Installing Oracle Identity Federation 10g

I am going to talk about installation of Oracle Identity Federation 10g in this post. To learn some basics of OIF, there are some Question and Answers written here, go through it.

I am illustrating the installation carried out in development environment and hence it will not cover high availability and cluster options. However, I will run through few points explaining those features as and when that context comes.

There are two types of OIF installation: Basic and Advanced.

With Basic install, OIF utilizes memory to store both Federation and Transient data. Hence, you will not see those options during installation. One disadvantage with this install type is: You will not have choice to select your own ports for OIF HTTP Server, OC4J and so on.

With Advanced install, OIF provides options to choose Federation and Transient data stores. Also, it can provide options for configuring high availability and ports selection option (using staticports.ini) .

Though our install is in development environment, I have selected Advance option to have my own ports selection. I am going to install OIF in folder called IDP_OIF and placed staticports.ini under IDP_OIF as shown below.

Let’s see the staticports.ini content as shown below.

Installation steps are as follows:

Run the installer setup.exe (from the extracted OIF) as valid administrator.
Install wizard will appear and click Next.
Specify Oracle Home name and installation path of Oracle Identity Federation.
Ensure that Oracle Identity Federation 10g option is selected.
Select Advanced installation method.
Select the check box to ensure that you have administrator rights.
Select Manual option and point to the staticports.ini path.
Let us talk about the three options available in this step.
- Federation Data in LDAP server: Federation data can be stored in a LDAP server. If you want to use this, select the check box where you will need to provide LDAP connection details.
- Federation Transient Data in Database: Transient data can either be stored in Database or in-memory. For production installations, you must use Database.
- Virtual Addressing Option: For production installations where high availabilityis required, this option can be selected and would need to provide Virtual HostName in next steps.
I wish to provide Federation store details post installation and hence unselected the 1st checkbox. Click Next.
Specify OIF instance Name. Specify the password to login to OIF Administration console. The default username for OIF admin console is oif_admin. Please note that Federation Server ID will be automatically updated based on OIF Instance name entered during installation.
Click Next in summary screen to start installing.
Notice that Configuration assistants installation is successful.
Once installation is completed, final screen is shown. Click Exit.

Let us access the OIF Admin console using the URL http://vmw2003ent101.mydomain.com:7778/fedadmin. Login with userid as oif_admin and password as admin123.

After successful login, the OIF admin console will be displayed as shown below.

I will cover the OIF exploration process in further posts.

Let us access the EM console using the URL http://vmw2003ent101.mydomain.com:1810/ . Login with userid as ias_admin and password as admin123.

After successful login, EM console will be displayed as shown below.

OIF is deployed as J2EE application in the OC4J container named OC4J_FED.

To start/stop OIF processes, execute the command opmnctl stopall and opmnctl startall at location C:\oracle\IDP_OIF\opmn\bin (as per my environment).

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

3 comments

» Configure Federation Data Store post installation of OIF 10g Online Apps DBA: One Stop Shop for Apps DBA’s says September 9, 2011

[…] Posted in September 9th, 2011 byMahendra in idm, installation Print This Post In my earlier post, I have explained the installation steps of Oracle Identity Federation 10g, where I did not select […]

Naveen says February 22, 2012

Hi Mahendra,

Thanks for posting this article. its really helpful.
I have a requirement of sending some attributes with values in assertion which are constant for all users. Is there any way of sending the custom attributes in the assertion other than the way of populating from data stores??

Thanks,
Naveen

MohaKumar says February 21, 2013

Hi Mahendra,

I am using OIF 10g and my data store is OAM 10g(integrated OAM & OIF) i am having multiple directory profiles in OAM, let say SSOroot.local is main node and its childs are SSOchilda.ssoroot.local,SSOchildb.ssoroot.local

When i configured a saml application and try to access the application, i am able to login with all the users in root node, and where as the users in the child node are unable to login and getting the below error, and here when i search the users i am able to search all the users such as i am getting users in root node as well as in child nodes.

F.Y.I..,

ERROR – javax.naming.NameNotFoundException: [LDAP: error code 32 – 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
‘DC=ssoroot,DC=local’
] [Root exception is com.sun.jndi.ldap.LdapReferralException: [LDAP: error code 10 – 0000202B: RefErr: DSID-0310063C, data 0, 1 access points
ref 1: ‘ssoroot.local’
]; remaining name ‘CN=mohan kumar,CN=Users,DC=ssochilda,DC=ssoroot,DC=local,dc=ssoroot,dc=local’]; remaining name ”
13/02/20 23:03:48: ERROR – No value in user record for Name ID Policy requested: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

Please help me regarding this error.

Thanks,
Mohankumar.Koribilli

Add Your Reply