5 Configuring the Web Tier

This chapter describes how to configure the Oracle Web Tier.

Follow these steps to configure the Oracle HTTP Server on Webhost1 and Webhost2.

This chapter includes the following topics:

5.1 Configuring the Oracle Web Tier

The steps for configuring the Oracle Web Tier are the same for WEBHOST1 and WEBHOST2.

This section contains the following topics:

5.1.1 Configuring the HTTP Server

Perform these steps to configure the Oracle web tier:

  1. Change the directory to the location of the Oracle Fusion Middleware Configuration Wizard:

    WEBHOST1> cd WEB_ORACLE_HOME/bin
    
  2. Start the Configuration Wizard:

    WEBHOST1> ./config.sh
    

Enter the following information into the configuration wizard:

  1. On the Welcome screen, click Next.

  2. On the Configure Component screen, select: Oracle HTTP Server.

    Ensure that Associate Selected Components with WebLogic Domain is NOT selected.

    Ensure Oracle Web Cache is NOT selected.

    Click Next.

  3. On the Specify Component Details screen, specify the following values:

    Enter the following values for WEBHOST1:

    • Instance Home Location: /u01/app/oracle/admin/ohs_inst1

    • Instance Name: ohs_inst1

    • OHS Component Name: ohs1

    Enter the following values for WEBHOST2:

    • Instance Home Location: /u01/app/oracle/admin/ohs_inst2

    • Instance Name: ohs_inst2

    • OHS Component Name: ohs2

    Click Next.

  4. On the Configure Ports screen, use a file to specify the ports to be used so that you can bypass automatic port configuration. You do this to have all of the ports used by the various components synchronized across hosts, which is advisable but not mandatory in High Availability implementations, Select a file name and then click View/Edit. Enter the following port numbers into the file:

    Port Value

    Listen Port for OHS Component

    7777

    OPMN Local Port

    6700


    You can find a sample staticports.ini file on installation Disk1 in the stage/Response directory.

    Click Save, then click Next.

  5. On the Specify Security Updates screen, specify these values:

    • Email Address: The email address for your My Oracle Support account.

    • Oracle Support Password: The password for your My Oracle Support account.

    Select: I wish to receive security updates via My Oracle Support.

    Click Next.

  6. On the Installation Summary screen, review the selections to ensure that they are correct. If they are not, click Back to modify selections on previous screens.

    Click Configure.

    On the Configuration screen, the wizard launches multiple configuration assistants. This process can be lengthy. When it completes, click Next.

    On the Installation Complete screen, click Finish to confirm your choice to exit.

5.1.2 Validating the Installation

After the installation is completed, check that you can access the Oracle HTTP Server home page using the following URLs:

http://webhost1.mycompany.com:7777/

http://webhost2.mycompany.com:7777/

5.2 Configuring Virtual Hosts

In order for Oracle Identity Management to work with the load balancer, you must create two virtual hosts.

To do so, create a file called virtual_hosts.conf in ORACLE_INSTANCE/config/OHS/component/moduleconf.

On WEBHOST1 and WEBHOST2, add the following entries to the file:

NameVirtualHost *:7777
<VirtualHost *:7777> 
   ServerName https://sso.mycompany.com:443
   RewriteEngine On
   RewriteOptions inherit
   UseCanonicalName On
</VirtualHost>

<VirtualHost *:7777>
   ServerName http://oiminternal.mycompany.com:80
   RewriteEngine On
   RewriteOptions inherit
   UseCanonicalName On
</VirtualHost>

5.3 Configuring Oracle HTTP Server to Run as Software Owner

By default, the Oracle HTTP server runs as the user nobody. In the Identity Management installation, the Oracle HTTP server should run as the Software owner and group.

To cause it to run as the appropriate user and group, edit the file httpd.conf, which is located in ORACLE_INSTANCE/config/OHS/component_name.

Find the section in httpd.conf where User is defined.

Change this section to read:

User User_who_installed_the_software
Group Group_under_which_the_HTTP_server_runs

Group is typically the default user group, for example: oinstall.

For example:

<IfModule !mpm_winnt_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# . On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group #-1 on these systems!
#
User oracle
Group oinstall
</IfModule>

Restart the Oracle HTTP Server, as described in Section 20.1, "Starting and Stopping Oracle Identity Management Components."

5.4 Validating the Installation

Once the installation is completed check that the it is possible to access the Oracle HTTP Server through the following URLs.

http://webhost1.mycompany.com:7777/

http://webhost2.mycompany.com:7777/

https://sso.mycompany.com/

http://oiminternal.mycompany.com

5.5 Backing up the Web Tier Configuration

It is an Oracle best practices recommendation to create a backup after successfully completing the installation and configuration of each tier, or at another logical point. Create a backup after verifying that the installation so far is successful. This is a quick backup for the express purpose of immediate restoration in case of problems in later steps. The backup destination is the local disk. You can discard this backup when the enterprise deployment setup is complete. After the enterprise deployment setup is complete, you can initiate the regular deployment-specific Backup and Recovery process. For more details, see the Oracle Fusion Middleware Administrator's Guide.

To back up the web tier installation, follow these steps,

  1. Shut down the instance as described in Section 20.1, "Starting and Stopping Oracle Identity Management Components."

  2. Back up the Middleware home on the web tier. On Linux, use the following command, as root:

    tar -cvpf BACKUP_LOCATION/web.tar MW_HOME
    
  3. Back up the Instance home on the web tier using the following command, as root:

    tar -cvpf BACKUP_LOCATION/web_instance.tar ORACLE_INSTANCE
    
  4. Start the instance as described in Section 20.1, "Starting and Stopping Oracle Identity Management Components."

Note:

Create backups on all machines in the web tier by following the steps shown.

For information about backing up the application tier configuration, see Section 20.4, "Performing Backups and Recoveries."