Tuesday, April 29, 2014

OAM 11g R2 PS2 (11.1.2.2.0) : Web Gate 11.1.2.2.0 Installation and Configuration, Protecting Web Application

This post covers the installation and configuration of Oracle Access Manager Web Gate 11.1.2.2.0 to protect Oracle Web Tier Utilities Oracle HTTP Server (OHS) Default Web Application.

Please follow the instructions to install Oracle Web Tier Utilities 11.1.1.7.0  which includes the installation of OHS and Web Cache

Process Overview

  1. Install WebGate
  2. Configure Webgate
  3. Create OAM artifacts to protect  OHS

1. Install WebGate

Extract ofm_webgates_generic_11.1.2.2.0_disk1_1of1.zip and run the installer
setup.exe -jreLoc <JAVA_HOME_LOCATION>









2. Configure Webgate

 
Deploy WebGate



Microsoft Windows [Version 6.2.9200]
(c) 2012 Microsoft Corporation. All rights reserved.

C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\deployWebGate>set LD_LIBRARY_PATH=c:\Oracle\Middleware\Oracle_WT1\LIB;c:\Oracle\Middleware\O
racle_OAMWebGate1\webgate\ohs\lib

C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\deployWebGate>deployWebGateInstance.bat -w c:\Oracle\Middleware\Oracle_WT1\instances\instanc
e1\config\OHS\ohs1 -oh c:\Oracle\Middleware\Oracle_OAMWebGate1

Copying files
C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\config\oblog_config_wg.xml
1 File(s) copied
C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\openssl\simpleCA\cacert.pem
1 File(s) copied
C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\openssl\simpleCA\cakey.pem
1 File(s) copied
C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\deployWebGate>cd c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools>EditHttpConf -w c:\Oracle\Middleware\Oracle_WT1\instances\instance1\config\OHS\ohs1 -oh c:\O
racle\Middleware\Oracle_OAMWebGate1
'EditHttpConf' is not recognized as an internal or external command,
operable program or batch file.

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools>cd EditHttpConf

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\EditHttpConf>EditHttpConf -w c:\Oracle\Middleware\Oracle_WT1\instances\instance1\config\OHS\
ohs1 -oh c:\Oracle\Middleware\Oracle_OAMWebGate1
The web server configuration file was successfully updated
c:\Oracle\Middleware\Oracle_WT1\instances\instance1\config\OHS\ohs1/httpd.conf has been backed up as c:\Oracle\Middleware\Oracle_WT1\instances\instanc
e1\config\OHS\ohs1/httpd.conf.ORIG

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\EditHttpConf>copy c:\Oracle\Middleware\user_projects\domains\base_domain\output\webgate11g_1
\* c:\Oracle\Middleware\Oracle_WT1\instances\instance1\config\OHS\ohs1\webgate\config
c:\Oracle\Middleware\user_projects\domains\base_domain\output\webgate11g_1\cwallet.sso
c:\Oracle\Middleware\user_projects\domains\base_domain\output\webgate11g_1\ObAccessClient.xml
        2 file(s) copied.

c:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\tools\EditHttpConf>

 

































3. Create OAM Artifacts to Protect OHS Default Web Application


Create User Data Store

 


Create Authentication Module of type LDAP


Create Authentication Scheme


Use the above in Application Domains->webgate11g_1->Authentication Policies->Protected Resource Policies->Authentication Schemes->Deepak_LDAPScheme


Test 

Access 
http://OHSHost:OHSPort/














Posted by at
Labels: ,

Monday, April 28, 2014

OIM 11g : Service Provisioning Markup Language (SPML) Sample Code

package com.dubey.deepak.oim.spml.provisioning;

/**
 * Please modify this class to meet your needs
 *
 */

import java.io.File;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.List;
import java.util.Map;

import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
import javax.xml.bind.annotation.XmlSeeAlso;

import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.interceptor.LoggingInInterceptor;
import org.apache.cxf.interceptor.LoggingOutInterceptor;

import oracle.iam.wsschema.model.common.pso.Identity;
import oracle.iam.wsschema.model.common.pso.LocalizedMultiValuedString;
import oracle.iam.wsschema.model.common.pso.LocalizedStrings;
import oracle.iam.wsschema.model.common.pso.MultiValuedString;
import oracle.iam.wsschema.model.spmlv2.core.AddRequestType;
import oracle.iam.wsschema.model.spmlv2.core.ServiceHeaderType;
import oracle.iam.wsschema.model.spmlv2custom.username.ValidateUsernameRequestType;
import oracle.iam.wsschema.model.spmlv2custom.username.ValidateUsernameResponseType;

/**
 * This class was generated by Apache CXF 2.6.1 2012-08-06T16:55:38.561+05:30
 * Generated source version: 2.6.1
 *
 */
public final class SPMLRequestPortType_SPMLServiceProviderSoap_Client {

    private static final QName SERVICE_NAME = new QName(
            "http://xmlns.oracle.com/idm/identity/webservice/SPMLService",
            "SPMLService");

    private SPMLRequestPortType_SPMLServiceProviderSoap_Client() {
    }

    public static void main(String args[]) throws java.lang.Exception {
        // URL wsdlURL = SPMLService.WSDL_LOCATION;

        // if (args.length > 0 && args[0] != null && !"".equals(args[0])) {
        // File wsdlFile = new File(args[0]);
        // try {
        // if (wsdlFile.exists()) {
        // wsdlURL = wsdlFile.toURI().toURL();
        // } else {
        // wsdlURL = new URL(args[0]);
        // }
        // } catch (MalformedURLException e) {
        // e.printStackTrace();
        // }
        // }

        // SPMLService ss = new SPMLService(wsdlURL, SERVICE_NAME);
        URL wsdlURL = new URL(
                "http://192.168.1.254:14000/spml-xsd/SPMLService?WSDL");
        SPMLService ss = new SPMLService(wsdlURL);
        SPMLRequestPortType port = ss.getSPMLServiceProviderSoap();

        Map ctx = ((BindingProvider) port).getRequestContext();
        ctx.put("ws-security.username", "xelsysadm");
        ctx.put("ws-security.password", "Abcd1234");

        // adding logging
        Client client = ClientProxy.getClient(port);
        client.getInInterceptors().add(new LoggingInInterceptor());
        client.getOutInterceptors().add(new LoggingOutInterceptor());

        ServiceHeaderType serviceHeader = new ServiceHeaderType();

        ValidateUsernameRequestType validateUser = new ValidateUsernameRequestType();
        validateUser.setUsername("DDUBEY");
        ValidateUsernameResponseType retValUser = port
                .spmlValidateUsernameRequest(validateUser);
        System.out.println("spml validate user =" + retValUser.isValid());

        System.out.println("Invoking spmlAddRequest...");
        oracle.iam.wsschema.model.spmlv2.core.AddRequestType _spmlAddRequest_body = new AddRequestType();
      
      
        java.util.List modCapData = new java.util.ArrayList();

          oracle.iam.wsschema.model.spmlv2.core.CapabilityDataType modCap = new oracle.iam.wsschema.model.spmlv2.core.CapabilityDataType();
          java.util.List modCapAny = new java.util.ArrayList();
          modCap.getAny().addAll(modCapAny);
          modCap.setMustUnderstand(Boolean.TRUE);
          modCap.setCapabilityURI("urn:oasis:names:tc:SPML:2:0:reference");
          modCapData.add(modCap);
        
          _spmlAddRequest_body.getCapabilityData().addAll(modCapData);
          _spmlAddRequest_body.setRequestID("RequestID-763892610");
        
          oracle.iam.wsschema.model.spmlv2.core.ExecutionModeType async = oracle.iam.wsschema.model.spmlv2.core.ExecutionModeType.ASYNCHRONOUS;
          _spmlAddRequest_body.setExecutionMode(async);
          _spmlAddRequest_body.setLocale("en");

        Identity identity = new Identity();

        LocalizedMultiValuedString value = new LocalizedMultiValuedString();
        LocalizedStrings lastName = new LocalizedStrings();
        lastName.getValue().add("Dubey");
        value.getValues().add(lastName);
        identity.setSurname(value);

        MultiValuedString userId = new MultiValuedString();
        userId.getValue().add("DDUBEY");
        identity.setUsername(userId);

        LocalizedMultiValuedString etype = new LocalizedMultiValuedString();
        LocalizedStrings estr = new LocalizedStrings();
        estr.getValue().add("Temp");
        etype.getValues().add(estr);
        identity.setEmployeeType(etype);

        MultiValuedString gname = new MultiValuedString();
        gname.getValue().add("Deepak");
        identity.setGivenName(gname);

        MultiValuedString mail = new MultiValuedString();
        mail.getValue().add("deepak.dubey@mydomain.com");
        identity.setMail(mail);

        LocalizedMultiValuedString org = new LocalizedMultiValuedString();
        LocalizedStrings orgstr = new LocalizedStrings();
        orgstr.getValue().add("1");
        org.getValues().add(orgstr);
        identity.setOrganization(org);

      
        oracle.iam.wsschema.model.common.pso.ProvisioningObjectType modsData = new oracle.iam.wsschema.model.common.pso.ProvisioningObjectType();
      
        modsData.setIdentity(identity);
      
        _spmlAddRequest_body.setData(modsData);

        oracle.iam.wsschema.model.spmlv2.core.AddResponseType _spmlAddRequest__return = port
                .spmlAddRequest(_spmlAddRequest_body);
        System.out.println("spmlAddRequest.result=" + _spmlAddRequest__return);

         {
         System.out.println("Invoking spmlValidatePasswordRequest...");
         oracle.iam.wsschema.model.spmlv2.password.ValidatePasswordRequestType
         _spmlValidatePasswordRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.password.ValidatePasswordResponseType
         _spmlValidatePasswordRequest__return =
         port.spmlValidatePasswordRequest(_spmlValidatePasswordRequest_body);
         System.out.println("spmlValidatePasswordRequest.result=" +
         _spmlValidatePasswordRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlSuggestUsernameRequest...");
         oracle.iam.wsschema.model.spmlv2custom.username.SuggestUsernameRequestType
         _spmlSuggestUsernameRequest_body = null;
         oracle.iam.wsschema.model.spmlv2custom.username.SuggestUsernameResponseType
         _spmlSuggestUsernameRequest__return =
         port.spmlSuggestUsernameRequest(_spmlSuggestUsernameRequest_body);
         System.out.println("spmlSuggestUsernameRequest.result=" +
         _spmlSuggestUsernameRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlResumeRequest...");
         oracle.iam.wsschema.model.spmlv2.suspend.ResumeRequestType
         _spmlResumeRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.ResponseType
         _spmlResumeRequest__return =
         port.spmlResumeRequest(_spmlResumeRequest_body);
         System.out.println("spmlResumeRequest.result=" +
         _spmlResumeRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlLookupRequest...");
         oracle.iam.wsschema.model.spmlv2.core.LookupRequestType
         _spmlLookupRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.LookupResponseType
         _spmlLookupRequest__return =
         port.spmlLookupRequest(_spmlLookupRequest_body);
         System.out.println("spmlLookupRequest.result=" +
         _spmlLookupRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlAddRequest...");
         oracle.iam.wsschema.model.spmlv2.core.AddRequestType
         _spmlAddRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.AddResponseType
         _spmlAddRequest__return = port.spmlAddRequest(_spmlAddRequest_body);
         System.out.println("spmlAddRequest.result=" +
         _spmlAddRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlResetPasswordRequest...");
         oracle.iam.wsschema.model.spmlv2.password.ResetPasswordRequestType
         _spmlResetPasswordRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.password.ResetPasswordResponseType
         _spmlResetPasswordRequest__return =
         port.spmlResetPasswordRequest(_spmlResetPasswordRequest_body);
         System.out.println("spmlResetPasswordRequest.result=" +
         _spmlResetPasswordRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlStatusRequest...");
         oracle.iam.wsschema.model.spmlv2.async.StatusRequestType
         _spmlStatusRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.async.StatusResponseType
         _spmlStatusRequest__return =
         port.spmlStatusRequest(_spmlStatusRequest_body);
         System.out.println("spmlStatusRequest.result=" +
         _spmlStatusRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlExpirePasswordRequest...");
         oracle.iam.wsschema.model.spmlv2.password.ExpirePasswordRequestType
         _spmlExpirePasswordRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.ResponseType
         _spmlExpirePasswordRequest__return =
         port.spmlExpirePasswordRequest(_spmlExpirePasswordRequest_body);
         System.out.println("spmlExpirePasswordRequest.result=" +
         _spmlExpirePasswordRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlModifyRequest...");
         oracle.iam.wsschema.model.spmlv2.core.ModifyRequestType
         _spmlModifyRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.ModifyResponseType
         _spmlModifyRequest__return =
         port.spmlModifyRequest(_spmlModifyRequest_body);
         System.out.println("spmlModifyRequest.result=" +
         _spmlModifyRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlLookupUsernamePolicyRequest...");
         oracle.iam.wsschema.model.spmlv2custom.username.LookupUsernamePolicyRequestType
         _spmlLookupUsernamePolicyRequest_body = null;
         oracle.iam.wsschema.model.spmlv2custom.username.LookupUsernamePolicyResponseType
         _spmlLookupUsernamePolicyRequest__return =
         port.spmlLookupUsernamePolicyRequest(_spmlLookupUsernamePolicyRequest_body);
         System.out.println("spmlLookupUsernamePolicyRequest.result=" +
         _spmlLookupUsernamePolicyRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlListTargetsRequest...");
         oracle.iam.wsschema.model.spmlv2.core.ListTargetsRequestType
         _spmlListTargetsRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.ListTargetsResponseType
         _spmlListTargetsRequest__return =
         port.spmlListTargetsRequest(_spmlListTargetsRequest_body);
         System.out.println("spmlListTargetsRequest.result=" +
         _spmlListTargetsRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlCancelRequest...");
         oracle.iam.wsschema.model.spmlv2.async.CancelRequestType
         _spmlCancelRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.async.CancelResponseType
         _spmlCancelRequest__return =
         port.spmlCancelRequest(_spmlCancelRequest_body);
         System.out.println("spmlCancelRequest.result=" +
         _spmlCancelRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlValidateUsernameRequest...");
         oracle.iam.wsschema.model.spmlv2custom.username.ValidateUsernameRequestType
         _spmlValidateUsernameRequest_body = null;
         oracle.iam.wsschema.model.spmlv2custom.username.ValidateUsernameResponseType
         _spmlValidateUsernameRequest__return =
         port.spmlValidateUsernameRequest(_spmlValidateUsernameRequest_body);
         System.out.println("spmlValidateUsernameRequest.result=" +
         _spmlValidateUsernameRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlDeleteRequest...");
         oracle.iam.wsschema.model.spmlv2.core.DeleteRequestType
         _spmlDeleteRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.ResponseType
         _spmlDeleteRequest__return =
         port.spmlDeleteRequest(_spmlDeleteRequest_body);
         System.out.println("spmlDeleteRequest.result=" +
         _spmlDeleteRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlSuspendRequest...");
         oracle.iam.wsschema.model.spmlv2.suspend.SuspendRequestType
         _spmlSuspendRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.ResponseType
         _spmlSuspendRequest__return =
         port.spmlSuspendRequest(_spmlSuspendRequest_body);
         System.out.println("spmlSuspendRequest.result=" +
         _spmlSuspendRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlActiveRequest...");
         oracle.iam.wsschema.model.spmlv2.suspend.ActiveRequestType
         _spmlActiveRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.suspend.ActiveResponseType
         _spmlActiveRequest__return =
         port.spmlActiveRequest(_spmlActiveRequest_body);
         System.out.println("spmlActiveRequest.result=" +
         _spmlActiveRequest__return);
       
       
         }
         {
         System.out.println("Invoking spmlSetPasswordRequest...");
         oracle.iam.wsschema.model.spmlv2.password.SetPasswordRequestType
         _spmlSetPasswordRequest_body = null;
         oracle.iam.wsschema.model.spmlv2.core.ResponseType
         _spmlSetPasswordRequest__return =
         port.spmlSetPasswordRequest(_spmlSetPasswordRequest_body);
         System.out.println("spmlSetPasswordRequest.result=" +
         _spmlSetPasswordRequest__return);
       
       
         }

        System.exit(0);
    }

}
Posted by at
Labels:

Sunday, April 27, 2014

Virtual Box Network Settings IP Assignment

Network

  1. Use host adapter (Using host adapter does not allow you to connect to the internet)
  2. You can communicate to other VMs in the same host
  3. and you can communicate to host from the guest
  4. Check for IP address by running ifconfig command in the terminal window
  5. Set Up NAT to access the internet - Accessing the internet is essesntion while performing the Social lab

Access guest from host

  1. The host adapter interface is set up with IP address 192.168.56.101
  2. This IP address is mapped to the host name oam.example.com
  3. To access all apps in the guest image from your laptop/desktop modify your hosts file (Linux /etc/hosts and Windows c:\windiows\system32\drivers\etc\hosts) with the value 192.168.56.101 oam.example.com
  4. Please note you should be having root/administrator privileges to carry out the above 








Posted by at

Oracle Identity Management - Oracle Identity Federation (OIF), Oracle Virtual Directory (OVD), Oracle Internet Directory (OID) 11g Release 1 (11.1.1.7.0) Installation and Configuration

This post cover the installation and configuration of Oracle Identity Management 11g Release 1 (11.1.1.7.0) which includes the following products

  • Oracle Internet Directory: Add, find, and manage information about users, groups, and other objects.
  • Oracle Directory Integration Platform: Share data in Oracle Internet Directory with other directory servers and applications.
  • Oracle Virtual Directory: Enable applications to make use of data from different vendors' enterprise data sources, including directory servers and databases, as if only one type was in use.
  • Oracle Identity Federation: Access protected services provided by your partners while retaining full control over your users' identities. Enable your authenticated users of partner sites to access your protected services.

Please note that this installation is different from Oracle Identity and Access Management 11g R2 PS2 (11.1.2.2.0) which included.

Please read my other post on the installation and configuration of Oracle Identity and Access Management 11g R2 PS2 (11.1.2.2.0)

  • Oracle Identity Manager 
  • Oracle Access Management 
  • Oracle Adaptive Access Manager
  • Oracle Privileged Account Manager  
  • Oracle Identity Navigator 
  • Oracle Entitlements Server

Follow the screen captures as below to proceed with the installation and configuration


Run RCU 11.1.1.7.0































                                                                                                                                                                                                                           


Install and Configure Oracle Identity Management 11.1.1.7.0




























                                                                                                                            

                                                                                     

 

Verification of all the components - OID, OVD, OIF










Posted by at
Labels: , ,
Subscribe to: Posts (Atom)