Thursday, July 9, 2015

SSO Installation : Webgate installation


 ..In Our previous page we created Installation Procedure for Oracle Access Manager                     

1.Double Click Setup.exe
2. Specify the jdk Path.
3. In my case jave path is → C:\Java\jdk1.8.0
4.Click Next to proceed to next screen.

5.A prerequisites check is done by the installer.
6.Provide location of our Web_tier Home Directory.
7.Click Next
                          

Webgate Configuration:
You must complete the following steps after installing Oracle HTTP Server 11g Webgate for Oracle Access Manager:
1.Go to the Following Directory Under Webgate Folder.
D:\Web_Tier\Oracle_OAMWebGate1\webgate\ohs\tools\deployWebGate

2. Run the following command to copy the required agent from the Webgate_Home directory to the Webgate Instance location:

./deployWebGateInstance.bat -w D:\Web_Tier\Oracle_WT1\instances\ohs_instance\config\OHS\ohs1 -oh D:\Web_Tier\Oracle_OAMWebGate1

3. Go to the following Directory <Webgate_Home>\webgate\ohs\tools\EditHttpConf
In my Case D:\Web_Tier\Oracle_OAMWebGate1\webgate\ohs\tools\EditHttpConf
4. Run the following command to copy the apache_webgate.template from the Webgate_Home directory to the Webgate Instance location (renamed to webgate.conf) and update the httpd.conf file to add one line to include the name of webgate.conf:
EditHttpConf.exe -w <Webgate_Instance_Directory> [-oh <Webgate_Oracle_Home>] [-o <output_file>]
In my Case
EditHttpConf.exe -w D:\Web_Tier\Oracle_WT1\instances\ohs_instance\config\OHS\ohs1 -oh D:\Web_Tier\Oracle_OAMWebGate1 -o webgate.conf
Register the New Webgate Agent
Setting Up the RREG Tool
1.After installing and configuring Oracle Access Manager, navigate to the following location:
<Oracle_IDM2>\oam\server\rreg\client
In My Case: D:\OBIEE_HOME\Oracle_IDM1\oam\server\rreg\client

We have to extract RREG.tar file Into this folder RREG_Home
2. Set the following environment variables  in the oamreg.bat script:
OAM_REG_HOME=D:\RREG_Home\rreg
JDK_HOME="C:\Java\jdk1.8.0\bin\java"
Updating the OAM11gRequest.xml File
We must update the agent parameters, such as agentName, in the OAM11GRequest.xml file located in the D:\RREG_Home\rreg\input directory .
Modify the following required parameters in the  OAM11GRequest.xml file.
In my case I have renamed it into MyOAM11GRequest.xml.
After modifying the file, save the file and close.
In-Band Mode
If we run the RREG tool once after updating the Webgate parameters in the OAM11GRequest.xml file, the files and artifacts required by Webgate are generated in the following directory:
<RREG_Home>/output/<agent_name>
In my Case
D:\RREG_Home\rreg\output.
Run the following command on the command line:
./<RREG_Home>/bin/oamreg.sh inband input/OAM11GRequest.xml
In my Case:
D:\RREG_Home\rreg\bin\oamreg.bat inband input/myOAM11GRequest.xml.
When we run the above comment it prompted to Enter Admin User Name:
In My case
User Name: weblogic
Password:Admin123
Click Enter
Again It prompted to below Question.
we have to give NO for both Questions.
Do you want to enter a Webgate password?(y/n):No
Do you want to import an URIs file?(y/n):No

Files and Artifacts Generated by RREG

After Executing Above comment RREG generated Two files in Output Folder.
In My case
D:\RREG_Home\rreg\output\RREG_testOAM11G

1.cwallet.sso
2.ObAccessClient.xml


Copying Generated Files and Artifacts to the Oracle HTTP Server WebGate Instance Location
1.After RREG generates these files and artifacts, you must manually copy them, based on the security mode you are using, from the RREG_Home/output/Agent_ID directory to the WebGate_Instance_Home directory.
2.copy the following files from the RREG_Home/output/Agent_ID directory to the WebGate_Instance_Home/webgate/config directory:
In my Case
D:\RREG_Home\rreg\output\RREG_testOAM11G to D:\Web_Tier\Oracle_WT1\instances\ohs_instance\config\OHS\ohs1\webgate\config
  • cwallet.sso
  • ObAccessClient.xml

Generating a New Certificate
1.Go to the D:\Web_Tier\Oracle_OAMWebGate1\webgate\ohs\tools\openssl Directory
Run The Following Comment.
openssl req -utf8 -new -nodes -config openssl_silent_ohs11g.cnf -keyout aaa_key.pem -out aaa_req.pem -rand D:\Web_Tier\Oracle_OAMWebGate1\webgate\ohs\config\random-seed
After running Above comment Its created Two files.
  • aaa_cert.pem
  • aaa_key.pem
2. Self-sign the certificate as follows:
D:\Web_Tier\Oracle_OAMWebGate1\webgate\ohs\tools\openssl /openssl ca -config openssl_silent_ohs11g.cnf -policy policy_anything -batch -out aaa_cert.pem -infiles aaa_req.pem

 Copy the following generated certificates to the D:\Web_Tier\Oracle_WT1\instances\ohs_instance\config\OHS\ohs1\webgate\config directory:
  • aaa_key.pem
  • aaa_cert.pem
  • cacert.pem located in the simpleCA directory

After copying the cacert.pem file, you must rename the file to aaa_chain.pem

Restarting the Oracle HTTP Server Instance
D:\Web_tier\Oracle_WT1\instances\ohs_instance1\bin\opmnctl restartproc ias-component=ohs1

Now Start All the servers:
1.Start Bi Service
2.Start Admin Server for Oam D:\OBIEE_HOME\user_projects\domains\base_domain\bin\StartWeblogic.bat
3.start Managed server for oam
Run below Comment In cmd
D:\OBIEE_HOME\user_projects\domains\base_domain\bin\startManagedWebLogic.cmd oam_server1
Make sure that all server should be up and running.
If i have given following url

3 comments: