Install & Configure OES 11gR2 (Oracle Entitlement Server) : Part I

This is part I of Oracle Entitlement Server/Client (Security Module) 11gR2 (11.1.2) installation and Configuration Series.

Oracle Entitlement Server (OES) is a fine grained authorization engine from Oracle and is part of Oracle Identity Management Suite. For High Level installation Steps of Identity Management 11gR2 click here  For Oracle Identity Management 11gR2 documentation click here and for software click here

 

Software Required for OES 11gR2

There are two parts of OES

  • Server Side Component (OES Administration Console or Authorization Policy Manager – APM)
  • Client Side Component (Security Module – SM). There are various different types of Security Modules (OES client side component) .  WebLogic Security Module is most common, hence I am going to cover installation & configuration of WebLogic SM in this series.

In order to install OES 11gR2 (11.1.2) server side component, you would need following software

  • Oracle Database (10.2.0.4+ or 11.1.0.7+ or 11.2.0.1+)
  • JDK (1.6.29+)
  • Oracle WebLogic Server (10.3.6 or 10.3.5)
  • Oracle Repository Creation Utility RCU (11.1.2)
  • Oracle Identity & Access Management Software (11.1.2)
In order to install OES 11gR2 (11.1.2) client side component (WebLogic Security Module), you would need following software
  • Oracle WebLogic Server
  • OES Client Software

 

OES Installation Steps

1. Install Database – This database will be used to create OPSS schema to store Authorization Policies .  OPSS : Oracle Platform Security Services

2. Create OPSS schema using RCU 11.1.2 – More on RCU here .

Note: Select Oracle Platform Security Services & Metadata Services from list of available schema

3. Install JDK 1.6

Note: JDK will be used to install WebLogic in next steps and also to run Application on Java Virtual Machine (JVM)
4. Install WebLogic Server 10.3.6 (This step will create Middleware Home $MW_HOME). More on WebLogic installation here and here

Note: You must install Identity & Access Management Software (this also contains OES software) inside MW_HOME

 

5. Install Oracle Identity & Access Management 11.1.2 software

runInstaller -jreLoc <Location_of_JDK>

Note: When prompted for Middleware Home, provide directory that you used for Middleware Home in previous step. This step will create ORACLE_HOME containing OES software 

 

Remaining Steps to install & configure OES 11gR2 in next post here

  • Creating WebLogic Domain
  • Configure Security Store to Database
  • Start WebLogic Admin Server
  • Test OES Admin Console
  • Install & OES client (Weblogic Security Module )

 

 

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

10 comments
» Install and Configure OES 11gR2 (11.1.2) Part II Online Apps DBA: One Stop Shop for Apps DBA’s says March 29, 2013

[…] Install and Configure OES 11gR2 (11.1.2) Part II Posted in March 29th, 2013 byAtul Kumar in installation, oes This is part II of Oracle Entitlement Server & Client (Security Module) 11gR2 installation and Configuration.,For Part I of this series click here […]

Reply
Jessica Yang says April 10, 2013

It’s a good install guide.

Reply
Shiva says April 24, 2013

Hello Atul,

Could you please share “Apache Tomcat SM” configuration for a web app running on tomcat?

Thanks in Advance!
Shiva

Reply
textPlus says May 31, 2013

This is a wonderful guide. Have you added OES to an existing domain? I am asking, because I have custom taskflows that are not visible in OIM 11g R2. I have been told that I need to grant permissions for the taskflows using the APM tool. The problem is that I did not include OES while creating my domain. How would I go about adding OES to an existing domain?

Reply
    Atul Kumar says May 31, 2013

    @textPlus, Run config.sh again and select extend domain (select domain location as existing domain). From list of domain template select OES.

    Reply
» Install Oracle Entitlement Server (OES) Client Security Module (SM) 11gR2 (11.1.2) Part III Online Apps DBA: One Stop Shop for Apps DBA’s says July 3, 2013

[…] Client (Security Module) 11gR2 installation and Configuration, For Part I Install OES Server click here , For Part II Configure OES Server click […]

Reply
» Configure OES client software (Security Module) : Things you must know Online Apps DBA: One Stop Shop for Apps DBA’s says July 8, 2013

[…] Module) : Things you must know Posted in July 8th, 2013 byAtul Kumar in oes After installing OES Server, configuring OES Server, and installing OES client next task is to configure OES client (Security […]

Reply
» Beware OES 11gR2 Security Module for OSB is NOT yet certified with OSB 11.1.1.7 (as of Oct 2013) Online Apps DBA: One Stop Shop for Apps DBA’s says September 30, 2013

[…] (as of Oct 2013) Posted in September 30th, 2013 byAtul Kumar in oes, osb I discussed about OES Server,  OES Client (Security Module) and Oracle Service Bus. You can integrate Oracle Service Bus (OSB) […]

Reply
» Auditing in Oracle Entitlement Server (OES ) 11g Online Apps DBA: One Stop Shop for Apps DBA’s says January 14, 2014

[…] Auditing in Oracle Entitlement Server (OES ) 11g Posted in January 14th, 2014 byAtul Kumar in oes This post covers everything you must know about Auditing in Oracle Entitlement Server (OES) […]

Reply
kesav says May 8, 2015

Hi Athul,

we are trying to configure OES client for a JRF environment. I am following this document to configure OES client.. http://docs.oracle.com/cd/E37115_01/install.1112/e27301/oes.htm#INOAM98147

Under section : 8.6.1.2.1 Setting Up Connection to an Oracle Database, Setting Up Connection to an Oracle Database for Security Modules Configured in a JRF Environment..

The step is: reassociateSecurityStore(domain=”OESDomain”, servertype=”DB_ORACLE”, datasourcename=”Datasource_Name”, jpsroot=”cn=reassociatedb”, join=”true”)

after this we are not able start AdminServer.

Error:

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Info: Data source is: opss-DBDS
JPS-01060: The credential store instance does not have the property ldap url/JDBC url/datasource JNDI name defined.
Error: Diagnostics data was not saved to the credential store.
Error: Validate operation has failed.
Need to do the security configuration first!

Please suggest us how to Proceed to complete the configuration.

Thanks,
Kesav

Reply
Add Your Reply

Not found