Showing posts with label Webgate. Show all posts

Saturday 23 August 2014

Deploy OAM11g R2PS2 Webgate on IIS7.5 Windows 2008

Installing Webgate On IIS7.5 Windows Server 2008R2

This post is part of series Enabling Impersonation Module in OAM11G R2PS2 IIS7.5

1) Download the Webgate 11g R2PS2 for Windows.

2) Extract the webgate.zip.

3) Go to Disk1 folder present under webgate folder.

4) Copy the path & open command prompt.

a. Change your directory to the path copied above.

5) Now execute the setup.exe followed by jre location

o It will start the installation process.

6) Now follow the steps:

o Press Next

· Skip Software Updates

· Perquisite Checks – Proceed Next

· Installation Location: Provide the installation directory location.

· Installation Summary: Proceed Next to start the Installation

· Installation Started:

· Installation Completed:

So we are done with the Webgate Installation... Now let's proceed to Configuration Phase.. :-)

Configure Webgate with IIS7.5

1) Go to the Webgate Home Directory ->

a. It is the location where we have install the webgate.

For Eg: Our WG Home Location

C:\oracle\product\11.1.1\as_3

b. Go to the deployWebgate folder present under

C:\oracle\product\11.1.1\as_3\webgate\iis\tools\deployWebGate

c. Execute deployWebGateInstance.bat script

You can see the arguments passed to the script (self-explanatory)

d. Now we need to execute ConfigureIISWebGate.bat present under

C:\oracle\product\11.1.1\as_3\webgate\iis\tools\ConfigureIISConf

e. Your site is now mapped with the webgate. To show this mapping. Go to your webgate home location -> lib folder -> open webgate.ini

· Now we need to add artifacts to the webgate instance dir (config folder).

· Restart the IIS Server.

Guys we are done with the Webgate deployment on Windows Server 2008 R2 on IIS7.5 Web Server....!!!!!

Enjoy :-)

Thursday 21 August 2014

Creating an IIS7.5 New Site (Integrated Mode)

Creating an IIS7.5 Site in Integrated Mode:

This post is part of series Enabling Impersonation Module in OAM11G R2PS2 IIS7.5

· Go to Sites -> Right Click -> Add New Site

· Now provide the details & Press Ok. Your site is created now.

o If you explore your site, you will see that perl & cgi handler are already present.

Because we have added them at global site level already.

· Remember the name of the site created. Like we created a site with name “ecc_ship_r2ps2”.

o As this name is required at the time of webgate configuration.

1) Application Pool –

This site created above is in “Integrated Mode”.

Note: Here the .net version is v2.0 but if in future we want to use ObPrincipalModule.dll with our deployed app than this version needs to be changed to v4.0

2) Check Handler Mapping:

Go to IIS -> <Your Site> -> Open Handler Mapping

Note: In case you see that ISAPI.dll is disable, it means it is not having execute permission. Just right click & enable it.

o Give Execute Permission to it.

We are done with IIS7.5 new site creationin Integrated Mode............!!!!!!!!!!!!!!!

Enjoy :-)

Integrating OAM 11G R2PS2 Webgate Impersonation Module in IIS7.5 Windows 2008 R2

Lets start the process: Just follow below steps :-)

1) Follow Steps for Pre-requisites (Windows Server 2008 R2)

· IIS 7.5 Server Role Configuration

· IIS7.5 Site Configuration -

2) How to Perform –

· WebGate11g Installation & Configuration on Windows 2008R2 - IIS7.5 Server

· Enabling Impersonation Module

3) Troubleshooting Section (to be updated soon)

4) Configuring DCC Webgate in IIS 7.5-

DCC Webgate Configuration with IIS 7.5

IIS7.5 Global Site Default Configuration

Global Site Configuration Steps:

This post is part of series Enabling Impersonation Module in OAM11G R2PS2 IIS7.5

1) Considering IIS Server Role is already added to your Windows Server 2008 R2 Box.
In case not than open below mention link.

IIS7.5 Server Role Configuration

2) As we have added the IIS role in our Windows Server, now we need to create a site using which we will do the configuration with webgate.

3) Go to Start -> Internet Information Services (IIS) Manager

4) Explore the localhost connection

5) Adding support for perl & cgi execution -> Go to Handler Mappings

In case you see, ISAPI.dll as disabled than enable it. Either you can enable it at global level or it can be enable per site basis as well.
Now we need to add the support for cgi & perl script execution. Their support can be added at global or per site level basis.
We are adding them at global site level.

Add Script Map for .pl & .cgi support

· Checking Execute Permission

Check whether execute permission is granted or not to both .cgi & .pl handlers. In case it is not, than provide it execute permission.

You are done with Global Site Configurations...........!!!!!!!!!!!

Enjoy :-)

Friday 1 August 2014

Configure Simple Mode Communication for OAM 11G R2PS2

Let's Start................

Open the oamconsole (http://<host.domain:7001>/oamconsole)

1) Go to Server Instances:

2) Open your Server Instance:

3) Change the Mode to Simple Mode:

3.a) Apply the changes:

4) Go to Access Manager Settings:

4.a) Provide the Global Passphrase:

4.b) Apply the changes

5) Now Go to SSO Agents:

5.a) Open your SSO Agent

5.b) Change the Mode to Simple

5.c) Apply the changes.

6) Restart the managed server.

7) Now we need to copy the artifacts generated in <MW_HOME>/user_projects/domains/base_domain/output/<webgate_profile_name>/

    a) cwallet.sso
    b) ObAccessClient.xml
    c) password.xml

   Copy them to the config folder of Webgate instance directory i.e.
<MW_HOME>/Oracle_WT1/instances/<instance_name>/config/OHS/ohs1/webgate/config

above path is for non windows server.
For Windows Server (say IIS) - C:\oracle\product\11.1.1\<webgate_instance_name>\config\

8) Similarly copy aaa_cert.pem & aaa_key.pem files to simple folder in Webgate instance config folder.

9) Restart the Web Server Instance.

Your Simple Mode Security Communication is configured & ready to use.

For detailed information you can refer to following link:

Oracle OAM 11G R2PS2 Guide - Simple Mode Configuration

Enjoy ............... :-)