Showing posts with label OAM. Show all posts
Showing posts with label OAM. Show all posts

Monday, 19 October 2015

Configuring self signed SSL Certificates for OHS 11.1.1.7 or 11.1.1.9

Recently i came across a very good article by the a-team regarding configuring the SSL certificates signed by CA authority with the OHS.


Currently if we access a secured SSL port of OHS, our browser shows us a warning, and ask us whether to trust the certificate or not. Basically this certificate is the default one that comes with the OHS.
But in actual scenario's we need configure the SSL certificate of our organization that will be signed by CA authority like VeriSign.

It is also possible for us to generate the SSL Certificate & sign it by root CA i.e. basically our own CA, because for testing purpose we are not going to sign it by external CA.

So the article shared by a-team describes the steps to be followed to achieve the purpose.

http://www.ateam-oracle.com/setting-up-https-on-ohs-for-fusion-apps/



Enjoy :-)

Monday, 16 March 2015

OAAM Basic vs Advance vs Advance using TAP Integration with OAM

What all we will be covering?

  1. Understanding Basic OAAM Integration
  2. Understanding Advance OAAM Integration
  3. Understanding Advance TAP OAAM Integration
In this post we will be understanding Basic OAAM Integration

OAAM Basic Integration with OAM:

The basic integration of OAAM offers a limited set of functionality when integrated with OAM. There are extension libraries that bundles with OAM server itself, using which the basic integration is offered.

Knowledge Based Authentication is the only challenge mechanism offered in this basic integration.

What all is needed in this integration?

1) OAAM Admin Server
2) OAAM Database
3) OAM Admin + Managed Server

Note: Webgate 10g & 11g Agents are supported with this integration.

References:
http://docs.oracle.com/cd/E23943_01/doc.1111/e15740/aam.htm#AIING268


Enjoy :-)

Sunday, 30 November 2014

Installing & Configuring Apache 2.2 (64bit) on Solaris x86-64 Box

This post is divided into 3 sections: Installation, Configuration & Verification. 



So let's start the process.........


Installing Apache22-64bit-

  1. To install apache22, we need the source code & than need to build it. This will generate the binaries.
  2. Download the source code from http://httpd.apache.org/download.cgi#apache22 to your Solaris Sparc box.
  3. Now we need to 'export' some settings, i.e. per-requisites before we start the build process:
    1. export LD_LIBRARY_PATH=/usr/sfw/lib/amd64:/usr/local/lib/amd64
    2. export PATH=/usr/sfw/bin:/usr/ccs/bin:/usr/local/ccs/bin:/usr/local/bin:$PATH
    3. # if you want it 64 bits:
      1. export CFLAGS=”-m64″
    4. # if you want it 32 bits:
      1. # export CFLAGS=”-m32″
    5. export LDFLAGS=”-L/usr/sfw/lib/amd64″
    6.  
      4.  Unzip the downloaded apache22 source code.
      5.  Change the directory, move to the unzipped folder.
      6.  Now we need to configure the environment for building the source code, for this it is 
           required to execute the 'configure' script present in the directory.

           For eg: /scratch/ckukreja/apache22 is the directory where you have unzipped the 
                       source code
                       
                       bash$>ls -ltr configure

      7.  Execute the 'configure'  script.
           ./configure --with-included-apr --enable-so --prefix=/scratch/ckukreja/apache64



      8. Now we need to build & install the binaries. Do the following:
    • make



    • make install

     9. Now go to the directory where you have install apache22
    • Move to bin folder and execute the 'file' command on httpd executable file.
                 bash$> cd /home/ckukreja/apache22/bin 
                 bash$> file httpd
    • 'file httpd' - It's output will show you the type of file is it. Here it should show 64bit, if not than the binaries are of 32bit. Check the steps again.
    


Configure Apache22 on Solaris Sparc Box:

 As you have installed the apache22 on your Solaris Machine. Now it is required to configure it before we start the server.
  1. Go to the apache22 installation directory. Move to conf folder.
         bash$> cd /home/ckukreja/apache22/conf  
     2. Open httpd.conf file to edit it. 

          bash$> vi httpd.conf
    • Change the port from '80' to the one you want. Like we use '8080'.
    • By default username & group are configured as 'daemon'. Change them to the one you are logged in with.
    • Save the changes & close the file.

      3. Now come out of the conf folder & change your directory to bin folder.
          
         bash$>cd /scratch/ckukreja/apache64/bin

      4. Execute the apachectl executable. It will start the httpd server process.
    • ./apachectl -k  start

Verify the installation & configuration steps:

Try to access the default resource present on apache22 server like index.html.
Syntax: http://<hostname>:<port>/index.html
Eg: http://hostname:8080/index.html

It will display the "It Works!!!"



So guys you are done with the Installation & Configuration of Apache22-64bit on your Solaris x86-64 Machine..........!!!!!!!!!!!!!! :-)


Enjoy :-)

Saturday, 29 November 2014

Creating User in Oracle Internet Directory(OID)


Follow below steps to create a new user in OID:


1) Log in to weblogic console & check whether ODSM (Oracle Directory Server Management) console is up & running:

    http://<host:port>/console


    Note: The console for ODSM is 'wls_ods1' in my setup & running on port 7005.

2) Now log in to the ODSM Console - http://<host:7005>/ODSM


     Note: This setup is a freshly created, so we need to create a connection first.


3) Create a User Connection:




  • Provide the details such as hostname, password etc.



4) New connection is created:




5) Choose Data Browser Option:



  •  Expand the tree dc=com


  •  Double Click the user cn=orcladmin



6) Now we need to create a user: Here i have selected the option 'Create a new entry like this one'




7) Complete the process for new user creation:


  • Choose 'Next' on first page:


  •  Provide 'cn' entry name & choose the relative distinguished name as 'cn'


  •  On Optional Properties page, i have provided the new user password. Although this is a non-mandatory field.


  •  Choose 'Finish' to complete the process.


  •  New user is created.... Hurrahhhhh !!!!!!



Enjoy :-)

Friday, 28 November 2014

Basics of OID, OVD & OIF


What is OID?
  • Oracle Internet Directory is an LDAP directory that uses an Oracle Database for storage. 
  • Clients communicate with a directory server by means of the Lightweight Directory Access Protocol (LDAP).

How DATA is stored in OID?
  • It is stored in hierarchical format i.e. DIT (Directory Information Tree).
What all you can store in OID?

  • You can store passwords, connections information etc.

What is Oracle Integration Platform?

  • It enables you to sync the data to & fro between the databases. Like from OID to Finance Database.

What is the benefit of using OVD (Oracle Virtual Directory)?

  • OVD acts as an interface, which has adapters to connect to multiple data sources. It basically provides an LDAP Service using which you connect to different databases, directories.....
  • This adds an advantage to the organizations to use a single interface which actually in the background talking to multiple directories or databases.


What is OIF (Oracle Identity Federation)?

  • Oracle Identity Federation enables companies to share the identity information with their partner organizations i.e. the end user does not need to log in again to the partner site once he/she gets logged in to his/her company account. 
  • With this feature the enterprises can federate seamlessly with the partner organizations and no compromise needs to do with security checks.


Hope it solves some of your doubts......

Enjoy :-)


Tuesday, 25 November 2014

[Weblogic]: How to Deploy a Web App on OAM Weblogic Console

This post is divided into 3 sections:

1) Create a web-app.
2) Deploy it on the managed server.
3) Accessing the web-app.


Let's Start:

1) Create an web-app: For this i have an already created web-app, which contains a headers.jsp page.

  • headers.jsp - This page will be used to display all the HTTP Headers that are set by the OAM-Weblogic.

2) Deploy web-app:


  • Login to weblogic server: http://<host:port>/console

  • Once you gets logged in, select 'Deployment' option under Domain Structure.






Note: Before you move to next step, copy the web-app folder to the domain directory i.e.

Copy to this path: <MiddlewareHome>/user_projects/domains/<your_domain_name>/


  • Click 'install' button: This will lead you to deployment process.



  • Now select your app folder




  • Select the folder like here it is showing 'source' as it contains the app:


          Press Next....

Note
    • Here the 'source' folder has the web app pages, thus when we need to actually access these resources from the browser. We will fire the request as:
         http://<host:port>/source/Login.jsp
    • Thus in case if your folder name is something else, than you will access it from that name only.
         Syntax: http://host:port/<webapp folder name>/<resource name>
  • On next page: nothing needs to be change as of now, keep on selecting the default option. Just press next.



  • Available Targets: Select 'oam_server1' or you can also deploy it on Admin Server and press Next.


  • General Assistance: This will show you the selected options, here you just need to press Next.

Note: One thing that you need to make a note of is the deployment name. Because in future if you need to update the app, you need the name.

  • Finish: Click 'Finish' & it will deploy the app.




Note: Click the 'Activate Changes' button on the top left, this will apply the changes & no restart is required.

3) Accessing the web-app

  • We need to make changes in mod_wl_ohs.conf file, & we need to front end the deployed app.


        Note: Here i have front ended the app with OHS. 

    • '/source' is the app folder that we have chosen while deploying.
    • Mention the host name - this will be the host on which you have installed the OHS.
    • Mention the Port - this will be the port on which managed server is listening.
    • Save the changes.
    • Restart the OHS server.


  • Open the browser, fire the url - http://<host:port>/source/headers.jsp
  • It will redirect you to credential collector page. Provide the credentials.
  • And you will get the 'headers.jsp' resource.

  • Now you can even try to access other resources present on your OHS Server i.e. you have placed in htdocs folder. Like:
         http;//<host:port>/index.html

  • You will not be asked for the credentials again, as you have already logged in & your OAMAUthnCookie & OAM_ID cookies are present with your browser.



Enjoy :-)

Enable Debug Logs for OAM Server from Weblogic Console

Enabling Debug logs:

Let's start the process:

1) Log in to weblogic console: httpd://<host:port>/console




2) Select Environment option under Domain Structure:



  • Select Servers option:



3) Select oam_server1: As we need to enable the debug log for a specific component.



  • Select 'Debug' tab



4) Select the 'weblogic' & expand its view.



5) Select the component/s for which you want to enable the logging.



  • Click 'Enable' to apply changes.


Note:

  • Remember, it is possible that you might require to first select "Lock & Edit" option on top left of the screen. And than you need to "Activate Changes". So that it starts reflecting.
 
6) Now for the selected component you will start getting logging trace. You can view the logs for the same under:


  • Log File Path: <Middleware_Home>/user_projects/domains/<domain_name>/servers/oam_server1/logs/


  • File Name:


    1. oam_server1.log
    2. oam_server1-diagnostic.log


You are good to go.... Enjoy Debugging.....


Enjoy:-)

Monday, 10 November 2014

[OHS]: Configure Webgate to include Execution context ID (ECID)

Enabling Webgate ECID Logs:


1) Go to Webgate Instance Directory:

bash$> $OHS_HOME/instances/instance1/config/OHS/ohs1/

2) Change Directory to webgate config folder:

bash$> cd webgate/config

3) Open oblog_config_wg.xml file to edit it:

bash$> vi oblog_config_wg.xml

4) By default LOGLEVEL_ECID will be off. Thus it is required to 'On' the logging.

<!--  LOGLEVEL_ECID logs will be logged in a seperate file by default 
  --> 
- <!--  By default LOGLEVEL_ECID will be off.                           
  --> 
- <!--  To make it on change "LOG_STATUS" parameter to "On"             
  --> 
- <ValNameList xmlns="http://www.oblix.com" ListName="LogEcid2File">
  <NameValPair ParamName="LOG_LEVEL" Value="LOGLEVEL_ECID" /> 
  <NameValPair ParamName="LOG_WRITER" Value="MPFileLogWriter" /> 
  <NameValPair ParamName="FILE_NAME" Value="webgate.ecid.log" /> 
- <!--  Buffer up to 64 KB (expressed in bytes) of log entries before flushing to the file. 
  --> 
  <NameValPair ParamName="BUFFER_SIZE" Value="512" /> 
- <!--  Rotate the log file once it exceeds 50 MB (expressed in bytes). 
  --> 
  <NameValPair ParamName="MAX_ROTATION_SIZE" Value="52428800" /> 
- <!--  Rotate the log file after 24 hours (expressed in seconds). 
  --> 
  <NameValPair ParamName="MAX_ROTATION_TIME" Value="86400" /> 
  <NameValPair ParamName="LOG_STATUS" Value="Off" /> 
  </ValNameList>

5) Here we need to change the LOG_STATUS Value to "On"

<!-- <NameValPair ParamName="LOG_STATUS" Value="Off" /> -->

<NameValPair ParamName="LOG_STATUS" Value="On" />

6) If we want to get the logs write quickly, no buffer storage. We can reduce the BUFFER_SIZE to "1".

7) Save the changes. And we are good to go...!!!!
8) Restart the OHS Web Server.

9) You will see a log file created in the diagnoistics folder named "webgate.ecid.log"

bash$> cd $OHS_HOME/instances/<instance_name>/diagnostics/logs/OHS/ohs1/
bash$> ls *ecid*
webgate.ecid.log


Enjoy :-)

Monday, 13 October 2014

Installing & Configuring Apache 2.4 (64bit) on Linux Machine

This post is divided into 3 sections: Installation, Configuration & Verification. 



So let's start the process.........

Installing Apache 2.4 (64bit) on Linux Machine :

  1. To install apache 2.4, we need the source code & than need to build it. This will generate the binaries.
  2. Download the source code from http://httpd.apache.org/download.cgi#apache24 to your Linux 64bit box.
  3. Pre-requisites:
    1. Download & configure Apache Portable Runtime Libraries.
    2. Download, Install & Configure PCRE (Perl Compatible Regular Expressions).
  4.  Download APR & APR-Util:
    1. bash$> wget http://apache.tradebit.com/pub//apr/apr-1.5.1.tar.gz
      bash$> wget http://apache.tradebit.com/pub//apr/apr-util-1.5.4.tar.gz
    1. Untar both the archives.
                  bash$> gtar -xvzf apr-1.5.1.tar.gz
         bash$> gtar -xvzf apr-util-1.5.4.tar.gz

      4.  Now we need to copy the files from apr & apr-util unzipped folder to the apache 
           downloaded source code folder under "srclib".

               bash$> mv apr-1.5.1/* /scratch/ckukreja/apache24/srclib/apr
               bash$> mv apr-util-1.5.4/* /scratch/ckukreja/apache24/srclib/apr-util

      5.  Download the PCRE from http://sourceforge.net/projects/pcre/files/pcre/8.36/ 
    1. Install the pcre. 
          bash$> wget http://sourceforge.net/projects/pcre/files/pcre/8.36/pcre-8.36.tar.gz/download

              2. Configure it.

           bash$> gtar -xvzf pcre-8.36.tar.gz
           bash$> cd pcre-8.36
           bash$> ./configure --prefix=/scratch/ckukreja/pcre

              3. Do make & make install 
            bash$> make
            bash$> make install        
          
      6.  Now we need to configure the environment for building the apache2.4 source code, for this 
           it is required to execute the 'configure' script present in the directory.

           For eg: /scratch/ckukreja/apache24/httpd2.4.10 is the directory where you have unzipped 
                       the source code
                       
                       bash$>ls -ltr configure

      7.  Execute the 'configure'  script.
./configure --with-included-apr --enable-so --with-pcre=/scratch/ckukreja/pcre/ --prefix=/scratch/ckukreja/myapache

      8. Now we need to build & install the binaries. Do the following:
    • make
    • make install
     9. Now go to the directory where you have install "myapache"
    • Move to bin folder and execute the 'file' command on httpd executable file.
                 bash$> cd /home/ckukreja/myapache/bin 
                 bash$> file httpd
httpd: ELF 64-bit LSB executable, AMD x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), not stripped
    • 'file httpd' - It's output will show you the type of file is it. Here it should show 64bit, if not than the binaries are of 32bit. Check the steps again.
    

Configure Apache 2.4 on Linux Box:

 As you have installed the apache 2.4 on your Linux Machine. Now it is required to configure it before we start the server.
  1. Go to the "myapache" installation directory. Move to conf folder.
         bash$> cd /scratch/ckukreja/myapache/conf  
     2. Open httpd.conf file to edit it. 

          bash$> vi httpd.conf
    • Change the port from '80' to the one you want. Like we use '8880'.
    • By default username & group are configured as 'daemon'. Change them to the one you are logged in with.
    • Save the changes & close the file.
      3. Now come out of the conf folder & change your directory to bin folder.
          
         bash$>cd /scratch/ckukreja/myapache/bin

      4. Execute the apachectl executable. It will start the httpd server process.
    • ./apachectl -k  start

Verify the installation & configuration steps:


Try to access the default resource present on apache 2.4 server like index.html.
Syntax: http://<hostname>:<port>/index.html
Eg: http://slc0010:8880/index.html

It will display the "It Works!!!"


So guys you are done with the Installation & Configuration of Apache24-64bit on your Solaris Sparc Machine..........!!!!!!!!!!!!!! :-)