This is part IX of step by step installation of Oracle Identity Management (OAM, OIM, OAAM, OAPM & OIN) which covers configuring WebGate for Oracle Access Manager 11.1.1.3.0 .
- For Part I Download Software and create Schema click here
- For Part II Install WebLogic Server 10.3.3 click here
- For Part III Install SOA Server and Upgrade to 11.1.1.3 click here
- For Part IV Install IDAM 11.1.1.3 click here
- For Part V Create Domain for OIM, OAM, OAAM, OAPM & OIN click here
- For Part VI Configure Identity Manager click here
- For Part VII Install & Configure OIM Design Console click here
- For Part VIII Configure LDAP Sync with OIM 11g click here (Optional – Required only for OAM-OIM Integration)
In this post I am going to show how to install 11g WebGate for Oracle HTTP Server (OHS) 11g with OAM 11g server..
OAM WebGate : also known as AccessGate (in 10g) or OAM Agent (in 11g) is a Web Server Plug-in installed with WebServer (OHS, IIS, Apache, IBM WebServer) and communicates with Oracle Access Manager Server (Access Server in OAM10g). When user access a resource protected by Oracle Access Manager (OAM) then WebGate communicate with OAM to find how resource is protected and ask user to provide credential based on Authentication Policy set for resource. For Request flow for WebGate check my earlier post here . For overview of Agents in OAM 11g (OAM Agents & OSSO Agent) click here
Note: WebGate of version 10g or 11g is certified with OAM 11g.
.
High level installation/configuration step points for OAM 11g/10g WebGate
1. Ensure that WebServer is already installed for which you wish to install/configure WebGate.
2. Download WebGate for your WebServer. Download latest WebGate wherever applicable (For OHS 11g use 11g WebGate, for OHS 10g, IHS, IIS, Apache use 10.1.4.3 webgate).
3. Create instance of WebGate on OAM server (This can be done either by GUI or Command line) a.k.a. Provisioning WebGate .
a) GUI using OAM Administration Console.
b) Command Line using Remote Registration Tool (RREG) – RREG is available in two modes (in-band or out-of-band) . More on Remote Registration Utility here
4. Install WebGate on machine where Web Server is running.
5. Configure Web Server to include WebGate configuration (adding webgate.conf in httpd.conf)
6. Copy artifacts/files created by WebGate registration (in step 3) to WebGate Instance directory (created in step 4 above).
7. Restart Web Server
8. Test WebGate installation.
.
Key points for OAM 11g WebGate Installation
1. Currently (as of 3rd Jan 2011) 11g WebGate is available for Oracle HTTP Server 11g only. If you wish to configure WebGate for OHS 10g, IIS (Microsoft), IHS (IBM HTTP Server) or Apache HTTP Server then user 10g WebGate for OAM 11g.
2. An Instance of WebGate must be created on OAM Server (aka Provisioning Agent) which can be either done via Graphical Tool (OAM Administration Console) or Command Line tool (Remote Registration Tool – RREG)
3. Remote Registration Tool (RREG) can be run in two modes i.e. in-band mode or out-of-band mode. In-Band mode is used where WebServer/WebGate and OAM server are managed by same team where as Out-of-band mode is used where WebServer/WebGate is managed by one team and OAM server is managed by different team.
4. 11g WebGate requires JRE 1.6 , use JDK 1.6 shipped with OHS 11g to install 11g WebGate.
5. WebGate on Unix/Linux machine requires compatible GCC which can be downloaded from here (under GCC Libraries for Oracle Identity Federation)
.
.
WebGate (10g/11g) Installation Steps with OAM 11g
1. Download WebGate 11g from here under “Oracle Access Manager WebGates (11.1.1.3.0)“. For 10g WebGate download them from here under “Oracle Access Manager 10g – non OHS11g Webgates and 3rd Party Integrations”
2. Register WebGate with OAM Server using Remote Registration Tool in inband mode
2.1 cd $ORACLE_HOME/oam/server/rreg
2.2 set OAM_REG_HOME (to above directory) and JDK_HOME in oamreg.sh
2.3 Update serverAddress, agentBaseURL, agentName, HostIdentifier & applicationDomain in $ORACLE_HOME/oam/server/rreg/input/OAM11GRequest.xml (For 10g WebGate update OAMRequest.xml )
2.4 cd $ORACLE_HOME/oam/server/rreg/bin/
2.5 ./oamreg.sh inband input/OAM11GRequest.xml (This command will create an instance of 11gWebGate in OAM Sever and generate OAM WebGate artifacts in $ORACLE_HOME/oam/server/rreg/output)
. 3. Install OAM 11g WebGate for OHS 11g using
setup.exe -jreLoc <1.6_JRE_Location> (For Windows)
runInstaller -jreLoc <1.6_JRE_Location> (For Unix)
Enter Middleware Home and Oracle Home directory for WebGate installation.
.
4. Configure OAM 11g WebGate with OHS Instance.
4.1 cd $Webgate_Oracle_Home/webgate/ohs/tools/deployWebGate
4.2 deployWebgateInstance.sh|bat -w $Webgate_Instance_Directory -oh $Webgate_Oracle_Home (This command will copy files from WebGate software location to OHS instance directory)
where
WebGate_Instance_Directoryis OHS Instance Directory (default location is $ORACLE_HTTP_SERVER/ instance/ instance1/ config/ OHS/ ohs1) and
Webgate_Oracle_Home is directory in which Webgate is installed during WebGate installation screen above
4.3 Include OHS library files in to LD_LIBRARY_PATH as
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:<Oracle_Home_for_Oracle_HTTP_Server>/lib
4.4 Update httpd.conf of OHS
cd $Webgate_Oracle_Home/webgate/ohs/tools/setup/InstallTools
EditHttpConf -w $Webgate_Instance_Directory [-oh $Webgate_Oracle_Home>] [-o $output_file]
.
4.5 Copy files generated in step 2.5 from $ORACLE_HOME/oam/server/rreg/output/[Agent_Name] to $WEBGATE_INSTANCE_DIR/webgate/config (For OHS 11g location is $MW_HOME/Oracle_WT1/instances/instance1/config/OHS/ohs1/webgate/config)
5. Restart Oracle HTTP Server (OHS)
5.1 $ORACLE_HOME_for_OHS11g/instances/instance1/bin/opmnctl stopall
5.2 $ORACLE_HOME_for_OHS11g/instances/instance1/bin/opmnctl startall
6. Test WebGate Installation
6.1 Try accessing OHS 11g root page and it should redirect to OAM Single Sign-On Login page.
.
Related Posts for Access Manager
- Integration Steps – 10g AS with OAM (COREid)
- OAS – OAM (Access Manager / Oblix COREid) Integration Architecture
- Oblix COREid and Oracle Identity Management
- Installing Oracle Access Manager (Oblix COREid / Netpoint)
- Oracle Access Manager (Oblix COREid) 10.1.4.2 Upgrade
- Access Manager: WebGate Request Flow
- Introduction to Oracle Access manager : Identity and Access System – WebPass , Webgate, Policy Manager
- Certified Directory Server (AD, OID, Tivoli, Novell, Sun or OVD) and their version with Oracle Access Manager
- Install Oracle Access Manager (OAM) 10.1.4.3 Identity Server, WebPass, Policy Manager, Access Server, WebGate
- Multi-Language or multi-lingual Support/Documentation for Oracle Access Manager (OAM)
- OAM Policy Manager Setup Issue “Error in setting Policy Domain Root” : OAM with AD and Dynamic Auxiliary Class
- OAM 10.1.4.3 Installation Part II – Indentity Server Installation
- OAMCFGTOOL : OAM Configuration Tool for Fusion Middleware 11g (SOA/WebCenter) Integration with OAM
- Oracle Access Manager Installation Part III : Install WebPass
- OAM : Access Server Service Missing when installing Access Manager with ADSI for AD on Windows
- OAM : Create User Identity – You do not have sufficient rights : Create User Workflow
- Password Policy in Oracle Access Manager #OAM
- Changes in Oracle Access Manager 11g R1 (11.1.1.3)
- Agents in OAM 11g (WebGate 10g/11g, OSSO/mod_osso, AccessGate IDM Domain agent) aka PEP (Policy Enforcement Points)
- How to install Patches in Oracle Access Manager 10g : Bundle Patch / BPXX
- Session Management in #OAM 11g : SME , Idle Timeout, Session Lifetime
- Part IX : Install OAM Agent – 11g WebGate with OAM 11g
- How to integrate OAM 11g with OID 11g for User/Identity Store
- How to install Bundle Patch (BP) on OAM 11.1.1.3 – BP02 (10368022) OAM 11.1.1.3.2
- Error starting OAM on IBM AIX : AMInitServlet : failed to preload on startup oam java. lang. Exception InInitializer Error
- OAMCFG-60024 The LDAP operation failed. OAMCFG-60014 Oracle Access Manager is not configured with this directory
- How to Edit (create, delete, modify) Identity Store of OAM 11g from command line (WLST) – editUserIdentityStoreConfig
- OAM WebGate Registration RREG – Resource URL format is not valid
- Blank Screen on OAM 10g Identity Server Console : /identity/oblix
- Oracle 10g/11g webgate software download location
- How to find Webgate 10g/11g Version and Patches Applied
- OAM integration with OIF : Authentication Engine or Service Provider
- OAM 11g integration with Microsoft Windows Active Directory (WNA, IWA, Kerberos) for Zero Sign-On
- OAM 11g : How to change Security Mode (OPEN, SIMPLE, CERT) – WebGate to Access Server Communication
- Forgot Password link on OAM Login Page
- OIM-OAM-OAAM integration – Account Lockout in OAM obLoginTryCount , oblockouttime, MaxRetryLimit
- How to identify which LDAP (OID/AD/OVD) server OAM 11g connects to and as what user ?
- OAM 10g WebGate installation failed with Sorry Invalid User or Invalid Group
Oracle WebLogic Administrator [USD 399]- 03rd Dec, 2011
Good hands-on exercises (installation, patching, cloning), very experienced trainer worth every penny 
97 users commented in " Part IX : Install OAM Agent – 11g WebGate with OAM 11g "
Follow-up comment rss or Leave a TrackbackDear Atul,
I ve been working on the implementation of the above senario as part of a test case I am working on.
I reached this point:
4.3 Include OHS library files in to LD_LIBRARY_PATH as
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/lib
It doesnt seem to be clear for me wheather this is a comand that I have to write and if so to which directory should I navigate to before runing it.
Many Thanks in advance Mr. Atul
When you run EditHttpConf command at that time your LD_LIBRARY_PATH should also include OHS library ($OHS_ORACLE_HOME/lib)
which means that just before running above command run echo $LD_LIBRARY_PATH (Unix)
or echo %LD_LIBRARY_PATH% (Windows)
and lib directory of OHS ORACLE_HOME should also be displayed as part of this output.
[...] Part IX : Install OAM Agent – 11g WebGate with OAM 11g [...]
[...] I also discussed about OAM 11g WebGate (10g or 11g) registration using RREG here [...]
Atul,
Since Webgate 11g (11.1.1.3) will have to be installed in OHS, do we need a separate OH for Webgate 11g (for example OAMWebGate1)? Or can we use the OHS’s OH?
- Ramasamy
@ Ramasamy,
Yes 11g webgate must be installed under separate OH but under same Middleware Home (MW_HOME) in which OHS 11g Oracle Home exists.
Atul,
We are trying to install 10g WebGate in OAM 11.1.13.. When I run the oamreg.sh, I am getting the following error:
Aug 28, 2011 1:34:28 AM oracle.security.am.engines.rreg.client.RegClient main
SEVERE: Exception encountered: RemoteAgentRegistrationException. Specific exception:HTTP Post Method failed: HTTP/1.1 500 Internal Server Error oracle.security.am.engines.rreg.common.RemoteAgentRegistrationException: HTTP Post Method failed: HTTP/1.1 500 Internal Server Error
$
But I noticed from the oamconsole, I could see the Agent Name under Policy configuration tab, but I am not seeing anything under System Configuration tab…
Any ideas?
Thanks
Ramasamy
Hi,
Is there any capability within OAM or within the webgates to apply some sort of content filtering rules? For example, we have been told that some webgates support the ability to deny the request if the payload is more than N characters, or if someone is trying to “inject SQL” into the OAM server, etc.
The reason I ask this is because the current OAM design requires you to expose your OAM servers to the internet if you want to protect public facing sites. And this leaves open the possibility that someone could submit any data as part of the form POST to auth_cred_submit. We see this as a security risk and would like to prevent it.
Thanks
Aspi Engineer
Putnam Investments
Help; After installing WLS 10.3.5,OAM,OHS, Webgate, Access Gate – all 11g – my R12.1.3 mid tier is redirecting user logins to ebsauth_/ssologin. That gets error 404 from the OHS.
What is this ssologin? Shouldn’t R12 redirect to OAMLogin.jsp? Any help appreciated.
@ oamadminuser
What is value of profile option “Application Authentication Agent” in EBS R12 ?
Hi Atul, Application Authentication Agent is set to http://:7777/ebsauth_/
It is appending ssologin to the end of that url (as seen by trying various other values of Apps Auth Agent). But OHS does not know what to do with it.
I am using 11g webgate, as also approved and described in 1309013.1 MOS note.
I also see DENY entries in OAM log.
Very interesting problem!
Thanks,
That profile option should read: Application Authentication Agent is set to http://:7777/ebsauth_DATABASE_TWO_TASK/
HI Atul,
I have followed your document, i was able to protect the Oracle HTTP server with OAM successfully. when i tried to access the http://:7777 it was re-directing to the OAM login page, but after the successful login into the OAM the page was not directing back to the HTTP server again, it displaying error page not found but i can see the url as http://:7777 in the browser. Can you help me out what i have missed here… or i need to any more….
@ venkyd1985,
It could be just because /index.html is protected (by default with webgate 11g everything is protected)
Define public policy for resource /index.html as public in both authentication and authorization policies (How to define policies is in my Book OAM/OIM 11g for administrators and also in Oracle Guides)
Hi ,
i am trying the OAM/OIM integration. I have installed and configured oam, soa, oim serverrs in one domain, configured PIm with ldap sync enabled.
Now trying to run the command :-
idmConfigTool –configOAM input_file=propertiesFile
But getting one error :-
======================
bash-3.2$ ./idmConfigTool.sh -configOAM input_file=OAMconfigPropertyFile
Enter ID Store Bind DN password :
Enter User Password for WLSPASSWD:
Confirm User Password for WLSPASSWD:
Enter User Password for OAM11G_OIM_WEBGATE_PASSWD:
Confirm User Password for OAM11G_OIM_WEBGATE_PASSWD:
Enter User Password for IDSTORE_PWD_OAMSOFTWAREUSER:
Confirm User Password for IDSTORE_PWD_OAMSOFTWAREUSER:
Enter User Password for IDSTORE_PWD_OAMADMINUSER:
Confirm User Password for IDSTORE_PWD_OAMADMINUSER:
java.lang.NullPointerException
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:352)
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:696)
at oracle.idm.automation.AutomationTool.configOAM(AutomationTool.java:593)
at oracle.idm.automation.AutomationTool.parseCmdLine(AutomationTool.java:218)
at oracle.idm.automation.AutomationTool.main(AutomationTool.java:132)
There were errors found. Details have been logged to automation.log
======================
From automation.log:- i got :-
(11:44:16 AM) : Jan 30, 2012 10:07:35 PM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
SEVERE: Error while configuring webgate and domain
java.lang.NullPointerException
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:368)
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:696)
Please suggest .
correcting the typo error in my second line :-
============
configured OIM with ldap sync enabled.
============
Thanks.
@ Oam_Admin1,
What is value of JAVA_HOME, JDK version , ORACLE_HOME and other environment variable ?
Did other idmConfigTool complete successfully ?
[...] 4.5 Install WebGate on OHS server. More on RREG and installing WebGate here [...]
[...] on IBM AIX Posted in February 28th, 2012 byAtul Kumar in oam Print This Post On WebGate 11g Installation (WebGate is Policy Enforcement Point installed with Web Server), as per Oracle [...]
[...] know more about WebGate click here, here, here, [...]
Hi,
I am trying to remotely register the webgate with OAM server but there seems to be some issue. Heres what I am getting :
Exception in thread “main” java.lang.NoClassDefFoundError: oracle/security/am/en
gines/rreg/client/RegClient
Caused by: java.lang.ClassNotFoundException: oracle.security.am.engines.rreg.cli
ent.RegClient
at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
Could not find the main class: oracle.security.am.engines.rreg.client.RegClient.
Program will exit.
My OAM_REG_HOME is set to \oam\server\rreg dierctory at oamreg.bat file
@ avinash,
This error means classpath is missing required java classes required to register webgate.
Are you running rreg from OAM host or different host ?
Which java version you are using ?
java -version
which java
Thanks for the prompt response Atul..
Java Version is :
java version “1.6.0_18″
Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
Java HotSpot(TM) Client VM (build 16.0-b13, mixed mode)
I am running it from the OAM Host itself.
Enviromnet Variable settisgs are as follows :
Classpath = C:\Oracle\Middleware\jdk160_18\bin
JAVA_HOME = C:\Oracle\Middleware\jdk160_18
hi avinash ,i face the same problem ,do you have solve this issue? thank you!!!
@ Damon, Avinash,
Are you running this from OAM host (machine on which OAM is installed and configured) or from some other host (connected to OAM server remotely)
Hi,
Me too getting this error; would like to know if somebody has succeeded in resolving this!
Thanks in advance,
Regards,
Ratheesh
i solved the problem, i set my Enviromnet Variable as :
JAVA_HOME=E:\Oracle\Middleware\jdk160_24
OAM_REG_HOME=E:\Oracle\Middleware\Oracle_IDM1\oam\server\rreg
Edit oamreg.bat
REM set OAM_REG_HOME=”D:\Remote Registration\RREG client kit\rreg”
Then i run oamreg.bat,everything is OK!
I want to install Oracle 11g Webgate with 11g OAM on a IIS web-server.
Can you help in this. I googled it and seems there is no support to install 11g web-gate on IIS.
@ Dheeraj,
Currently there are no 11g webgate for IIS (only available 11g webgate are for OHS) . Please use 10g WEbGate for IIS with OAM 11g . OHS 11g webgate are available at http://www.oracle.com/technetwork/middleware/downloads/oid-11g-161194.html and 10g webgate for IIS are at http://www.oracle.com/technetwork/middleware/ias/downloads/101401-099957.html
Hi
I was trying to install the web-gate 10g to be worked with OAM 11g.
I created a web-gate 10g agent in OAM admin console window
On the web-server I installed web-gate as well.
I also copied OAAccessClient from OAM console to web-gate web-server location.
When after the installation, I am hitting my URL, it says:
“HTTP Error 404 – 404 Not Found
The Web server cannot find the file or script you asked for. Please check the URL to ensure that the path is correct”
In eventviewer it says “Oblix System Logger Initialized”.
In the log files it says “ould not read file”filename^oblix/config/oblog_config.xml”. I googled this problem but on .Net i found this message is not the actual message.
Can you suggest me what wrong might be the possible problem.
@ Dheeraj,
What URL is this that results in page not found ?
Try disabling webgate from httpd.conf by commenting entries by webgate (in the end of httpd.conf) and see if you can still access URL via OHS .
I should have mentioned in last post only that I am using IIS.
This URL is of my web-site I want to protect under OAM.
When disabling the web-gate at IIS, it works fine.(becuse in that case, it does not initiliaze anything related to OAM or web-gate).
Please update steps followed to configure webgate with IIS, which version of IIS is this ?
I am using IIS7 server.
I got the clue of this error message. This was coming because in the access agent configurations, “Deny on not protected” was ticked. When I unticked this,checkbox the error got disappeared.
However now I am struggling with the policy creation.
Whenever I hit my page, inspite showing the sso login page, it show me my site home page.While as per the protection policy it should have shown the sso login page.
I am using “/../*” or /* notation. but still getting my home page.
@ Dheeraj,
Try with three dots /…/* in place of two DOTS
Hi
I just installed OAM and then tried to login into OAM CONSOLE, i am not able to login. No error, but the same Login screen comes back. When i checked the log
[2012-07-18T14:14:14.509-04:00] [AdminServer] [ERROR] [OAMSSA-20005] [oracle.oam.user.identity.provider] [tid: [ACTIVE].ExecuteThread: ’0′ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: ] [ecid: 0000JYRJ1v^EWNW3tz^er11G1ikT00001F,0] [APP: oam_admin#11.1.1.3.0] [dcid: a827fbd0cee0501e:41979a37:1389b0d9163:-8000-0000000000000070] [arg: null] Error initializing User/Role API : null.
[2012-07-18T14:14:14.509-04:00] [AdminServer] [WARNING] [OAMSSA-20007] [oracle.oam.user.identity.provider] [tid: [ACTIVE].ExecuteThread: ’0′ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: ] [ecid: 0000JYRJ1v^EWNW3tz^er11G1ikT00001F,0] [APP: oam_admin#11.1.1.3.0] [dcid: a827fbd0cee0501e:41979a37:1389b0d9163:-8000-0000000000000070] [arg: Error initializing User/Role API : null.] Unable to connect to the User Store. User Store may not be initialized : Error initializing User/Role API : null..
[2012-07-18T14:14:14.510-04:00] [AdminServer] [ERROR] [OAM-400016] [oracle.oam.admin.console.policy] [tid: [ACTIVE].ExecuteThread: ’0′ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: ] [ecid: 0000JYRJ1v^EWNW3tz^er11G1ikT00001F,0] [APP: oam_admin#11.1.1.3.0] [dcid: a827fbd0cee0501e:41979a37:1389b0d9163:-8000-0000000000000070] Failed to authenticate the user[[
Could you help me to fix it.
@ Kumar ,
what user you are using ? what URL you are using to login ? Is OAM integrated with OID for authentication ? Which document you used to install and configure OAM ?
Hi Atul,
I am getting same error as Kumar –
Unable to connect to the User Store. User Store may not be initialized : Error initializing User/Role API : null..
I followed the steps given in your tutorials. (I am using wls10.3.3, soa,OAM 11.1.1.3)
When I looked in oam-config.xml, the ldap entry is incorrect. could it be the reason?
@ Manju,
Yes, this is the reason for error message you are hitting .
@Atul,
Unfortunatly I wasn’t able to fix the issue. I am getting
Exception in decryption
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
That is probably because of the AES encrypted password.
Can you please let me know why it is not being auto configured.
Also,
I have installed OID in a different machine, If I sync OAM with the OID(after I login to OAM), will oblix attributes/objects get created in OID ? The only reason I am trying to install OAM is to resolve “Failed to find obpasswordexpirydate in mandatory or optional attribute list. ” error. I have tried to import them manually, which it does succesfully. But when I try to import my ldif file, it throws the error mentioned before.
Any help would be great.
@ Manju,
Which document you are using ? Follow enterprise deployment guide if possible
Hello Atul;
I am newbie in OAM. I was trying to configure webgate for OHS through OAM. When I try to run the following command (inband registration) I am getting an error. Can you please help me with this.
./bin/oamreg.sh inband input/OAMllGRequest.xml
Error Message:
oracle.security.am.engines.rreg.client.RegController processRegist ration
SEVERE: Server side error occurred. Specific error messages are:Create policy re
source exception. Resource type must not be null. URI=/
The remote registration process did not succeed Please find the specific error
message below.
Error message passed from server is:Create policy resource exception. Resource t
ype must not be null. URI=/
oracle.security.am.engines. rreg.client.RegClient main
SEVERE: Exception encountered: RemoteAgentRegistrationException. Specific except
ion:Error message passed from server is:Create policy resource exception. Resour
ce type must not be null. URI=/oracle.security.am.engines.rreg.common.RemoteAge
ntRegistrationException: Error message passed from server is:Create policy resou
rce exception. Resource type must not be null. URI=/
@ venkat28,
It looks like resources mentioned in OAMllGRequest.xml are not correct, Share content of this file.
Hello Atul:
Here’s my OAM11GRequest.xml file
http://:7001/serverAddress>
RREG_OHSHostId11g
RREG_OAMOAM11G
http://:80
false
host1
7777
Hello Atul:
Here’s my OAM11GRequest.xml file
http://:7001
RREG_OHSHostId11g
RREG_OAMOAM11G
http://:80
false
host1
7777
Upload it to google doc or some other place as XML tags are not displayed correctly here
Hello Atul:
I re-installed the OAM Server and I was able to get through the installation successfully.
But after that when I try to view the OHS link (http://localhost:80), I get the following error.
The browser says ” OAM Operation Error. The Web gate plug-in is unable to contact any Access servers.”
The error message thrown in the console is:
ACCESS GATE FATAL 0×00001520 /adefaime_h0025/ngamac/src/palantir/webgate2/src/apache
2entry_web_gate.cpp:591 “Exception thrown during WebGate initialization”
ACCESS_GATE FATAL 0×0000 182C /ade/aime_h0025/ngamac/src/palantir/webgate2/src/apache
2entry_web_gate.cpp:592 “The AccessGate is unable to contact any Access Servers
raw_code”301
Can you please help with this?
Hello Atul,
I have followed your document, i was unable to protect the Oracle HTTP server with OAM successfully.
I stuck at step 2. Register WebGate with OAM Server.
Could u provide more details in case default configuration with Oracle HTTP server and OAM are on single host?
@ Chuly,
I am assuming that you are installing 11g R1 (11.1.1.5) WebGate, Did you follow steps mentioned here ? what issue you are hitting during webgate installation and configuration ?
Hi Kumar,
I have create a default configuration webgate A on server OAM (server A) successfully.
I also create another default configuration webgate B on the server B. And 2 webgate are SSO with an OID user: http://A:7777, http://B:7777.
My matter at this moment is the Logout URL. I configure both Logout URL of 2 webgate agents is: /logout.html. But both website http://A:7777 and http://B:7777 only logout and redirect when i click the URL:
http://A:7777/logout.html. If i use http://B:7777/logout.html, the website shows Page not found.
Hi Kumar,
I got another critical problem. That is when i login or logout from http://A:7777 and http://B:7777. The http://A:7002/oamconsole is also login and logout. Even when the user to logging in to http://A:7777 and http://B:7777 is orcladmin user from OID and user to logging in http://A:7002/oamconsole is weblogic.
Please help me solving this problem!!!
@ ChuLy,
This is expected behaviour if all three apps (including OAMCONSOLE) are protected by same SSO (OAM) server and user is using same browser. Use two different browser like IE and Firefox if you want to login or logout from two application (protected by same SSO) using same PC.
Hi Atul,
I bought your book from OnlineAppsDBA and am on Page 121 of the eBook. I am running into issues installing WebGate 10g, where it is not able to talk to OAM Managed Server, whereas the Managed Server is up!
Thanks
Vivek
@ Vivek,
Check if
1. There are any errors in OAM managed servers logs
2. Check from weblogic console that OAM_SERVER application is in state active
3. Check if OAM access server is listening on port 5575 (netstat -an | grep 5575 LISTEN )
Atul
Thanks Atul for the response!
Actually I was working on another project in parallel and there the my domain was marketsphere.com, whereas this server the domain was marketsphereconsulting.com. So I had a mixup odf domain I was providing the installer. When I corrected that, I could proceed further.
Your help is very much appreciated!
Thanks a lot
Vivek
Hi Atul,
I bought your book from OnlineAppsDBA and am on Page 133 of the eBook. I am confused what the value of this port should be?
Listen Port: 8602
Is this the port that the EBS listens on, or just an arbitrary port for this managed server?
Thanks for your help!
Vivek
@ Vivek,
This is just an arbitrary port for this managed server. If you choose a differnet port then change 8602 in eBook to this new port that you use.
Hi Atul,
I bought your book from OnlineAppsDBA.com and am on page 137, executing the ant script ant -f txkEBSAuth.xml to create data source. I am getting the following error.
Buildfile: txkEBSAuth.xml
[taskdef] Could not load definitions from resource net/sf/antcontrib/antcontrib.properties. It could not be found.
findOS:
getServerDetails:
[input] skipping input as property wlshosturl has already been set.
BUILD FAILED
/u01/sso/Middleware/appsutil/accessgate/OBA1S/txkEBSAuth.xml:62: Could not create task or type of type: if.
Ant could not find the task or a class this task relies upon.
This is common and has a number of causes; the usual
solutions are to read the manual pages then download and
install needed JAR files, or fix the build file:
– You have misspelt ‘if’.
Fix: check your spelling.
– The task needs an external JAR file to execute
and this is not found at the right place in the classpath.
Fix: check the documentation for dependencies.
Fix: declare the task.
– The task is an Ant optional task and the JAR file and/or libraries
implementing the functionality were not found at the time you
yourself built your installation of Ant from the Ant sources.
Fix: Look in the ANT_HOME/lib for the ‘ant-’ JAR corresponding to the
task and make sure it contains more than merely a META-INF/MANIFEST.MF.
If all it contains is the manifest, then rebuild Ant with the needed
libraries present in ${ant.home}/lib/optional/ , or alternatively,
download a pre-built release version from apache.org
– The build file was written for a later version of Ant
Fix: upgrade to at least the latest release version of Ant
– The task is not an Ant core or optional task
and needs to be declared using .
– You are attempting to use a task defined using
or but have spelt wrong or not
defined it at the point of use
Remember that for JAR files to be visible to Ant tasks implemented
in ANT_HOME/lib, the files must be in the same directory or on the
classpath
Please neither file bug reports on this problem, nor email the
Ant mailing lists, until all of these causes have been explored,
as this is not an Ant bug.
Total time: 0 seconds
Actually I could proceed by fixing some paths, but I get another error
[wlst] once the activation is completed.
[wlst] ************************************************************************
[wlst] ERROR: Error encountered while activating the changes.
[wlst] Canceling the edit session.
[wlst] ************************************************************************
[wlst] Discarded all your changes successfully.
[wlst] This Exception occurred at Mon Oct 15 13:47:54 CDT 2012.
[wlst] weblogic.application.ModuleException:
[wlst] at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:302)
[wlst] at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
[wlst] at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:518)
[wlst] at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
[wlst] at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
[wlst] at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:47)
[wlst] at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:614)
[wlst] at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
[wlst] at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:184)
[wlst] at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
[wlst] at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
[wlst] at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
[wlst] at weblogic.deploy.internal.targetserver.operations.ActivateOperation.createAndPrepareContainer(ActivateOperation.java:208)
[wlst] at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doPrepare(ActivateOperation.java:98)
[wlst] at weblogic.deploy.internal.targetserver.operations.AbstractOperation.prepare(AbstractOperation.java:217)
[wlst] at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentPrepare(DeploymentManager.java:749)
[wlst] at weblogic.deploy.internal.targetserver.DeploymentManager.prepareDeploymentList(DeploymentManager.java:1216)
[wlst] at weblogic.deploy.internal.targetserver.DeploymentManager.handlePrepare(DeploymentManager.java:218)
[wlst] at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.prepare(DeploymentServiceDispatcher.java:160)
[wlst] at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doPrepareCallback(DeploymentReceiverCallbackDeliverer.java:171)
[wlst] at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.prepare(DeploymentReceiverCallbackDeliverer.java:41)
[wlst] at weblogic.deploy.service.internal.statemachines.targetserver.AwaitingContextUpdateCompletion.callDeploymentReceivers(AwaitingContextUpdateCompletion.java:164)
[wlst] at weblogic.deploy.service.internal.statemachines.targetserver.AwaitingContextUpdateCompletion.handleContextUpdateSuccess(AwaitingContextUpdateCompletion.java:66)
[wlst] at weblogic.deploy.service.internal.statemachines.targetserver.AwaitingContextUpdateCompletion.contextUpdated(AwaitingContextUpdateCompletion.java:32)
[wlst] at weblogic.deploy.service.internal.targetserver.TargetDeploymentService.notifyContextUpdated(TargetDeploymentService.java:225)
[wlst] at weblogic.deploy.service.internal.DeploymentService$1.run(DeploymentService.java:190)
[wlst] at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
[wlst] at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
[wlst] at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
[wlst] Caused by: weblogic.common.resourcepool.ResourceSystemException:
[wlst] Could not connect to ‘oracle.apps.fnd.ext.jdbc.datasource.AppsDataSource’.
[wlst] The returned message is: ORA-01017: invalid username/password; logon denied
[wlst] It is likely that the login or password is not valid.
[wlst] It is also possible that something else is invalid in
[wlst] the configuration or that the database is not available.
[wlst] at weblogic.jdbc.common.internal.JDBCUtil.parseException(JDBCUtil.java:301)
[wlst] at weblogic.jdbc.common.internal.PooledConnectionEnvFactory.makeConnection(PooledConnectionEnvFactory.java:313)
[wlst] at weblogic.jdbc.common.internal.PooledConnectionEnvFactory.createResource(PooledConnectionEnvFactory.java:97)
[wlst] at weblogic.common.resourcepool.ResourcePoolImpl.makeResources(ResourcePoolImpl.java:1249)
[wlst] at weblogic.common.resourcepool.ResourcePoolImpl.makeResources(ResourcePoolImpl.java:1166)
[wlst] at weblogic.common.resourcepool.ResourcePoolImpl.start(ResourcePoolImpl.java:249)
[wlst] at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1155)
[wlst] at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:154)
[wlst] at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:455)
[wlst] at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:372)
[wlst] at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:255)
[wlst] Traceback (innermost last):
[wlst] File “/tmp/wlsttempfile89327382.py”, line 125, in ?
[wlst] at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
[wlst] at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
[wlst] at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
[wlst] at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
[wlst]
[wlst] java.lang.Exception: java.lang.Exception: Error encountered while activating the changes
[wlst]
[wlst] Exception in thread “Main Thread” java.lang.IllegalStateException: Traceback (innermost last):
[wlst] File “/tmp/wlsttempfile89327382.py”, line 125, in ?
[wlst] at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
[wlst] at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
[wlst] at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
[wlst] at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
[wlst]
[wlst] java.lang.Exception: java.lang.Exception: Error encountered while activating the changes
[wlst]
[wlst] at weblogic.management.scripting.WLSTInterpreterInvoker.printError(WLSTInterpreterInvoker.java:110)
[wlst] at weblogic.management.scripting.WLSTInterpreterInvoker.executePyScript(WLSTInterpreterInvoker.java:103)
[wlst] at weblogic.management.scripting.WLSTInterpreterInvoker.main(WLSTInterpreterInvoker.java:27)
BUILD FAILED
/u01/sso/Middleware/appsutil/accessgate/OBA1S/txkEBSAuth.xml:47: The following error occurred while executing this line:
/u01/sso/Middleware/appsutil/accessgate/OBA1S/txkEBSAuth.xml:408: Error Creating DataSource
Total time: 44 seconds
Which username is is trying to access? As I set the password for ASADMIN as ASADMIN as was in the book!
And I can logon as asadmin in EBS
@ Vivek Sharma
a) You copied fndext.jar file to the domain library and restarted the AdminServer after that
b) User ASADMIN has connect schema role assigend
c) Ensure that DBC file is correct
d) Ensure that SERVERID in dbc file is one exists in FND_NODES table in EBS under apps schema
e) If a-d are correct then try ASADMIN in upper case
a-d were completed. Changing to upper case does not help.
The only thing that I am suspecting can be a problem, was when I created the DBC file on the EBS server, I used just node name, instead of fqdn, as fqdn was more than 30 characters for me and the fnd_nodes has a limit. I had an SR open with Oracle and they suggested, it would be fine like this for a data source. What is your opinion?
I used NODE_NAME=fusionidm, instead of fusionidm.marketsphereconsulting.com which was erroring the script java oracle.apps.fnd.security.AdminDesktop
@ Vivek,
NODE_NAME=fusionidm should be OK.
Paste content of your DBC file and output from FND_NODES table. Also update hostname of server where WebLogic Admin Server (one on which Access Gate is deployed) is running .
Admin server is running on fusionidm.marketsphereconsulting.com
DBC:
[fmwidm@fusionidm OBA1S]$ more OBA1S_FUSIONIDM.dbc
#Desktop DB Settings
#Thu Oct 11 21:44:45 CDT 2012
FNDNAM=APPS
APPL_SERVER_ID=CBD3AA97FC0A8472E040A8C0B00A6B5324975527834015535318174214438204
APPS_JDBC_URL=jdbc\:oracle\:thin\:@(DESCRIPTION\=(ADDRESS_LIST\=(LOAD_BALANCE\=YES)(FAILOVER\=YES)(ADDRESS\=(PROTOCOL\=tcp)(HOST\=oba1s.marketsphere.com)(PORT\=1526)))(CONNECT_DATA\=(SERVICE_NAME\=
OBA1S)))
GWYUID=APPLSYSPUB/PUB
FND_NODES:
NODE_NAME
——————————
SERVER_ID
—————————————————————-
SERVER_ADDRESS
——————————
FUSIONIDM
CBD3AA97FC0A8472E040A8C0B00A6B5324975527834015535318174214438204
Hi Atul,
I am on page 140 of your ebook, and am getting a 404 Not Found error?
Even though the Application got deployed, I am getting the 404 Not Found error for the following URL:
http://fusionidm.marketsphereconsulting.com:7777/ebsauth_OBA1S/OAMLogin.jsp
I have already put the following in the mod_wl_ohs.conf
SetHandler weblogic-handler
WebLogicHost fusionidm.marketsphereconsulting.com
WebLogicPort 8602
Any ideas?
Is it possible, that during registration of the webgate step:
./oamreg.sh inband /u01/sso/Middleware/Oracle_IAM1/oam/server/rreg/input/oba1s.xml
My oba1.xml had the following contents, where I used ebsauth_oba1s as the resource, instead of ebsauth_OBA1S, that could cause problems? and is there a way to fix this?
http://fusionidm.marketsphereconsulting.com:7001
OBA1S_HostId
OBA1S_OAM
http://fusionidm.marketsphereconsulting.com:7777
/logout
/ebsauth_oba1s/
/ebsauth_oba1s/…/*
/public/index.html
/ebsauth_oba1s/OAMLogin.jsp
/ebsauth_oba1s/style/
/ebsauth_oba1s/style/…/*
/public/oacleanup.html
/excluded/index.html
After fixing this in oamconsole, I got the login page. On page 141 of the ebook, what username would I use to login?
Atul,
I am trying to configure webgate and was successful in creating agent and registering it. But when I try to hit the web server on http port, it directs me to oam server on 14100 port but I cant connect to it. Somehow, I have never been able to telnet on 14100 even though my oam managed server is running and I can access oam console but instead I can telnet on 5575.
Also, my adminserver logs keep complaining about this error:
Is something wrong with my configuration?
Thanks
This is the error which I get in my admin sevrer logs.
Failed to communicate with any of configured Access Server, ensure that it is up and running.
I installed OAM and IAMSuiteAgent is enabled. Now how can i use IAMSuiteAgent?
Before install OAM, i used like “http://:7001/em”, now with IAMSuiteAgent installed by default how can i call EM.
Hi Atul,
I have installed the web-gate 11g for OHS11.1.1.5 and OAM11.1.1.5 BP3 on solaris 64, configured webgate by following steps mentioned by you, everything goes fine however when i try to access http://localhost:81 (OHS URL), it says:
“Sorry, Requested page can no be found – 404″
I have added few handler in mpd_wl_**.conf like for /odsm and also created a new resource, auth policy and authz policy in same domain in oam but when i try to access http://localhost:81/odsm, it says:
“Sorry, Requested page can no be found – 404″
When i disabled OHS_WG1 agent from OAM admin console, then i am able to access http://localhost:81/odsm.
Also checked for http://localhost:81/oam/pages/login.jsp , is not accessible when agent is enable.
Can you suggest me what wrong might be the possible problem.
Regards
Santosh
@ Santosh,
In 11g WebGate version if a resource is not protected/allowed then access is deined. Create a resource / and protect this resource via anonymous authentication scheme or select exclude.
See if that works
Hi Atul,
Thanks for quick reply.
I will try that.
As i have mentioned that i created a new resource /odsm and selected “LDAP Scheme” even for that, it throws same error.
I could not see any error in log file except ” could not read oblog_config.xml ( which can be ignored as per oracle doc.)
Regards
Santosh
@ Santosh,
To see if WebGate is an issues (if yes then you can apply fix in my previous update), disbale webgate by commenting include file for webgate.conf in httpd.conf and then bounce OHS.
If you see this working then issue is with webgate and define policy
If you see this NOT working then issue is with OHS and ensure that mod_wl_ohs.conf has correct entry to connect to weblogic server on which application (like ODSM) is running. To know more on mod_wl_ohs.conf check http://onlineappsdba.com/index.php/2009/09/23/configure-oracle-http-server-infront-of-oracle-weblogic-server-mod_wl_ohs/
Hi Atul,
I am able to access page after commenting webgate entry in httpd.conf file. so looks like issue is with webgate and define policy.
Shouls i delete the agent in OAM console and recreate using OAM Admin console.?
Do you suggest any other steps ?
Regards
Santosh
Hi Atul,
My OAM Admin server (weblogic admin ) is running on port 7001 and OAM manage server is on port 14100, just want to confirm, while registering webgate which port should i use in server address?
I used 7001, please confirm ?
Regards
Santosh
@ you don’t use any of these ports. You must use OAM proxy server port. Default value is 5575 , search on this blog about how to find OAM proxy port and you will get more information on this port.
This is also explained in our eBook oam integration with e-business suite
@Atul –
Thanks. I created new agent and policy manually using OAM console, its working now but i am getting another issue i.e. after OAM login, it give error while redirecting the page, page is getting hang but if i refresh the page then it display the welcome page ( error say something could be wrong on cookie setting or redirection in the browser)
Regards
Santosh
Hi Atul,
I have installed 10g webgate and trying to connect to OAM11gR2 server. It works fine when the communication mode is open but when I try to use simple mode, accee to url http://host/access/oblix/apps/webgate/bin/webgate.cgi?progid=1
gives error
The WebGate plug-in is unable to contact any Access Servers.
Oblix: 2012/11/09@01:45:07.419293 29507 29507 ACCESS_GATE FATAL 0×00001520 /scratch/alnguyen/Oblix/coreid1014/palantir/webgate2/src/apache2entry_web_gate.cpp:433 “Exception thrown during WebGate initialization”
I verified it twice as its working fine in open mode but not simple mode. HHTP server can telent to oam server on 5575 and everything else is running. There are no other errors in the logs.
Any suggestions?
Thanks,
Pratima
@ Pratima,
What all changes you made in order to change OAM from OPEN to SIMPLE ?
Note: There is a BUG in 11gR1 (not tried with 11gR2 yet) where if you use higher version of JDK (higher than 1.6.24) and use SIMPLE or CERT mode then WebGate doesn’t work (because of certificates). I am not sure if that BUG is still on 11gR2 but curious to know steps you carried out to convert from OPEN to SIMPLE
Atul,
I changed the mode of oam server to simple and then changed the webgates mode to simple. After that I copied the obaccessclient.xml under lib folder on webgate server, password.xml to config folder and aaa certificates under config/simple folder.. Please note that simple folder wasn’t already there as per the docs.. Then I restarted the web server and oam servers.
hi Atul,
i have installed OAM Webgate 11g on OHS 11g,
i am referring your book Oracle Identity and access manager 11g for Administartion.I am unable to edit EditHttpConf file for webgate configuration with the following error
./EditHttpConf -w /u01/oracle/apps/idam/Middleware/Oracle_WT1/instances/instance1/config/OHS/ohs1/ -oh /u01/oracle/apps/idam/Middleware/Oracle_OAMWebGate1 -o /u01/oracle/apps/idam/output2.txt
./EditHttpConf: error while loading shared libraries: libclntsh.so.11.1: wrong ELF class: ELFCLASS64
please help me to resolve this problem.
Thanks in Advance.
Atul:
We are following your book.
We are unable to see the default list in Resource Type in Policy Configuration.
HTTP
wl_authen
without them we cant register the weggates
Please help us
Thanks
@ rnugooru,
It looks like something failed during installation/configuration of OAM. Try re-install including database schema for OAM . Ensure that you use right version of RCU to load OAM schema.
Hi Atul,
I am getting follwoing error while creating data source for EBS Access Gate- after setting domain env, when i run -
/usr/sfw/bin/ant -f txkEBSAuth.xml createDataSource
It throws below error at the end -
createDataSource:
[echo] ********************************************************************
[echo] STEP 1: CREATING DATA SOURCE
[echo] ********************************************************************
[trycatch] Caught exception: Problem: failed to create task or type wlst
[trycatch] Cause: The name is undefined.
[trycatch] Action: Check the spelling.
[trycatch] Action: Check that any custom tasks/types have been declared.
[trycatch] Action: Check that any / declarations have taken place.
BUILD FAILED
/u01/iam/fmw11.1.1.5/appsutil/accessgate/ebs01/txkEBSAuth.xml:408: Error Creating DataSource
Total time: 44 seconds
Any idea, what could be wrong ?
Thanks
Santosh
@ srshukla3, What is /usr/sfw ?
/usr/sfw is ANT_HOME path.
when i run ant -f txkEBSAuth.xml, it say ant not found, even though ANT_HOME is already set.
Hi Atul,
When i run /usr/sfwant -f txkEBSAuth.xml
(create and deploy both)
BUILD FAILED
/u01/iam/fmw11.1.1.5/appsutil/accessgate/ebs01/txkEBSAuth.xml:171: Problem: failed to create task or type propertyregex
Cause: The name is undefined.
Action: Check the spelling.
Action: Check that any custom tasks/types have been declared.
Action: Check that any / declarations have taken place.
@ srshukla3,
You said “/usr/sfw is ANT_HOME path” is this the one that comes with Linux/Unix or is this your weblogic home too ?
If ANT_HOME is not from weblogic then try one from weblogic
Take a look at section 11.3 “deploy ebs accessGate” our eBook http://onlineappsdba.com/index.php/book/
Make sure that you set weblogic environment file setWLSEnv.sh
Hi Atul,
In EBS12.1.3 ,i can not see the profiles (FND: Validate User Type,FND: Validate IP address..).
Is it must to have these system profile ?
My access Gate deployment still fails -
BUILD FAILED
/u01/iam/fmw11.1.1.5/appsutil/accessgate/ebs01/txkEBSAuth.xml:408: Error
Please confirm, if i need to apply any patch.
Hi Atul,
I have taken defualt DBC file, did not generate it -can you verify if the format it is correct, i do not see APPS_JDBC_URL in this -
APPS_JDBC_DRIVER_TYPE=THIN
FND_JDBC_BUFFER_MIN=1
DB_NAME=prod
GWYUID=APPLSYSPUB/PUB
FND_JDBC_BUFFER_MAX=5
FND_JDBC_STMT_CACHE_SIZE=100
TWO_TASK=prodcln
JDBC\:oracle.jdbc.maxCachedBufferSize=358400
JDBC\:processEscapes=true
FND_MAX_JDBC_CONNECTIONS=500
FND_JDBC_USABLE_CHECK=false
FNDNAM=APPS
FND_JDBC_PLSQL_RESET=false
DB_PORT=1521
FND_JDBC_CONTEXT_CHECK=true
FND_JDBC_BUFFER_DECAY_SIZE=5
DB_HOST=sfinappstst01.testsf.testsp.edu.sg
I am getting error whilec creating datasource –
Caused by: weblogic.common.resourcepool.ResourceSystemException: Invalid port number for database URL: jdbc:oracle:thin:@${appsDBHostname}:${appsDBPort}:${appsDBSID}
[wlst] at weblogic.jdbc.common.internal.JDBCUtil.parseException(JDBCUtil.java:301)
Hi Atul,
Need one favour from you,
We have to set up IAM DR system replica of Live Prod IAM DC.
We have done below mentioned points as per document oracle e15250.pdf
1.We have tar and untar all directories from DC to DR.
2. Added Alias hostname at DR sitein /etc/hosts as per doc.
3.Our OID instance, OHS11g,Identity and Access Server’s are up.
4.We also configure the Webgate from
[dbuser@MPBPLDRIDA2 configureWebGate]$ ./configureWebGate -i /orahome/oracle/product/OAM_HOME/webgate/access -t Webgate
this command.
and shows :
Web Gate Installed Successfully.
But here the problem is the webgate entries is not updated in https.conf.
So can I confirm the its webgate installation.
I am trying to hit the confirmation url
url http://MPBPLDRIDA2:7777/access/oblix/apps/webgate/bin/webgate.cgi?progid=1
I am getting 404 error.
Hi Atul
I would like to know how to setup OAM 11gR2 SSO for a web page.
Can you please describe the required steps and all configuration?
Thank you
Aman
Hi Atul,
Issue resolved on move back the webgate entries in httpd.conf file and diagnose page appeared.
But I am facing one issue regarind the IP’s of DC.. which is showing in DR Setup (viz . Directoty Profiles, Identity Server and Wepass(Core id server) ) i.e. DC IP(10.10.x.x)insteadof DR Hostname, should i manually change at all place and restart the servers.
Dear Atul,
We have successfully configured OAM 11.1.1.5 with EBS 12.1.1 and OID 11.1.1.6 with WNA.
Now we need to configure another EBS application with same OAM access manager.
Can you please tell me is it possible to configure and how can be it done.
Thank you!!!
Arul
@Arul,
Yes it is possible, Follow same steps as you did for first EBS instance (except installation)
Leave A Reply