Monday, June 18, 2012

Webcenter Portal Cluster


pack.sh -domain=$MW_HOME/user_projects/domains/vfm2m_wc -template=/tmp/m2m_domain.jar -template_name=”M2M Domain” -managed=true

unpack.sh -domain=/home/oracle/Oracle/Middleware/user_projects/domains/vfm2m_wc -template=/tmp/m2m_domain.jar

Wednesday, June 13, 2012

Password Policy in OID


In general, establishing a password policy requires the following steps:

1) Create a password policy entry in the appropriate container and associate it with the pwdpolicy object. (Default entries exists when you first install Oracle Internet Directory.)
2) Create the desired policy by setting values for attributes defined under the pwdpolicy object class for the entry created in step 1.
3) Enable the policy by setting the orclepwdpolicynable attribute to 1. If this is not set to 1, Oracle Internet Directory ignores the policy.
4) Determine the subtree to be governed by the policy. Add and populate a pwdpolicysubentry attribute with the policy's DN, at the root of that subtree.

http://docs.oracle.com/cd/E25178_01/oid.1111/e10029/pwdpolicies.htm

Configuring redirection in OHS from http to https

In order to redirect the http requests coming to OHS to https , we can make following changes in httpd.conf file::

NameVirtualHost *:80
<VirtualHost *:80>
 ServerName "host name of the server sending the request"
 SeverAdmin your@Address
 RewriteEngine on
 RewriteOptions inherit
 Redirect permanent / https://"host name of the server":443
</VirtualHost>


Wednesday, June 6, 2012

A failure occurred attempting to load LDIF for provider


Issue ::

<The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift.

Caused By: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift.
        at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
        at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
        at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
        at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
        at weblogic.security.service.CSSWLSDelegateImpl.getService(CSSWLSDelegateImpl.java:155)
        Truncated. see log file for complete stacktrace
Caused By: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift.

Solution::


connect to DB and run rdbms_security_store_oracle.sql

Tuesday, June 5, 2012

Populating OID Schema Attributes and Object Classes

Following are sample LDIFs that can be used to populate the schema attributes and the object classes::

1) To define custom attributes ::


dn: cn=subSchemaSubentry
changetype: modify
add:  attributetypes
attributetypes: ( 1.1.1.1.1.1.1000.0.0.1 NAME 'Attribute1' DESC 'This is Attrib1' EQUALITY 'caseIgnoreMatch' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15'  X-ORIGIN 'user defined' )
attributetypes: ( 1.1.1.1.1.1.1000.0.0.2 NAME 'Attribute2' DESC 'This is Attrib2' EQUALITY 'caseIgnoreMatch' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15'  X-ORIGIN 'user defined' )

2) Add the defined attributes to the catalog to make them searchable if required::


dn: cn=catalogs
changetype: modify
add: orclindexedattribute
orclindexedattribute: Attribute1

dn: cn=catalogs
changetype: modify
add: orclindexedattribute
orclindexedattribute: Attribute2

3) Adding Object Classes ::


dn: cn=subschemasubentry
changetype: modify
add: objectclasses
objectclasses: ( 1.1.1.1.1.1.1001.0.0.1 NAME 'class1' DESC 'This is Object class' SUP top  AUXILIARY MAY ( Attribute1 $ Attribute2 ) )
objectclasses: ( 1.1.1.1.1.1.1001.0.0.1 NAME 'class2' DESC 'This is another Object class' SUP top  AUXILIARY MAY ( Attribute1 $ Attribute2 ) )

4) Once all the ldif files are created, use the Ldapmodify command to execute the ldifs

ldapmodify -h OIDHostname -p 3060 -D cn=orcladmin -w passwod -f LdifFile.ldif




Configuring Logout URL for WebCenter Portal application

If the application is authenticates using OAM, then the logout for the application can be configured as follows::

1) Configure the destination for the logout link as follows

<af:goLink text="Log out" destination="adfAuthentication?logout=true&amp;end_url=/index.html"/>

2) Now goto MW_HOME/Oracle_WC1/common/bin and execute wlst.sh
3) Connect to admin server using connect('weblogic','password', 't3://host:adiminport')
4) Now run addOAMSSOProvider(loginuri="/${app.context}/adfAuthentication", logouturi="/oamsso/logout.html")
5) After successful run, restart the servers.