Monday, April 6, 2009

Form-Based Authentication Single Sign On for Oracle SOA suite 10.1.3.x ESB console, Netpoint/Oblix/CoreId/Oracle Access Manager

1. Configure ESB console with OAM

see my post CoreId/Oracle Access Manager Form-Based Authentication for J2EE application)

All the files that need to be changed are located in $ORACLE_HOME/j2ee/oc4j_soa/*

1.1 system-jazn-config.xml
Change the system-jazn-config.xml see Chapter 3.5 of my post CoreId/Oracle Access Manager Form-Based Authentication for J2EE application

The application name should be: esb

1.2 orion-application.xml
Change the orion-application.xml files in both directories: (applications and application-deployments) see Chapter 3.3 of my post CoreId/Oracle Access Manager Form-Based Authentication for J2EE application.

Replace this code: 

<jazn provider="XML" location="../../config/system-jazn-data.xml" default-realm="jazn.com" jaas-mode="doAsPrivileged" />


By this code:


<jazn provider="XML" default-realm="jazn.com" jaas-mode="doAsPrivileged">
   <jazn-web-app auth-method="COREIDSSO"/>
</jazn>


1.3 web.xml
Change the web.xml see Chapter 3.1 of my post CoreId/Oracle Access Manager Form-Based Authentication for J2EE application.

Location:
/appl/oracle/soa_10.1.3/j2ee/oc4j_soa/applications/esb-dt/esb_console/WEB-INF

In the web.xml the following code must be replaced:


    <login-config>
                <auth-method>FORM</auth-method>
                <form-login-config>
                        <form-login-page>/login.jsp</form-login-page>
                        <form-error-page>/login_error.jsp</form-error-page>
                </form-login-config>
  </login-config>


Replace by:


    <login-config>
        <realm-name>ascontrol</realm-name>
    </login-config>


1.4 opmn.xml
Change the opmn.xml see Chapter 2.1 of my post CoreId/Oracle Access Manager Form-Based Authentication for J2EE application.

1.5 Policy Domain
Configure a policy domain for /em see Chapter 3.4 of my post CoreId/Oracle Access Manager Form-Based Authentication for J2EE application.

The only difference is that /esb needs to be protected instead of: /callerInfo/callerInfoB
on Monday, April 06, 2009 Labels:

1 comment:

  1. digital certificateMarch 8, 2011 at 5:15 PM

    Hi the blog is really helpful.But i personally felt that switching through the chapters for every point is a bit hard when you don't have the references as links.Can you please link the chapter reference to there corresponding pages

    ReplyDelete

comment

Subscribe to: Post Comments (Atom)