This blog describes about the Oracle Identity and Access Manager, Webgate, Kubernetes, Active Directory, SharePoint 2013, OAAM, IIS7.5 day to day issues and debugging info. As knowledge or learning's are something which needs to be shared. Enjoy :-)
Showing posts with label webgate r2ps2. Show all posts
Showing posts with label webgate r2ps2. Show all posts
Tuesday, 20 October 2015
Tuesday, 31 March 2015
Enabling Diagnostics Trace Level Log for OAM SERVER
OAM Server Diagnostics Logging - Never so easy................ That's a myth now... ;-)
To capture OAM Server logs for diagnosis, we now just need to add few logger statement in logging.xml.
Important Point to note here is that NO SERVER RESTART IS REQUIRED ...........!!!!!!!
So first question that strikes where is this logging.xml is placed?
Ans - It is present in the weblogic server domains directory, like/scratch/ckukreja/Oracle/Middleware/user_projects/domains/base_domain/config/fmwconfig/servers/wls_oam1/logging.xml
Note: My domain name is "base_domain" and oam server name is "wls_oam1"
Next question, why we need to see the OAM Server diagnostics?
Ans - It will help us to analyze the flow, like when webgate sends the IsRescProtected() NAP Call, in that case whether server is getting it or not. We can find it in the server logs. Moreover we can track that server thread, that what else operations it is performing. Whether sending success to webgate or failure. Or raising exception for performed operation.All this can be very helpful while debugging an issue.
Now what logger statement need to be added?
Ans - Following are the logs statement need to be added:<logger name='oracle.oam' level='TRACE:32'/>
<logger name='oracle.security.am' level='TRACE:32'/>
<logger name='oracle.oam.engine.policy' level='TRACE:32'/>
<logger name='oracle.oam.engine.session' level='TRACE:32'/>
<logger name='oracle.oam.engine.sso' level='TRACE:32'/>
<logger name='oracle.oam.engine.authz' level='TRACE:32'/>
Where to place the above snippet in the logging.xml?
Ans - You will find a statement "logger name='' level='ERROR:1'" in the file, place it just after its block.<logger name='' level='ERROR:1'>
<handler name='odl-handler'/>
<handler name='wls-domain'/>
<handler name='console-handler'/>
</logger>
<logger name='oracle.oam' level='TRACE:32'/>
<logger name='oracle.security.am' level='TRACE:32'/>
<logger name='oracle.oam.engine.policy' level='TRACE:32'/>
<logger name='oracle.oam.engine.session' level='TRACE:32'/>
<logger name='oracle.oam.engine.sso' level='TRACE:32'/>
<logger name='oracle.oam.engine.authz' level='TRACE:32'/>
Note: I have enabled the logs in TRACE level 32
Important Point to note here is that NO SERVER RESTART IS REQUIRED ...........!!!!!!!!
For more info related to logging, reference the below link:http://www.ateam-oracle.com/logging-made-easy-in-oam-11g-with-this-simple-trick/
Enjoy :-)
Monday, 27 October 2014
Exception: "Oracle AccessGate API is not initialized"
Problem Statement:
Following exception is seen while starting the OHS Server (which has webgate.so included):
"Exception thrown during WebGate initialization"
"Oracle AccessGate API is not initialized"
Issue:
This is surely a configuration related issue. Remember always first doubt the configuration and than the component. That's the thumb rule.
Solution:
1) Usually when we use security mode other than Open i.e. either Simple or Cert mode. We get this type of exception.
Now the question arises why?
Basically there are some steps that we follow to change the security mode.
Like for Simple Mode: http://oracleoam.blogspot.com/2014/08/configure-simple-mode-communication-for.html
- Here say if we don't provide the Global Passphrase Password. And we just apply the rest of the changes. So when we try to start OHS Server or any server using the webgate component. It will throw these exception.
Note:
- Here if you don't provide any password for global passphrase, you still see the field as non-empty but that value is junk. And it needs to be provided a valid password, which could be any. But you have to provide it.
- Basically while doing the SSL handshake with the OAM Server this password is passed with other values. That's why it is important to provide one.
Enjoy :-)
Saturday, 25 October 2014
Post Data Restoration and Long URL handling - OTD Webgate11g
Post Data Restoration and Long URL handling:
This feature is available in newer OTD Webgate 11g R2PS2 release dated '06/06/2014'.
While in the older OTD R2PS2 release dated '12-dec-2103', this feature is missing.
So kindly upgrade the webgate to the newer release.
To Download follow below link:
https://edelivery.oracle.com/EPD/Download/get_form?egroup_aru_number=15364661
- Open the above link & download the Part Number- V46017-01
Note:
- Although it is mentioned in the download setup 'Solaris SPARC 64bit', but it is generic installer. You can use it for all platforms.
- Currently this new OTD Webgate 11g R2PS2 is not available on OTN.
Enjoy :-)
Subscribe to:
Posts (Atom)