Monday, December 15, 2014

Setup OAM 11G Webgate for OHS in "OPEN" mode


OAM WebGate support three mode of communications with WebGate. Open, Simple and Cert mode. I will create post for all three mode setup.

As the name suggest "OPEN" mode provides no communication security. The traffic flow is in text format. It should be used only if the WebGate servers resides internally and the risk of spoofing is minimal/acceptable.

I assume that you already have an OHS running in your environment. If webgate is not already installed, install the webgate as below:

1. Install the WebGate

Unzip the binary file, I have it in V33639.zip. You may have it with another name.

./runinstaller -jreloc <java install location>/jrockit-jdk1.6.0_37-R28.2.5-4.1.0

 If you have java from another vendor, provide the install location and directory above

 The installation is simple, you could take all the default except for:

     Oracle Middleware Home: <provide middleware directory here>
    Oracle Home Directory:    <webgate1>

 Oracle home directory will be created under Middleware.

 2. After completing WebGate installation, goto 

 <MiddleWare>/webgate1/webgate/ohs/tools/deployWebGate


3. Run the following command

 ./deployWebGateInstance.sh –w <webgate instance directory> -oh <HTTP Server Home>

An example is:
./deployWebGateInstance.sh -w <OHS instance dir>/instance1/config/OHS/ohs1 -oh <MW Dir>/webgate1


3. Set the library path

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:<Middleware>/<OHS (not instance) Install directory>/lib

Example:
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/oracle/product/mw/web/lib

4. Edit httpd.conf

cd <MW>/webgate1/webgate/ohs/tools/setup/InstallTools

./EditHttpConf -w <OHS instance dir>/instance1/config/OHS/ohs1 -oh <mw>/webgate1 
The web server configuration file was successfully updated

../instance1/config/OHS/ohs1/httpd.conf has been backed up as ../instance1/config/OHS/ohs1/httpd.conf.ORIG

5. Create the artifacts for new WebGate.

Login to OAM console as admin

goto
System Configuration --> Access Manager --> OAM Agents, click on "Create 11g WebGate"

Name: new_wg
Security: open

Take default for other fields

The artifacts are generated and stored on OAM server at the location;

<OAMDomain>/output/new_wg


5. Copy the artifacts to the OHS server.

Use scp or sftp to transfer the artifacts from the above directory on OAM server to the OHS server

For OPEN mode, the artifacts consist of two files

cwallet.sso
ObAccessClient.xml

Copy these files to the OHS server under following directory

<OHS instance>/config/OHS/ohs3/webgate/config

Restart the web server.

--Have fun







Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)