Oracle Access Manager and Weblogic Portal integration.

This post will bring out the key points involved in the integration between Weblogic Portal and Oracle Access Manager using SSPI Connector.

Major Products involved:

1. Weblogic Portal 10.3.0

2. OAM 10.1.4.3

3. SSPI Connector 10.1.4.2.2

Key Points:

1. Create portaldmin user in OAM (as in user store) and assign Admin rights.

2. Create group BEA_Administrators and assign portaladmin user a member of that group.

3. Create NetPointRealm using the command as shown below.

./setupNetPointRealm_wl92.sh portal

4. The param “portal” provided in the above command is essential to create realm necessary for Weblogic portal with specific providers.

5. Ensure to add the p13DataSource in the SQLAuthenticator DataSource field. This makes the users weblogic and portaladmin which are part of myrealm to be available in NetPointRealm. Mark SQLAuthenticator as REQUIRED and OblixAuthenticator as OPTIONAL followed by a weblogic server restart.

6. You should be able to see the group BEA_Administrators in the NetpointRealm Users and Groups column. Copy the group name (eg., cn:EBEA_Administrators:Cdc:Eus:Cdc:Eoracle::Cdc:Ecom).

7. Goto the location, NetpointRealm -> Roles and Policies -> Global Roles -> Roles.

8. Goto the Admin Role and add the conditions to include BEA_Administrators.

9. Goto the PortalSystemAdministrator Role and add the conditions to include BEA_Administrators.

10. Delete the SQLAuthenticator and mark OblixAuthenticator as REQUIRED. SQLAuthenticator is no longer needed as weblogic and portaladmin users are part of OblixAuthenticator.

11. Now login as OAM user to the weblogic portal server.

Note: Follow the key steps 12 & 13 of section 10.5.9 Preparing the WebLogic Environment in the SSPI integration guide .

Contact me if you have any queries.

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

6 comments
Add Your Reply