More than just Identity & Access Management: November 2012

Friday, November 9, 2012

Oracle Access Manager(OAM) 11g R2 + Oracle HTTP Server(OHS) WebGate + Internet Explorer issue

Hi folks,

Environment:

OAM 11g R2 + OHS 11g R2 Webgate

Symptoms:

When attempting to access a resource protected by an OAM 11g WebGate using Internet Explorer, the access hangs or page fails to load. Accessing the same page from Firefox is successful.

Cause:

This problem may occur due to a clock skew between the browser host and the system hosting the OAM 11g WebGate.
The reason this may cause a problem is that when the initial request is made, the OAM 11g WebGate will set an OAMRequestContext<hostname> cookie, eg, OAMRequestContext_myhost.oracle.com:7777_1234.
This is a persistent cookie, meaning it has a set time to expire, generally 5 minutes after creation. After the user authenticates with the OAM server and is redirected back to the WebGate, the WebGate expects to see this request context cookie.
If it is not present, the OAMAuthnCookie is not set, which establishes the user's identity to the webgate. The user is redirected to the original resource, but with no OAMAuthnCookie set the WebGate determines the user is not authenticated,
and redirects the user to the OAM server for authentication. The OAM_ID cookie was set during the login by the OAM managed server, so the OAM managed server realizes the user is authenticated, and redirects back to the WebGate, creating a loop.

Resolution:

Fixed in OAM 11g R2 BP 01

Thanks

Siva Pokuri.

Thursday, November 8, 2012

Oracle Access Manager 11gR2 (11.1.1.2.0) Installation and Configuration on Linux Server (64-bit)

Pre_Requirements

Web logic server latest version should be installed. Installation Here.

Installation

1. Navigate to setup directory.

2. Execute "./runInstaller"

3. Click Next.

4. Select Skip Software Updates and click Next.

5. Click Next.

6. Click Next.

7. Click on Install.

8. Click Next.

9. Click Finish.

Configuration

Pre-Requirements:-

Oracle Data base Installed and configured. Server should be up and running. For Installation Click Here
Extract RCU schema to Database. For process Click Here.

1. Navigate to cd $ORACE_Middleware_Home/Oracle_IDM1/common/bin/

2. Run "./config.sh"

3. Select create a new WebLogic doamin. Click Next

4. Select Oracle Access Management-11.1.2.0.0. Automatically OPSS and oracle JRF will be selected. Click Next

5. Define the domain name. Click Next

6. Define Password. Click Next

7. Select JDK. Click Next

8. Select each component and provide host name and owner password. Click Next

9. Verify the schema connect to DB. Click Next

10. Select First two options. Click Next

11. Define port number. Click Next

12. Click Next

13. Click Next

14. Click Next

15. Click Create

16. Click Done.

Process of create Policy store in database

1. Navigate to cd $ORACLE_Middleware_Home/oracle_common/common/bin
2. Execute the following commands.For each command it will show you the success messages as below screen shots.

./wlst.sh $ORACLE_Middleware_Home/Oracle_IDM1/common/tools/configureSecurityStore.py -d $ORACLE_Middleware_Home/user_projects/domains/OAM_domain -c IAM -p <password> -m create

./wlst.sh exportEncryptionKey(jpsConfigFile="$ORACLE_Middleware_Home/user_projects/domains/OAM_domain/config/fmwconfig/jps-config.xml", keyFilePath="/tmp/myDir" ,keyFilePassword="Password")

./wlst.sh $ORACLE_Middleware_Home/Oracle_IDM1/common/tools/configureSecurityStore.py -d $ORACLE_Middleware_Home/user_projects/domains/OAM_domain -c IAM -p Passw0rd1 -m join -k myDir -w password

$ORACLE_Middleware_Home/Oracle_IDM1/common/tools/configureSecurityStore.py -d $ORACLE_Middleware_Home/user_projects/domains/OAM_domain -m validate

Create policy store is successful.

Start Admin/Managed Servers:-

Navigate to $ORACLE_Middleware_Home/user_projects/domains/OAM_domain/bin/

./startWebLogic.sh

./startManagedserver.sh oam_server1

Oracle Access Manager Console "http://localhost:7001/oamconsole"

Oracle Weblogic Server Console "http://localhost:7001/console"

Cheers...!!!!
Kiran Pokuri

Wednesday, November 7, 2012

RCU 11gR2 Configuration for IAM Conponents in Linux servers (64-bit)

RCU 11gR2 Configuration in Linux server (64-bit)

Download:-

Download the latest Repository Creation Utility from Download

Installation:-

1. Navigate to "cd /rcuHome/bin"
2. Execute the setup file "./rcu"

3. Select Create option and Click Next.

4.Mention all required data base connection details and click Next.

5. Click OK

6. Select the required Components to extend the schema to DB. Click Next

7. Click OK.

8. Provide the Password.Click Next.

9. Click Next.

10. Click OK

11. Click Create.

12. Extending Schema to Database is successful
13. To Check the schema in Database follow the below steps.
14. Navigate to "cd $ORACLE_HOME/sqldeveloper/
15. Execute "./sqldeveloper.sh"

16.Right Click on Connection and select New Connection.

17. Provide all required database connection details.

18. Click on Test button to check the connection status. You can find the status at left bottom corner. If Status is Success then Click on Connect.

19. It will show the schema which is associated to SYS user.Click on Othe Users at last option to see the IAM components schemas.

20. Here we ca find the individual user for individual component.

.
Hope this post will be useful.

Cheers...!!!!
Kiran Pokuri

Tuesday, November 6, 2012

Oracle Data Base 11gR2 Installation in Linux server (64-bit)

Oracle Data Base Download

Download oracle data base latest version from Download.

Pre-Requirements

Required RPM's:-

libaio-devel-0.3.106-5.x86_64.rpm

unixODBC-devel-2.2.11-10.el5.x86_64.rpm

sysstat-7.0.2-3.el5.i386.rpm

libaio-devel-0.3.106-3.2.i386.rpm

Kernal Perameters :-

vi /etc/security/limits.conf

Add the below lins at bottom of the file.

oracle soft nproc 4069

oracle hard nproc 4069

oracle soft nofile 4069

oracle hard nofile 4069

Kernal perameters are also can change while installing database.

Environment Variables :-

export ORACLE_HOME=/home/oracle/app/oracle/product/11.2.0/dbhome_1/

export ORACLE_BASE=/home/oracle/

export ORACLE_SID=orcl

export PATH=/usr/sbin:$ORACLE_HOME/bin:$PATH

export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib:/usr/lib64

export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib

Operating Systems :-

Linux Redhat version 5 (64-bit)

Installation

1. Navigate to setup directory.

2. Run the installer as "./runInstaller"

3. It will check all the pre requirements to Pass.

4. Uncheck the security updates and Click Next.

5. Select Create and configure a database and Click Next.

6. Select Serer Class and Click Next.

7. Select Single instance database installation and Click Next.

8. Select Typical install and Click Next.

9. Set the Administrative Password and Click Next.

10. Click Next.

11. Click Finish.

12. After sucessful installation and configuration this is the fine screen. Verify SID name and Enterprise Manager URL. Click OK.

Steps to Start the DB :-

1. Navigate to cd $ORACLE_HOME/bin

2. ./lsnrctl start

3. ./dbstart $ORACLE_HOME

4. Execute sqlplus / as sysdba

5. Execute "startup"

Enterprise Manager URL :-

https://<hostname>:1158/em

Cheers!!!!!

Kiran Pokuri