In this tutorial, you will learn how to configure Single Sign-On using WebGate and Oracle HTTP server.
WebGate is the policy enforcement agent that is typically deployed on the web tier to filter HTTP requests to ensure authentication before they reach the application.
The following sections outline the steps for installing and configuring WebGate with Oracle HTTP server.
Follow these steps to install WebGate on your application's host:
- Download the WebGate installer onto your Oracle HTTP Server host. You can find it on the Oracle Technology Network (OTN).
- Because WebGate is a C++ implemented component, you will also need to have the correct GNU Compiler Collection (GCC) libraries downloaded and made available on your host.
- Unzip the executable. This should result in a directory named Disk1. Go to Disk1 and launch the Oracle Installer using
- When prompted for the JRE/JDK location, enter
~/products/jdk<version>from your OHS installation.
- Proceed with the Oracle Universal Installer. For the directory locations, we use
- When prompted for the GCC libraries location, specify the folder containing the GCC libraries, and proceed.
$MW_HOME, you should now see
Oracle_OAMWebGate1if you look at the default values during the installation.
Creating and Registering a WebGate Instance for Single Sign-On
Create a WebGate instance on the host server for the OHS. Here are the steps to follow:
- Go to
~/products/Oracle_OAMWebGate1/webgate/ohs/tools/deployWebGateand then run the following commands (the command will modify the OHS instance configuration registered with WebGate):
$ ./deployWebGateInstance.sh -w ~/yourapplicationinstance/config/OHS/yourapp -oh ~/products/Oracle_OAMWebGate1
Copying files from WebGate_Oracle_Home to WebGate_instancedir
$ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:~/products/Oracle_WT/lib $ cd ~/products/Oracle_OAMWebGate/webgate/ohs/tools/setup/InstallTools $ ./EditHttpConf -w ~/yourappinstance/config/OHS/appohs -oh ~/products/Oracle_OAMWebGate1 -o webgate.conf
- Go to
ORACLE_HOME/oam/server/rreg/inputin the OAM installation directory and modify
OAM11GRequest.xmlby setting values for these parameters:
<serverAddress>Set this to the OAM Admin Server URL.
<agentBaseUrl>Set this to the OHS URL.
<hostIdentifier>Set this to RREG_Web1 to identify the OHS host.
<agentName>Set this to RREG_Web1_agent1 to identify the agent.
<applicationDomain>Set this to RREG_yourappDomain to identify the domain.
<logoutCallbackUrl>Set this to /oam_logout_success.
Save the changes.
- Go to
- Change the file permission of
oamreg.shby using the
chmod 777 oamreg.shcommand.
- Make sure
JAVA_HOMEin the environment is set to
- Go to
$ORACLE_HOME/oam/server/rreg/and execute the following command:
$ /bin/oamreg.sh inband input/OAM11GRequest.xml
When prompted for the username and password, enter the administrator names for OAM server. When prompted for the WebGate password, enter N and proceed. When prompted for URIs file, enter N and proceed.
- When finished, go to
ObAccessClient.xmlto the OHS machine web1 and make them available under
- Restart OHS on web1 with the following command:
$ cd ~/yourapp/bin $ ./opmnctl stopall $ ./opmnctl startall
You have completed the WebGate registration. You should be able to access your application web interfaces using the URL, for example,