{"id":1876,"date":"2010-06-09T08:35:24","date_gmt":"2010-06-09T12:35:24","guid":{"rendered":"http:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/"},"modified":"2010-06-09T08:58:14","modified_gmt":"2010-06-09T12:58:14","slug":"protect-applications-deployed-in-tomcat-webserver-using-oam","status":"publish","type":"post","link":"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/","title":{"rendered":"Protecting applications deployed in Tomcat webserver using Oracle Access Manager"},"content":{"rendered":"<p>Hi all,<\/p>\n<p>This post will bring out some of the solution proposal aspects and how to protect applications deployed in Tomcat webserver using Oracle Access Manager. This can be application to applications deployed in any webserver which Oracle does not provide Webgate out of the box.<\/p>\n<p>The scenario is that there are web applications deployed in Tomcat server and how would you protect those with OAM.<\/p>\n<p>There are 2 ways of doing it. First solution is to use a Reverse Proxy server infront of Tomcat (say Apache or OHS etc.,) and define the Resources to be protected in OAM Policy domain. Second solution is to implement custom access gate for Tomcat server. Here, you would need to write JAAS Authentication Module and Authorization Module which internally calls Access Gate and inturn the Access Server for authentication and Authorization purposes.<\/p>\n<p>This post will talk about the first solution. Lets say we have Reverse proxy as OHS web server.<\/p>\n<p>You can follow the steps as shown below:<\/p>\n<ul>\n<li>Add\/Modify host identifier to include OHS port.<\/li>\n<li>Create Policy domain with resources, authorization rules. Specify the authentication scheme and add authorization rules accordingly as per your requirements.<\/li>\n<li>Now, uncomment the proxy module configuration in the httpd.conf of OHS webserver. If you can&#8217;t point out proxy related configuration in the httpd.conf file, search for <strong>mod_proxy <\/strong>and uncomment if it is commented out.<\/li>\n<li>Add the lines ProxyPass and ProxyReversePass to your application resources as shown below.<\/li>\n<\/ul>\n<p>ProxyPass \/sample\/public.html\u00a0 http:\/\/tomcat_host:port\/sample\/public.html<br \/>\nProxyPassReverse \/sample\/public.html\u00a0 http:\/\/tomcat_host:port\/sample\/public\/public.html<\/p>\n<ul>\n<li>Access your application using OHS Port and the application resource will be prompted for authentication accordingly.<\/li>\n<\/ul>\n<p>In later posts, I will come up with implementing <strong>Second Solution. <\/strong><\/p>\n<p>Please drop your comments in case of any issues.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hi all, This post will bring out some of the solution proposal aspects and how to protect applications deployed in [&hellip;]<\/p>\n","protected":false},"author":115,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1876","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Protecting applications deployed in Tomcat webserver using Oracle Access Manager -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Protecting applications deployed in Tomcat webserver using Oracle Access Manager -\" \/>\n<meta property=\"og:description\" content=\"Hi all, This post will bring out some of the solution proposal aspects and how to protect applications deployed in [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/\" \/>\n<meta property=\"article:published_time\" content=\"2010-06-09T12:35:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2010-06-09T12:58:14+00:00\" \/>\n<meta name=\"author\" content=\"Masroof Ahmad\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Masroof Ahmad\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/\",\"url\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/\",\"name\":\"Protecting applications deployed in Tomcat webserver using Oracle Access Manager -\",\"isPartOf\":{\"@id\":\"https:\/\/onlineappsdba.com\/#website\"},\"datePublished\":\"2010-06-09T12:35:24+00:00\",\"dateModified\":\"2010-06-09T12:58:14+00:00\",\"author\":{\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\"},\"breadcrumb\":{\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/onlineappsdba.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Protecting applications deployed in Tomcat webserver using Oracle Access Manager\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/onlineappsdba.com\/#website\",\"url\":\"https:\/\/onlineappsdba.com\/\",\"name\":\"\",\"description\":\"Oracle Implementation &amp; Training Experts\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/onlineappsdba.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\",\"name\":\"Masroof Ahmad\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"caption\":\"Masroof Ahmad\"},\"url\":\"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Protecting applications deployed in Tomcat webserver using Oracle Access Manager -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/","og_locale":"en_US","og_type":"article","og_title":"Protecting applications deployed in Tomcat webserver using Oracle Access Manager -","og_description":"Hi all, This post will bring out some of the solution proposal aspects and how to protect applications deployed in [&hellip;]","og_url":"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/","article_published_time":"2010-06-09T12:35:24+00:00","article_modified_time":"2010-06-09T12:58:14+00:00","author":"Masroof Ahmad","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Masroof Ahmad","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/","url":"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/","name":"Protecting applications deployed in Tomcat webserver using Oracle Access Manager -","isPartOf":{"@id":"https:\/\/onlineappsdba.com\/#website"},"datePublished":"2010-06-09T12:35:24+00:00","dateModified":"2010-06-09T12:58:14+00:00","author":{"@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb"},"breadcrumb":{"@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/06\/09\/protect-applications-deployed-in-tomcat-webserver-using-oam\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/onlineappsdba.com\/"},{"@type":"ListItem","position":2,"name":"Protecting applications deployed in Tomcat webserver using Oracle Access Manager"}]},{"@type":"WebSite","@id":"https:\/\/onlineappsdba.com\/#website","url":"https:\/\/onlineappsdba.com\/","name":"","description":"Oracle Implementation &amp; Training Experts","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/onlineappsdba.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb","name":"Masroof Ahmad","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","caption":"Masroof Ahmad"},"url":"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/"}]}},"_links":{"self":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/1876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/users\/115"}],"replies":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/comments?post=1876"}],"version-history":[{"count":0,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/1876\/revisions"}],"wp:attachment":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/media?parent=1876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/categories?post=1876"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/tags?post=1876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}