Friday, November 19, 2010

Integration of WebLogic Deployed Application with SSO/OID

Prerequisites
- Oracle HTTP server (Apache version 2)
- Download the 10.1.3.1.0 SOA Companion CD for your operating system from edilvery.oracle.com
- Kick off the installer and select the HTTP_Server based in Apache 2.0 as installation option
- Weblogic Server 10.3 with the application deployed.
- SSO / OID is installed

Steps to Integrate WebLogic Deployed with SSO/OID
1. Download the mod_wl_20.so from http://download.oracle.com/otn/bea/weblogic/server103/server103_apacheplugins.zipto and copy the file from the relevant OS folder to $ORACLE_HOME/ohs/modules on Oracle HTTP server.
2. Edit the $ORACLE_HOME/ohs/conf/httpd.conf and add the following line under the last LoadModule directive.
LoadModule weblogic_module modules/mod_wl_20.so
4.In $ORACLE_HOME/ohs/conf/httpd.conf add the following directives to let know mod_weblogic you have an application available in your WebLogic Server:
< ifmodule mod_weblogic.c >
WebLogicHost hostname.domain
WebLogicPort port
< location /URI >
SetHandler weblogic-handler
< / Location >
< / IfModule >
5. Stop and start the HTTP_Server to pick up the changes.
6.Test the application, this time accessed through the HTTP_Server port using the URL http://< hostname >:< http_server port >/< web application >
7. Log into SSO and add the application as a Partner application as shown below in the screen
Home URL - http://:/URI
Successful URL - http://:/osso_login_success
Logout URL - http://:/osso_logout_success
8. Restart the SSO Service.
9. Manually create the OSSO file
Copy the following entries into a temporary file from the SSO Partner Application screen.
ID: -- Site ID
Token: -- Site Token
Encryption Key: -- Encryption key
Login URL: http://:/pls/orasso.wwsso_app_admin.ls_login
Single Sign-Off: http://:/pls/orasso.wwsso_app_admin.ls_logout
The data provided from the Edit Partner Application screen can be used to manually create a cleartext osso.conf.
10. The plain-text file must now be obfuscated to protect the encryption key information. This is accomplished by using the apobfuscate tool located in ORACLE_HOME/ohs/bin directory as following:
../../bin/apobfuscate osso/conf/cleartext osso.conf
11. Edit the standalone Oracle HTTP Server 2.0 mod_osso.conf to enable SSO Web resource protection. This file is located in the ORACLE_HOME/ohs/conf directory. Make sure the OssoConfigFile directive points to the obfuscated osso.conf file containing the Partner Application registration data.
Also, ensure that the #include "ORACLE_HOME/ohs/conf/mod_osso.conf" directive is uncommented in the httpd.conf file.
For example:
LoadModule osso_module modules/mod_osso.so

OssoConfigFile conf/osso/osso.conf
OssoIpCheck off
OssoIdleTimeout off

require valid_user
AuthType Basic


13. In the httpd.conf file, comment out the following lines:
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so

14. Restart the HTTP server.

Reference
How to Integrate OHS 2.0 with MOD_WEBLOGIC and MOD_OSSO [ID 796072.1]
http://download.oracle.com/docs/cd/B32110_01/web.1013/b28949/config.htm#BHCCGADH

6 comments:

Anonymous said...

We’ve a bit of difficulty to subscribe the rss, in any event I’ve book marked this great site, is quite useful plus filled with informations.

Anonymous said...

We’ve a bit of difficulty to subscribe the rss, in any event I’ve book marked this great site, is quite useful plus filled with informations.

Anonymous said...

Very nice indeed I’ll probably download it. Thanks

Anonymous said...

Wow! Thank you! I always wanted to write in my site something like that. Can I take part of your post to my blog?.

Nikhil.T said...

@Anonymous
Thanks Sure.

Anonymous said...

Good dispatch and this post helped me alot in my college assignement. Gratefulness you as your information.