/ssologin
/ebsauth_devt12/ssologout.do
/ebsauth_devt12/ssologout_callback
/public/oacleanup.html
/public/index.html
export JAVA_HOME=/apps/jrockit-jdk1.6.0_51
export
OAM_REG_HOME=/apps/Middleware/MW_HOME/OAM/Oracle_OAM/oam/server/rreg/bin
./bin/oamreg.sh inband input/EBS_OAM11g_DEVT12.xml
Enter admin password:
Do you want to enter a Webgate password?(y/n):
n
Do you want to import an URIs file?(y/n):
95. Verify Login as OID User
At this point, test your WebGate again. Refer to section Test your WebGate.
Access the protected test page from your browser:
http://usaslcoagr12t.goldbar.barrick.com:7777/index.html
Login as oamadmin user
Configure Response Headers Add Response Headers to the Authentication Policies
In the OAM Console, navigate to Policy Configuration tab > Browse tab > Application Domains
node > Search for {Identifier for your WebGate} usaslcoagr12t > Authentication Policies >
Protected Resource Policy.
96. Double-click the node Protected Resource Policy.
In the Authentication Policy configuration window, click on the Responses tab. Use the "+" icon
and add the following two rows.
Name Type Value
USER_NAME Header $user.userid
USER_ORCLGUID Header $user.attr.orclguid
Leave the Identity Assertion checkbox unchecked.
Click Apply to save your changes.
Add Response Headers to the Authorization Policies
In the OAM Console, navigate to Policy Configuration tab > Browse tab > Application Domains
node > Search for {Identifier for your WebGate} usaslcoagr12t> Authorization Policies node >
Protected Resource Policy.
Double-click the node Protected Resource Policy.
In the Authorization Policy configuration window, click on the Responses tab. Use the "+" icon
and add the following two rows.
Name Type Value
USER_NAME Header $user.userid
USER_ORCLGUID Header $user.attr.orclguid
Click Apply to save your changes.
97.
98. OAMADMIN Relogin issue:
In OAM console under security relam create OID Authenticator
And change order as like below.
Make sure Control Flag: set to Sufficient.
99. Test Response Headers
[appoam@usaslcoamr12t htdocs]$ ls -ltr
[appoam@usaslcoamr12t htdocs]$ pwd
/apps/Middleware/MW_HOME/OAM/Oracle_WT1/instances/instance1/config/OHS/ohs1/htdo
cs
[appoam@usaslcoamr12t htdocs]$ ln -s ../cgi-bin cgi-bin
[appoam@usaslcoamr12t htdocs]$ chmod 755 cgi-bin/printenv
Logon to the OAM Console
In the OAM Console, navigate to Policy Configuration tab > Application Domains node > Search
for {Identifier for your WebGate} > Resources node.
100. Double-click the node Resources.
Click the "New Resource" button at the upper right hand side of the window.
Enter the following information in the Create Resource region, and click Apply:
•Type = HTTP
•Description = Test Response Headers
•Host Identifier = {Identifier for your WebGate}
•Resource URL= /cgi-bin/printenv
•Protection Level = Protected
•Authentication Policy = Protected Resource Policy
•Authorization Policy = Protected Resource Policy
Access the protected printenv script from your browser. For example:
http://usaslcoagr12t.goldbar.barrick.com:7777/cgi-bin/printenv
Configure OAM to support long URLs
Long URLs may exceed a cookie limit on your Internet browser. Configure Oracle Access
Manager to support long URLs by changing the serverRequestCacheType from COOKIE to FORM
in Oracle Access Manager configuration file
$DOMAIN_HOME/config/fmwconfig/oam-config.xml:
[appoam@usaslcoamr12t fmwconfig]$ cp -r oam-config.xml oam-config.xml_05042014
[appoam@usaslcoamr12t fmwconfig]$ vi oam-config.xml
[appoam@usaslcoamr12t fmwconfig]$ pwd
/apps/Middleware/MW_HOME/OAM/user_projects/domains/OAMDomain/config/fmwconfig
[appoam@usaslcoamr12t fmwconfig]$
Change
<Setting Name="serverRequestCacheType" Type="xsd:string">COOKIE</Setting>
to
<Setting Name="serverRequestCacheType" Type="xsd:string">FORM</Setting>
Session Timeout parameter:
Check Ebiz session timeout parameter and match with same values.
103. The whitelist URL with key OAMCONSOLE has been updated.
Configure Oracle E-Business Suite
Create WebLogic Domain and Managed Server for Oracle E-Business Suite AccessGate
104.
105.
106.
107.
108.
109. Start WebLogic server for Oracle E-Business Suite AccessGate
Deploy Oracle E-Business Suite AccessGate
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12
appoam@usaslcoamr12t devt12]$ unzip p18006775_R12_GENERIC.zip
creating: sample/
inflating: fndauth.war
inflating: fndauth_deployment_plan.tmp
inflating: fndext.jar
inflating: sample/logging.properties
inflating: sample/samplecleanup.html
inflating: txkEBSAuth.xml
inflating: Readme.txt
creating: plan/
[appoam@usaslcoamr12t devt12]$ ls -ltr
total 660
drwxr-xr-x 2 appoam oinstall 4096 Apr 16 2013 plan
-rw-r--r-- 1 appoam oinstall 30387 Jul 12 2013 txkEBSAuth.xml
drwxr-xr-x 2 appoam oinstall 4096 Jul 12 2013 sample
111. Scp Generated file to OAM server at location
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12
Set Up Necessary Oracle E-Business Suite Users
ASADMIN is default account we are using here.
Set up a necessary Oracle E-Business Suite user with role UMX|APPS Schema Connect.
After setting up the user, logon locally to Oracle E-Business Suite as the user with role
UMX|Apps Schema Connect.
http://<ebshost>.<domain>:<port>/OA_HTML/AppsLocalLogin.jsp
If this user has just been created, you will be prompted on logon to Oracle E-Business Suite to
reset the password. Reset the password.
Verify that you can successfully logon locally with the new password as the user with role
UMX|Apps Schema Connect.
Create Datasource for Oracle E-Business Suite AccessGate using txkEBSAuth.xml
[appoam@usaslcoamr12t devt12]$ ant -f txkEBSAuth.xml createDataSource -
DuseDefaults=false -Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic
-Dwlspwd=Passw0rd -DdataSourceName=devt12 -DdataSourceJNDIName=jndi/devt12 -
DasadminUser=asadmin -DasadminPassword=0racle1 -DserverName=eag_server1 -
DdbcFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCO
AMR12T.dbc -DforceDataSource=true
Buildfile: txkEBSAuth.xml
findOS:
getServerDetails:
[input] skipping input as property wlshosturl has already been set.
[input] skipping input as property wlsuser has already been set.
getWLSAdminPasswordWindows:
getWLSAdminPasswordUnix:
echoON:
[input] skipping input as property wlspwd has already been set.
echoOFF:
112. getDataSourceDetails:
[input] skipping input as property dataSourceName has already been set.
[input] skipping input as property dataSourceJNDIName has already been set.
[input] skipping input as property dbcFile has already been set.
[input] skipping input as property asadminUser has already been set.
getappsDBDetails:
[echo] DBC File is
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCOAMR12T.
dbc
[echo] APPS_JDBC_URL is
APPS_JDBC_URL=jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=YES
)(FAILOVER=YES)(ADDRESS=(PROTOCOL=tcp)(HOST=slcr12devtdb1.goldbar.barrick.com)(PO
RT=1601)))(CONNECT_DATA=(SERVICE_NAME=DEVT12)))
[echo]
[echo] Following values are retrieved from DBC File:
[echo] SID/SERVICE:DEVT12
[echo]
APPS_JDBC_URL:jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=YES)(FAIL
OVER=YES)(ADDRESS=(PROTOCOL=tcp)(HOST=slcr12devtdb1.goldbar.barrick.com)(PORT=1601)
))(CONNECT_DATA=(SERVICE_NAME=DEVT12)))
getASADMINPasswordWindows:
getASADMINPasswordUnix:
echoON:
[input] skipping input as property asadminPassword has already been set.
echoOFF:
getTargetServerDetails:
[input] skipping input as property serverName has already been set.
getDataSourceParameters:
checkDBCExists:
checkFndextWarExits:
createDataSource:
[echo] ********************************************************************
[echo] STEP 1: CREATING DATA SOURCE
[echo] ********************************************************************
113. [wlst] Connecting to server using username:weblogic
url:usaslcoamr12t.goldbar.barrick.com:7041
[wlst] Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7041 with userid weblogic ...
[wlst] Successfully connected to Admin Server 'AdminServer' that belongs to domain
'EAGDomain'.
[wlst]
[wlst] Warning: An insecure protocol was used to connect to the
[wlst] server. To ensure on-the-wire security, the SSL port or
[wlst] Admin port should be used instead.
[wlst]
[wlst] Check if data source devt12 already exits
[wlst]
[wlst]
[wlst] Check if JNDI Name jndi/devt12 already exists
[wlst]
[wlst] Changing to Edit Mode
[wlst] Location changed to edit tree. This is a writable tree with
[wlst] DomainMBean as the root. To make changes you will need to start
[wlst] an edit session via startEdit().
[wlst]
[wlst] For more help, use help(edit)
[wlst]
[wlst] Starting an edit session ...
[wlst] Started edit session, please be sure to save and activate your
[wlst] changes once you are done.
[wlst]
[wlst] Creating data source : devt12
[wlst]
[wlst] Setting JDBCDataSourceParams for the data source devt12
[wlst]
[wlst] Setting JNDI name for the data source devt12
[wlst]
[wlst] Setting JDBCDriverParams for the data source devt12
[wlst]
[wlst] Setting User and dbcFile properties for the data source devt12
[wlst]
[wlst] Setting JDBCConnectionPoolParams for the data source devt12
[wlst]
[wlst] Setting GlobalTransactionsProtocol for the data source devt12
[wlst]
[wlst] Setting target for the data source devt12
[wlst]
[wlst] Saving all your changes ...
[wlst] Saved all your changes successfully.
114. [wlst] Activating all your changes, this may take a while ...
[wlst] The edit lock associated with this edit session is released
[wlst] once the activation is completed.
[wlst] Activation completed
[wlst] Successfully created data source devt12.
[wlst] Disconnected from weblogic server: AdminServer
BUILD SUCCESSFUL
Total time: 42 seconds
[appoam@usaslcoamr12t devt12]$
Deploy Oracle E-Business Suite AccessGate using txkEBSAuth.xml
[appoam@usaslcoamr12t devt12]$ ant -f txkEBSAuth.xml deployApplication -
DuseDefaults=false -Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic
-Dwlspwd=Passw0rd -DdataSourceName=devt12 -DasadminUser=asadmin -
DasadminPassword=0racle1 -DdataSourceJNDIName=jndi/devt12 -
DdbcFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCO
AMR12T.dbc -DserverName=eag_server1 -DdeploymentName=ebsauth_devt12 -
DfndauthWarFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.w
ar -
DplanPath=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml -
DSSOServerRelease=11 -DSSOServerURL=http://usaslcoamr12t.goldbar.barrick.com:7777 -
DWebgateLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/public/oacleanup.html -
DcontextRoot=ebsauth_devt12 -DforceDeployment=true -
DOAMLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/oam/server/logoutant -f
txkEBSAuth.xml deployApplication -DuseDefaults=false -
Dwlshosturl=usaslcoamr12t.goldbar.barrick.com:7041 -Dwlsuser=weblogic -Dwlspwd=Passw0rd
-DdataSourceName=devt12 -DasadminUser=asadmin -DasadminPassword=0racle1 -
DdataSourceJNDIName=jndi/devt12 -
DdbcFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/DEVT12_USASLCO
AMR12T.dbc -DserverName=eag_server1 -DdeploymentName=ebsauth_devt12 -
DfndauthWarFile=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.w
ar -
DplanPath=/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml -
DSSOServerRelease=11 -DSSOServerURL=http://usaslcoamr12t.goldbar.barrick.com:7777 -
DWebgateLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/public/oacleanup.html -
DcontextRoot=ebsauth_devt12 -DforceDeployment=true -
DOAMLogoutURL=http://usaslcoamr12t.goldbar.barrick.com:7777/oam/server/logout
Buildfile: txkEBSAuth.xml
findOS:
115. getServerDetails:
[input] skipping input as property wlshosturl has already been set.
[input] skipping input as property wlsuser has already been set.
getWLSAdminPasswordWindows:
getWLSAdminPasswordUnix:
echoON:
[input] skipping input as property wlspwd has already been set.
echoOFF:
getTargetServerDetails:
[input] skipping input as property serverName has already been set.
getDeploymentDetails:
[input] skipping input as property deploymentName has already been set.
[input] skipping input as property contextRoot has already been set.
[input] skipping input as property fndauthWarFile has already been set.
[input] skipping input as property planPath has already been set.
[input] skipping input as property dbcFile has already been set.
[input] skipping input as property dataSourceJNDIName has already been set.
getOAMDetails:
[input] skipping input as property WebgateLogoutURL has already been set.
[input] skipping input as property SSOServerRelease has already been set.
[input] skipping input as property SSOServerURL has already been set.
getDeploymentParameters:
checkWarExists:
checkDBCExists:
copyDeploymentPlan:
[echo] Copying fndauth_deployment_plan.tmp to
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml
[copy] Copying 1 file to
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan
checkPlanDirExists:
creatPlandirAndWeblogicXML:
116. [touch] Creating
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/plan/WEB-
INF/weblogic.xml
checkPlanExists:
getAPPServerID:
updateDeploymentPlan:
[echo] Updating Deployment Plan
deployApplication:
[echo] ********************************************************************
[echo] STEP 2: DEPLOYING APPLICATION
[echo] ********************************************************************
[wlst] Connecting to server using username:weblogic
url:usaslcoamr12t.goldbar.barrick.com:7041
[wlst]
[wlst] Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7041 with userid weblogic ...
[wlst] Successfully connected to Admin Server 'AdminServer' that belongs to domain
'EAGDomain'.
[wlst]
[wlst] Warning: An insecure protocol was used to connect to the
[wlst] server. To ensure on-the-wire security, the SSL port or
[wlst] Admin port should be used instead.
[wlst]
[wlst]
[wlst] Check if deployment ebsauth_devt12 already exists.
[wlst]
[wlst] Location changed to serverRuntime tree. This is a read-only tree with
ServerRuntimeMBean as the root.
[wlst] For more help, use help(serverRuntime)
[wlst]
[wlst]
[wlst]
[wlst] Deploying application to eag_server1
[wlst]
[wlst] Changing to Edit Mode
[wlst] Location changed to edit tree. This is a writable tree with
[wlst] DomainMBean as the root. To make changes you will need to start
[wlst] an edit session via startEdit().
[wlst]
[wlst] For more help, use help(edit)
[wlst]
117. [wlst] Starting an edit session ...
[wlst] Started edit session, please be sure to save and activate your
[wlst] changes once you are done.
[wlst] Deploying application from
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war to targets
eag_server1 (upload=false) ...
[wlst] <May 4, 2014 4:02:08 PM MDT> <Info> <J2EE Deployment SPI> <BEA-260121>
<Initiating deploy operation for application, ebsauth_devt12 [archive:
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war], to
eag_server1 .>
[wlst] You have an edit session in progress, hence WLST will not
[wlst] block for your deployment to complete.
[wlst] Started the Deployment of Application. Please refer to the returned WLSTProgress
object or variable LAST to track the status.
[wlst]
[wlst] Successfully deployed fndauth.war application.
[wlst]
[wlst] Saving all your changes ...
[wlst] Saved all your changes successfully.
[wlst] Activating all your changes, this may take a while ...
[wlst] The edit lock associated with this edit session is released
[wlst] once the activation is completed.
[wlst] Activation completed
[wlst] Disconnected from weblogic server: AdminServer
[wlst] <May 4, 2014 4:02:17 PM MDT> <Warning> <JNDI> <BEA-050001> <WLContext.close()
was called in a different thread than the one in which it was created.>
findOS:
getServerDetails:
[input] skipping input as property wlshosturl has already been set.
[input] skipping input as property wlsuser has already been set.
getWLSAdminPasswordWindows:
getWLSAdminPasswordUnix:
echoON:
[input] skipping input as property wlspwd has already been set.
echoOFF:
getTargetServerDetails:
[input] skipping input as property serverName has already been set.
118. getDeploymentDetails:
[input] skipping input as property deploymentName has already been set.
[input] skipping input as property contextRoot has already been set.
[input] skipping input as property fndauthWarFile has already been set.
[input] skipping input as property planPath has already been set.
[input] skipping input as property dbcFile has already been set.
[input] skipping input as property dataSourceJNDIName has already been set.
getOAMDetails:
[input] skipping input as property WebgateLogoutURL has already been set.
[input] skipping input as property SSOServerRelease has already been set.
[input] skipping input as property SSOServerURL has already been set.
getDeploymentParameters:
checkWarExists:
checkDBCExists:
copyDeploymentPlan:
[echo] Copying fndauth_deployment_plan.tmp to
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan/Plan.xml
[copy] Copying 1 file to
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/plan
checkPlanDirExists:
creatPlandirAndWeblogicXML:
checkPlanExists:
getAPPServerID:
updateDeploymentPlan:
[echo] Updating Deployment Plan
deployApplication:
[echo] ********************************************************************
[echo] STEP 2: DEPLOYING APPLICATION
[echo] ********************************************************************
[wlst] Connecting to server using username:weblogic
url:usaslcoamr12t.goldbar.barrick.com:7041
[wlst]
119. [wlst] Connecting to t3://usaslcoamr12t.goldbar.barrick.com:7041 with userid weblogic ...
[wlst] Successfully connected to Admin Server 'AdminServer' that belongs to domain
'EAGDomain'.
[wlst]
[wlst] Warning: An insecure protocol was used to connect to the
[wlst] server. To ensure on-the-wire security, the SSL port or
[wlst] Admin port should be used instead.
[wlst]
[wlst]
[wlst] Check if deployment ebsauth_devt12 already exists.
[wlst]
[wlst]
************************************************************************
[wlst] WARNING: Application with name ebsauth_devt12 already exists.
[wlst]
************************************************************************
[wlst] Location changed to serverRuntime tree. This is a read-only tree with
ServerRuntimeMBean as the root.
[wlst] For more help, use help(serverRuntime)
[wlst]
[wlst]
[wlst]
[wlst] Deploying application to eag_server1
[wlst]
[wlst] Changing to Edit Mode
[wlst] Location changed to edit tree. This is a writable tree with
[wlst] DomainMBean as the root. To make changes you will need to start
[wlst] an edit session via startEdit().
[wlst]
[wlst] For more help, use help(edit)
[wlst]
[wlst] Starting an edit session ...
[wlst] Started edit session, please be sure to save and activate your
[wlst] changes once you are done.
[wlst] Deploying application from
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war to targets
eag_server1 (upload=false) ...
[wlst] <May 4, 2014 4:02:39 PM MDT> <Info> <J2EE Deployment SPI> <BEA-260121>
<Initiating deploy operation for application, ebsauth_devt12 [archive:
/apps/Middleware/MW_HOME/OAM/appsutil/accessgate/devt12/fndauth.war], to
eag_server1 .>
[wlst] You have an edit session in progress, hence WLST will not
[wlst] block for your deployment to complete.
120. [wlst] Started the Deployment of Application. Please refer to the returned WLSTProgress
object or variable LAST to track the status.
[wlst]
[wlst] Successfully deployed fndauth.war application.
[wlst]
[wlst] Saving all your changes ...
[wlst] Saved all your changes successfully.
[wlst] Activating all your changes, this may take a while ...
[wlst] The edit lock associated with this edit session is released
[wlst] once the activation is completed.
[wlst] Activation completed
[wlst] Disconnected from weblogic server: AdminServer
[wlst] <May 4, 2014 4:02:42 PM MDT> <Warning> <JNDI> <BEA-050001> <WLContext.close()
was called in a different thread than the one in which it was created.>
BUILD SUCCESSFUL
Total time: 57 seconds
[appoam@usaslcoamr12t devt12]$
Redirect HTTP Server to WebLogic Server for Oracle E-Business Suite AccessGate
cd /apps/Middleware/MW_HOME/OAM/Oracle_WT1/instance/web1/config/OHS/ohs1
vi mod_wl_ohs.conf
<IfModule mod_weblogic.c>
WebLogicHost usaslcoagr12t.goldbar.barrick.com
WebLogicPort 7047
</IfModule>
#EBS Accessgate for crp2
<Location /ebsauth_crp2>
SetHandler weblogic-handler
WLProxySSL ON
WLProxySSLPassThrough ON
WebLogicHost usaslcoagr12t.goldbar.barrick.com
WebLogicPort 7047
</Location>
#for OAM
<IfModule weblogic_module>
<Location /oam>
SetHandler weblogic-handler
WLProxySSL ON
121. WLProxySSLPassThrough ON
WLCookieName jsessionid
WebLogicHost usaslcoagr12t.goldbar.barrick.com
WebLogicPort 14100
WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/mod_wl/oim_component.log"
</Location>
</IfModule>
SSOlogout test:
We should get blank page here.
http://usaslcoagr12t.goldbar.barrick.com:7043/ebsauth_devt12/ssologout_callback
http://slcr12devtap1.goldbar.barrick.com:8080/OA_HTML/AppsLogout
122. Set Oracle E-Business Suite profile options
Application Authenticate Agent --
http://usaslcoagr12t.goldbar.barrick.com:7777/ebsauth_crp2
Applications SSO Type --- SSWA w/SSO
Applications Single Sign On Hint Cookie Name --- Blank
Applications SSO Auto Link User -- Enabled
Applications SSO Login Types -- Both
Ebiz Patches:
Make below patches applied to ebiz instance.
12387976
14196434
16015113
Softlink Creation for oblog_config.xml
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/config
oblog_config.xml ->
/apps/Middleware/MW_HOME/OAM/Oracle_OAMWebGate1/webgate/ohs/config/oblog_conf
ig_wg.xml
Integrate E-Business with OID
[oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg -
registerinstance=yes
You are registering ORACLE HOME only.
Enter the host name where Oracle iAS Infrastructure database is installed ?
usaslcoamr12t.goldbar.barrick.com
Enter the LDAP Port on Oracle Internet Directory server ? 3060
Enter SSL LDAP Port on Oracle Internet Directory server ? 3131
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ?
[oraDEVT12@slcr12devtap1 ~]$
[oraDEVT12@slcr12devtap1 ~]$
[oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg -
registerinstance=yes
123. You are registering ORACLE HOME only.
Enter the host name where Oracle iAS Infrastructure database is installed ?
usaslcoamr12t.goldbar.barrick.com
Enter the LDAP Port on Oracle Internet Directory server ? 3060
Enter SSL LDAP Port on Oracle Internet Directory server ? 3131
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ?
Enter Oracle E-Business apps database user password ?
*** Log File =
/apps/DEVT12/inst/apps/DEVT12_slcr12devtap1/logs/appl/rgf/TXK/txkSetSSOReg_Thu_May_8
_16_48_47_2014.xml
Beginning input parameter validation for Oracle Home Instance registration.
Input parameter validation for Oracle Home Instance registration completed.
BEGIN ORACLE HOME INSTANCE REGISTRATION:
Oracle Home Instance preferences stored successfully.
Oracle Home Instance registered successfully.
End of /apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No
Errors encountered
[oraDEVT12@slcr12devtap1 ~]$
[oraDEVT12@slcr12devtap1 ~]$ $FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes -
provisiontype=4
You are registering this instance with OID Server.
Enter LDAP Host name ? usaslcoamr12t.goldbar.barrick.com
Enter the LDAP Port on Oracle Internet Directory server ? 3060
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ?
Enter the instance password that you would like to register this application instance with ?
Enter Oracle E-Business apps database user password ?
*** Log File =
/apps/DEVT12/inst/apps/DEVT12_slcr12devtap1/logs/appl/rgf/TXK/txkSetSSOReg_Thu_May_8
_16_51_42_2014.xml
Beginning input parameter validation for OID registration.
Input parameters validation for OID registration completed.
124. BEGIN OID REGISTRATION:
Beginning to register Application and Service containers if necessary.
Application and Service containers were created successfully if necessary.
Beginning to register application in Oracle Internet Directory.
Registration of application in Oracle Internet Directory completed successfully.
-> LOADING:
/apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/admin/template/AppsOIDRegistration.tmp
Beginning to register provisioning profile in Oracle Internet Directory.
Registration of provisioning profile in Oracle Internet Directory completed successfully.
Application is now registered successfully with provisioning in Oracle Internet Directory.
End of /apps/DEVT12/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No
Errors encountered
[oraDEVT12@slcr12devtap1 ~]$
[oraDEVT12@slcr12devtap1 ~]$