Wednesday, 18 June 2014

Integration of WebLogic Deployed Application with SSO/OID



Prerequisites
- Oracle HTTP server (Apache version 2)
- Download the 10.1.3.1.0 SOA Companion CD for your operating system from edilvery.oracle.com
- Kick off the installer and select the HTTP_Server based in Apache 2.0 as installation option
- Weblogic Server 10.3 with the application deployed.
- SSO / OID is installed

Steps to Integrate WebLogic Deployed with SSO/OID
1. Download the mod_wl_20.so from http://download.oracle.com/otn/bea/weblogic/server103/server103_apacheplugins.zipto and copy the file from the relevant OS folder to $ORACLE_HOME/ohs/modules on Oracle HTTP server.
2. Edit the $ORACLE_HOME/ohs/conf/httpd.conf and add the following line under the last LoadModule directive.
LoadModule weblogic_module modules/mod_wl_20.so
4.In $ORACLE_HOME/ohs/conf/httpd.conf add the following directives to let know mod_weblogic you have an application available in your WebLogic Server:
< ifmodule mod_weblogic.c >
WebLogicHost hostname.domain
WebLogicPort port
< location /URI >
SetHandler weblogic-handler
< / Location >
< / IfModule >
5. Stop and start the HTTP_Server to pick up the changes.
6.Test the application, this time accessed through the HTTP_Server port using the URL http://< hostname >:< http_server port >/< web application >
7. Log into SSO and add the application as a Partner application as shown below in the screen
Home URL - http://:/URI
Successful URL - http://:/osso_login_success
Logout URL - http://:/osso_logout_success
8. Restart the SSO Service.
9. Manually create the OSSO file
Copy the following entries into a temporary file from the SSO Partner Application screen.
ID: -- Site ID
Token: -- Site Token
Encryption Key: -- Encryption key
Login URL: http://:/pls/orasso.wwsso_app_admin.ls_login
Single Sign-Off: http://:/pls/orasso.wwsso_app_admin.ls_logout
The data provided from the Edit Partner Application screen can be used to manually create a cleartext osso.conf.
10. The plain-text file must now be obfuscated to protect the encryption key information. This is accomplished by using the apobfuscate tool located in ORACLE_HOME/ohs/bin directory as following:
../../bin/apobfuscate osso/conf/cleartext osso.conf
11. Edit the standalone Oracle HTTP Server 2.0 mod_osso.conf to enable SSO Web resource protection. This file is located in the ORACLE_HOME/ohs/conf directory. Make sure the OssoConfigFile directive points to the obfuscated osso.conf file containing the Partner Application registration data.
Also, ensure that the #include "ORACLE_HOME/ohs/conf/mod_osso.conf" directive is uncommented in the httpd.conf file.
For example:
LoadModule osso_module modules/mod_osso.so

OssoConfigFile conf/osso/osso.conf
OssoIpCheck off
OssoIdleTimeout off

require valid_user
AuthType Basic


13. In the httpd.conf file, comment out the following lines:
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so

14. Restart the HTTP server.

Reference
How to Integrate OHS 2.0 with MOD_WEBLOGIC and MOD_OSSO [ID 796072.1]
http://download.oracle.com/docs/cd/B32110_01/web.1013/b28949/config.htm#BHCCGADH

No comments:

Post a Comment