Showing posts with label OAM Console. Show all posts
Showing posts with label OAM Console. Show all posts

Thursday, 11 December 2014

Configuring DCC Webgate 11g with IIS7.5 on Windows 2008 R2

 Pre-requisites:

  1. IIS Server Role is already added: In case not follow Configure IIS Server Role
  2. IIS Site is created: 
    1. IIS Site Global Configuration IIS
    2. New Site Creation
  3. IIS R2PS2 Webgate is installed & configured with the IIS Sites: Configure IIS R2PS2 Webgate 11g

Let's start the process:

  • Open OAM Console : http://host:port/oamconsole
  •  Create Webgate Agent Profile:
    • We need to create 2 profiles: One is the resource webgate profile & other is DCC webgate profile.
  •  Create Resource Webgate Profile: rwg-9090
Note: I have configured my OAM Server in Simple Mode, that's why security mode is chosen as 'simple'.
  • Create DCC Webgate Profile: dcc-9091
Note: Once you have created  the profile, to make it DCC we need to tick the detached credential collector flag.
    • Once done the change, click apply to reflect the changes.
  •  Now we need to add resources to with the DCC profile just created:
    • We need to add a few excluded resources, so that no authentication/authorization is made for them.
    •  Select the dcc-9091 profile:
    •  Let's create excluded resource:

    •  We have created following excluded resources:
      • /favicon.ico
      • /oamsso-bin/login.pl
      • /oamsso/** - Note this is an additional resource to be excluded as for IIS this needs to be excluded. Other wise for other servers it is not required.
  •  Now we need to create a DCC Authentication Scheme: This scheme will be used by resource webgate & dcc webgate both.



  • Now we need to attach the both created authn scheme with the profiles:





  •  You can see that i have created 2 IIS sites & webgate is already configured with both of them.
  • Now copy the artifacts to the webgate instance directory in the respective resource & dcc webgate sites.
    • In our setup: we have rwg-9090 for resource webgate & dcc-9091 for dcc webgate.
  • Once done, restart the IIS Server: using the command 'iisreset'. 
  • Now access the protected resource webgate url:
          http://host:9090/welcome.html
    • Did you noticed you get this login page, having url as http://host:9091/oamsso-bin/login.pl
    • This is the challenge url that we have mentioned in the dcc authn scheme.
    • With DCC webgate in picture, the oam server ip port is mot visible to the end user, that's why it is a detached credential collector. It has detached the credential collection process from the OAM Server.
    • Now it is the DCC which creates OAP/NAP connections with OAM Server.


This end's the DCC Webgate Configuration with IIS 7.5/8.5 on Windows 2008 R2.

Enjoy :-)

Saturday, 29 November 2014

Creating User in Oracle Internet Directory(OID)


Follow below steps to create a new user in OID:


1) Log in to weblogic console & check whether ODSM (Oracle Directory Server Management) console is up & running:

    http://<host:port>/console


    Note: The console for ODSM is 'wls_ods1' in my setup & running on port 7005.

2) Now log in to the ODSM Console - http://<host:7005>/ODSM


     Note: This setup is a freshly created, so we need to create a connection first.


3) Create a User Connection:




  • Provide the details such as hostname, password etc.



4) New connection is created:




5) Choose Data Browser Option:



  •  Expand the tree dc=com


  •  Double Click the user cn=orcladmin



6) Now we need to create a user: Here i have selected the option 'Create a new entry like this one'




7) Complete the process for new user creation:


  • Choose 'Next' on first page:


  •  Provide 'cn' entry name & choose the relative distinguished name as 'cn'


  •  On Optional Properties page, i have provided the new user password. Although this is a non-mandatory field.


  •  Choose 'Finish' to complete the process.


  •  New user is created.... Hurrahhhhh !!!!!!



Enjoy :-)