Scribd
Upload
185 views8 pages

Enale SSO Hyperion

This document provides instructions for setting up single sign-on for EPM System Release 11.1.2.x resources using Oracle Access Manager 11g Webgate. It describes prerequisites and two options for registering a new Webgate with OAM and defining protected and unprotected EPM System URLs: using the RREG tool or OAM Administration Console. Key steps include running tools to copy files, registering the Webgate, creating an application policy domain, and copying required security artifacts to the Webgate instance location.

Uploaded by

Mohammed Abdul Sami
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
185 views8 pages

Enale SSO Hyperion

This document provides instructions for setting up single sign-on for EPM System Release 11.1.2.x resources using Oracle Access Manager 11g Webgate. It describes prerequisites and two options for registering a new Webgate with OAM and defining protected and unprotected EPM System URLs: using the RREG tool or OAM Administration Console. Key steps include running tools to copy files, registering the Webgate, creating an application policy domain, and copying required security artifacts to the Webgate instance location.

Uploaded by

Mohammed Abdul Sami
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Setting up EPM System Release 11.1.2.

x Resources for SSO Using


Oracle Access Manager 11g Webgate for Oracle HTTP Server
Prerequisites
1. A fully functional Oracle Access Manager (OAM) deployment.
2. A working Webgate deployment on which the following post installation configuration steps
were performed:

Run
share same

to copy OAM agent components from


to Webgate instance location. Webgate instance and Oracle HTTP Server
. Typically,
is located in
directory.

Run

utility to perform these steps:


o

Copy
instance location to create

Update
requires

from WEBGATE_HOME to webgateWebgate

with an additional line to include


environment variable to be set.

. This step

Registering a New Webgate and Defining Protected and Unprotected


EPM System URLs
The following two methods are available to register a new Webgate and setup protected and
unprotected EPM System URLs.

Option1: Using RREG Tool to Register Webgate


Option2: Using OAM Administration Console to Register Webgate

Option1: Using RREG Tool to Register Webgate


Generally, RREG Tool is located in

directory.

Registering Webgate
You can use Inband or outofband mode to register Webgate. Irrespective of the mode you use,
that contains all of the required Webgate and OAM Server parameters should
be passed as an argument to the RREG Tool.
1

Oracle Corporation

Draft 1

A sample OAM11gRequest.xml file:

RREG Tool creates the following components based on the values set in

OAM 11g Webgate

Host Identifier for Oracle HTTP Server

Running RREG TOOL in inband mode generates required files and artifacts for Webgate in
. Copy the following generated artifacts from
to Webgate instance location:
Open Mode

cwallet.sso

ObAccessClient.xml

Simple Mode

password.xml

aaa_key.pem

aaa_cert.pem

Oracle Corporation

Draft 1

Creating an Application Policy Domain for EPM System


You use the
option of RREG Tool to create OAM application policy domain with
protected and public resources. This command requires the location of an application domain request
definition file (
and configuration file (
) that defines
protected and unprotected EPM System resources. Sample syntax to use the policyCreate option:
Contents of a Sample Application Domain Request File (ApplicationPolicyDomain.xml)

Sample Configuration File Containing Protected and Unprotected EPM System Resources
(epm.conf)

Oracle Corporation

Draft 1

Oracle Corporation

Draft 1

Option2: Using OAM Administration Console to Register Webgate


Webgate registration using OAM Administration Console is a process involving these steps:
1. Creating a Host Identifier
2. Creating Webgate with Protected and Public URLs
3. Copying Artifacts into Webgate Instance

Creating a Host Identifier


To create a host identifier:
1. Login to OAM Console using a URL similar to the following:

2. On Policy Configuration, select Browse, then Shared Components, and then Host Identifiers.

Oracle Corporation

Draft 1

3. Click Create. Create Host Identifier is displayed.

4. Enter Name, Hostname, and Port variations for the Host Identifier
5. Click Apply Changes.

Creating Webgate with Protected and Public URLs


To create Webgate with Protected and Unprotected URLs:
1. Login to OAM Console using a URL similar to the following:

2. On System Configuration, select Access Manager Setting, and then OAM Agents.

Oracle Corporation

Draft 1

3. Click Create 11g Webgate. Create OAM 11g Webgate is displayed.

4. Enter Name and Base URL.


5. Select the appropriate Security mode. Open is the default security mode.
6. Enter Host Identifier.
7. Add Protected URLs in Protected Resource List and unprotected URLs in Public Resource List.
See Sample Configuration File Containing Protected and Unprotected EPM System Resources for
a list or private and public URLs.
8. Click Apply Changes.

Oracle Corporation

Draft 1

Copying Artifacts into Webgate Instance


The preceding procedures create OAM 11g Webgate and Application Policy Domain with Protected and
Public resources. Depending on the security mode you selected while creating Webgate with protected
and unprotected URLs, the following required artifacts are created in
You must copy the artifacts into the Webgate
instance location.
Open Mode
cwallet.sso
ObAccessClient.xml
Simple Mode
password.xml
aaa_key.pem
aaa_cert.pem

Oracle Corporation

Draft 1

You might also like