| Oracle® Student Learning Installation and Deployment Guide Release 3.1.3 Part Number E20664-04 |
|
|
PDF · Mobi · ePub |
| Oracle® Student Learning Installation and Deployment Guide Release 3.1.3 Part Number E20664-04 |
|
|
PDF · Mobi · ePub |
Oracle Access Manager 11g is the Oracle Fusion Middleware 11g single sign-on solution. Oracle Access Manager 11g is a Java-based enterprise-level security application that provides restricted access to confidential information and centralized authentication and authorization services. All existing access technologies in the Oracle Identity Management stack converge in Oracle Access Manager 11g.
A Web server, Application Server, or any third-party application must be protected by a WebGate or mod_osso instance that is registered with Oracle Access Manager as an agent to enforce policies. The agent acts as a filter for HTTP requests.
Oracle Access Manager 11g provides single sign-on (SSO), authentication, authorization, and other services to registered agents (in any combination) protecting resources. Agents include:
OAM 11g WebGates
OAM 10g WebGates
IDM Domain Agent
OSSO Agents (10g mod_osso)
Setting up OAM 11g is a two-step process. The setup includes installation of the necessary software components and configuration.
This chapter provides step-by-step instructions on how to configure OAM 11g as the single sign-on solution for OSL. Complete explanation of the OAM solution is available in "Part III, Single Sign-On, Policies, and Testing" in the Oracle® Fusion Middleware Security Guide 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/doc.1111/e15478/toc.htm">>http://download.oracle.com/docs/cd/E14571_01/doc.1111/e15478/toc.htm.
OSL is certified to work with the following software components:
Oracle Sun JDK 160
Oracle Database 11.2
Oracle Weblogic Server 10.3.5 and 10.3.3
Oracle Fusion Middleware Repository Creation Utility 11.1.1.3.5 and 11.1.1.3.2
Oracle Access Manager 11.1.1.5.0 and 11.1.1.3.0
Oracle HTTP Server (OHS) 11.1.1.5.0 and 11.1.1.3.0
OHS WebGate 11.1.1.5.0 and 11.1.1.3.0
You can obtain the Sun JDK 1.6.0 installation program from this URL: http://www.oracle.com/technetwork/java/javase/downloads/jdk-6u25-download-346242.html
To install the Oracle database, ensure that the prerequisites are met and the necessary operating system packages are installed.
To install the database:
Complete the instructions in "Chapter 2, Oracle Database Preinstallation Requirements" and "Chapter 4, Installing Oracle Database" of the Oracle® Database Installation Guide 11g Release 2 (11.2) for Linux.
The installation instructions are available at http://download.oracle.com/docs/cd/E11882_01/install.112/e16763/toc.htm.
Note:
Oracle recommends that you set the Database Character Set to Unicode AL32UTF8 when installing the database.When the installation is complete, verify that the Oracle instance is running.
Run the following commands:
export JAVA_HOME=<java home> For example, /opt/jdk1.6.0_25/
export ORACLE_HOME= <Oracle home> For example, /u01/app/oracle/product/11.2.0/dbhome_1
export PATH=$ORACLE_HOME/bin:$JAVA_HOME/bin:$PATH
to append Oracle home and Java home to the existing path.
Export ORACLE_SID =<SID used with Oracle installation>
Then issue this statement to determine whether the Oracle instance is running:
lsnrctl status
If the listener is not started, then start it by issuing this command: lsnrctl startall.
Note:
If you still cannot start the Oracle instance, ensure that the details provided in the tnsnames.ora and listener.ora files are correct. You can also run the network configuration assistant using the command
netca.Verify the database installation in the Oracle installation directory you chose during the installation, for example, /u01/app/oracle/product.
Complete the installation instructions at http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14142/toc.htm.
After installing WebLogic Server, a middleware home directory is created, for example, /opt/oracle/Middleware/.
To install RCU 11.1.1..5.0 or 11.1.1.3.2, complete the instructions at: http://download.oracle.com/docs/cd/E14571_01/install.1111/e12002/before002.htm#BABJDDEH.When you run RCU, create and load only the Identity Manager - Oracle Access Manager schema for the Oracle Access Manager you are installing. By default, the AS Common Schema - Audit Services schema is also selected.
Do not select any other schema available in RCU.
When you create a schema, remember the schema owner and password shown in RCU.
The installation of Oracle Access Manager 11.1.1.5.0 or 11.1.1.3.0 is quick if you have installed the software listed in Section 12.1.1, "Installing Oracle Sun JDK" to Section 12.1.4, "Creating Database Schema for OAM Using the Repository Creation Utility (RCU)".
Follow these steps to complete the installation:
Ensure that the prerequisites are installed.
Install OAM by following the instructions at: http://download.oracle.com/docs/cd/E14571_01/install.1111/e12002/toc.htm.
The OAM installation program verifies whether the necessary operating system libraries are installed. The following screen illustrates how the OAM installation program identifies the missing libraries required for the installation.
Install any missing libraries by running this command: rpm -ivh <file.rpm>.
Configure the domain.
For configuration information, see Section 17.5 OAM in a New WebLogic Domain of Oracle® Fusion Middleware Installation Guide for Oracle Identity Management 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/install.1111/e12002/oam005.htm#CACEDFFF
The domain folder will be:<OAM Middleware Home>/user_projects/domains/<your domain name>
Start the servers.
For information about starting the servers, see Section 17.9 Starting the Servers of Oracle® Fusion Middleware Installation Guide for Oracle Identity Management 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/install.1111/e12002/oam009.htm#CACHJHCG.
Verify the OAM installation.
For verification instructions, see Section 17.11 Verifying the OAM Installation of Oracle® Fusion Middleware Installation Guide for Oracle Identity Management 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/install.1111/e12002/oam011.htm.
Alternatively, verify the OAM home directory at /<Oracle middleware home directory>/Oracle_IDM1.
To set up OAM agents, you must install an HTTP Server for OAM.
Install OHS.
To install OHS 11.1.1.2.0 and then install OHS patch 11.1.1.3.0 or 11.1.1.5.0, see Chapter 2 Installing Oracle Web Tier of the Oracle® Fusion Middleware Installation Guide for Oracle Web Tier 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14260/install.htm#WTINS101.
Verify the OHS installation.
For verification instructions, see Section 2.5 Verifying the Installation of the Oracle® Fusion Middleware Installation Guide for Oracle Web Tier 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14260/install.htm#WTINS101.
OHS and Web cache must be running at corresponding ports. The OHS home directory is <Oracle middleware home directory>/Oracle_WT1.
Install and configure Oracle HTTP Server Webgate Oracle HTTP Server Webgate 11.1.1.3.0 or 11.1.1.5.0 after installing OHS. The GCC libraries are necessary to install Oracle Webgate, which is a C++ installation program.
Obtain the GCC libraries.
See Section 23.2.4 Installing Third-Party GCC Libraries (Linux and Solaris Operating Systems Only) of Oracle® Fusion Middleware Installation Guide for Oracle Identity Management 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/install.1111/e12002/webgate002.htm#CACBBGEC.
Install the Webgate.
See Section 23.3 Installing Oracle HTTP Server 11g Webgate for Oracle Access Manager of Oracle® Fusion Middleware Installation Guide for Oracle Identity Management 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/install.1111/e12002/webgate003.htm#CACJIABJ.
Complete the post-installation tasks.
See Section 23.4 Post-Installation Steps of Oracle® Fusion Middleware Installation Guide for Oracle Identity Management 11g Release 1 (11.1.1) at: http://download.oracle.com/docs/cd/E14571_01/install.1111/e12002/webgate003.htm#CACJIABJ.
Complete the following tasks to configure Oracle Access Manager (OAM) with Oracle Student Learning (OSL).
Manually edit the mod_wl_ohs.conf file located in the <Oracle middleware home directory>/Oracle_WT1/instances/instance1/config/OHS/ohs1/.
Note:
This is a template to configure the mod_weblogic file.This empty block is needed to save mod_wl related configuration from EM to this file when changes are made at the Base Virtual Host Level.
LoadModule weblogic_module "${ORACLE_HOME}/ohs/modules/mod_wl_ohs.so"
<IfModule weblogic_module>
# WebLogicHost <WEBLOGIC_HOST># WebLogicPort <WEBLOGIC_PORT># Debug ON# WLLogFile /tmp/weblogic.log# MatchExpression *.jsp</IfModule>
<Location /LTWeb> SetHandler weblogic-handler WebLogicHost yourserver.com WebLogicPort 7003 WLCookieName OSLLTSESSIONID</Location>
<Location /LTAdminWeb> SetHandler weblogic-handler WebLogicHost yourserver.com WebLogicPort 7003 WLCookieName OSLLTASESSIONID</Location># <Location /weblogic># SetHandler weblogic-handler# PathTrim /weblogic# ErrorPage http:/WEBLOGIC_HOME:WEBLOGIC_PORT/# </Location>
Create an AccessGate object for the Learning Tool and Learning Tool Admin's HTTP Server. Then associate the object with OAM's Access Server.
Create a WebGate:
Log in to OAM 11g.
Click the System Configuration tab.
Navigate to Agents > OAM Agents > 11g Webgates.
Click Actions.
Select Create.
In the page that opens, do the following:
Click Apply.
Open the agent by navigating to Agents > OAM Agents > 11g Webgates > <name of the agent>.
Provide the following details:
Ensure that you are using the correct port number.
Save the settings.
See also "Chapter 9, Registering Partners (Agents and Applications) by Using the Console" of the Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service 11g Release 1 (11.1.1) at http://download.oracle.com/docs/cd/E21764_01/doc.1111/e15478/agents.htm#BABDHBBC">>http://download.oracle.com/docs/cd/E21764_01/doc.1111/e15478/agents.htm#BABDHBBC.
Create an authentication policy called LTWebPolicy.
Go to Policy Configuration > Application Domains > [Webgate agent name] > Authentication Policies.
In Name, enter LTWebPolicy.
In Authentication Scheme, enter LDAPScheme.
In Success URL, enter:
http://<host name or IP address where OHS is installed>:<OHS port number>/LTWeb/welcomeservlet
Create an authentication policy called LTAdminWebPolicy.
Go to Policy Configuration > Application Domains > [Webgate agent name] > Authentication Policies.
In Name, enter LTAdminWebPolicy.
In Authentication Scheme, enter LDAPScheme.
In Success URL, enter:
http://<host name or IP address where OHS is installed>:<OHS port number>/LTAdminWeb/faces/AdminHome.jspx
Create resources.
Click Policy Configuration > Application Domains > [WebGate agent name] > Resources.
Click Create.
In the page that appears, provide the following details:
To add resources for OAM 11.1.1.3.0:
Navigate to Click Policy Configuration > Application Domains > [WebGate name] > Authentication Policies > Protected Resource Policy.
Add the resource URLS /LTWeb/welcomeservlet and /LTAdminWeb/faces/AdminHome.jspx in Resources.
Navigate to Click Policy Configuration > Application Domains > [WebGate name] > Authentication Policies > LTWebPolicy.
Add the resource URLs /LTWeb and /LTWeb/.../* in Resources.
Navigate to Click Policy Configuration > Application Domains > [WebGate name] > Authentication Policies > LTAdminWebPolicy.
Add the resource URLs /LTAdminWeb and /LTAdminWeb/.../* in Resources.
Navigate to Policy Configuration > Application Domains > [WebGate name] > Authorization Policies > Protected Resource Policy.
Add all the resources URLs you created earlier using the list under Resources.
To add resources for OAM 11.1.1.5.0:
From the Protection Level list, choose Protected.
For resources /LTWeb and /LTweb/.../*: from the Authentication Policy list, choose LTWebPolicy.
For resources /LTAdminWeb and /LTAdminWeb/.../*: from the Authentication Policy list, choose LTAdminWebPolicy.
For resources /LTWeb/welcomeservlet and /LTAdminWeb/faces/AdminHome.jspx: from the Authentication Policy list, choose Protected Resource Policy.
From the Authorization Policy list, choose Protected Resource Policy.
For this version of OAM, you do not have to complete step 3.
Add the data source to point to the OID (used for LT) for the OAM agent.
Click the System Configuration tab.
Navigate to Data Sources > UserIdentityStore.
Click Create.
Enter the following information:
Click Apply.
Open the data source you created.
Enter the following details:
cn=Users,dc=sg,dc=oracle,dc=comcn=Groups,dc=sg,dc=oracle,dc=comClick Apply.
Verify the connection.
Click the System Configuration tab.
Click Access Manager Settings > Authentication Modules > LDAP Authentication Module > LDAP.
Make sure that the User Identity Store for LDAP authentication module is the data store you created in step 6.
Click the System Configuration tab.
Select the Webgate agent you created.
The right hand side pane displays the details about the agent.
In the Logout URL field, enter the following information:
/LTWeb/faces/logout.jspx
/LTAdminWeb/faces/logout.jspx
Edit the oam-config.xml file in the /opt/oracle/Middleware/user_projects/domains/base_domain1/config/fmwconfig directory.
Search for the agent name.
Include the following information:
<Setting Name="logOutUrls" Type="htf:list"> <Setting Name="0" Type="xsd:string">/LTWeb/faces/logout.jspx</Setting> <Setting Name="1" Type="xsd:string">/LTAdminWeb/faces/logout.jspx</Setting></Setting>
This is to include uppercase for the logout urls. This cannot be done through the oam console UI.
To enable the ssoCookie:httponly challenge parameter:
By default, the ssoCookie:httponly challenge parameter is enabled in an authentication scheme. Enabling this parameter helps to prevent the JavaScript running in the browser from accessing the ObSSOCookie. This cookie provides a more secure environment. However, browser support for the ssoCookie:httponly challenge parameter is inconsistent. Such inconsistency can cause Java Applets to not run correctly. Therefore, to support the audio applet required in the Learning Tool, disable the ssoCookie:httponly challenge parameter. The following table describes how to disable this parameter for OAM versions 11.1.1.3.0 and 11.1.1.5.0:
Table 12-1 Disabling ssoCookie:httponly challenge parameter in OAM versions 11.1.1.3.0 and 11.1.1.5.0
| OAM 11.1.1.3.0 | OAM 11.1.1.5.0 |
|---|---|
|
1. Stop the OAM server. |
1. Log in to the OAM console. |
|
2. Edit the oam-config.xml file as follows:
|
2. Under Policy configuration in the left pane, select Shared Components > Authentication Schemes > Select LDAP Scheme. The LDAPScheme window opens in the right pane. |
|
3. Save the file. |
3. In the Challenge Parameter field, enter |
|
4. Start the OAM server. |
Configure providers in the WebLogic security domain where OSL is deployed to perform single sign-on with the Oracle Access Manager Identity Asserter. You must configure and order several authentication provider types.
Log in to the WebLogic Administration Console.
Add the OAM Identity Asserter:
Click Security Realms.
Click the default realm name, for example, myrealm.
Cick Providers.
Click Authentication > New.
Complete the following information:
Click Save.
For the remaining providers such as OID, Default Authenticator, and DefaultIdentityAsserter:
Click the Common tab.
Set the Control Flag to SUFFICIENT.
Click Save.
Reorder the providers:
| Provider | Property |
|---|---|
| OAMIdentityAsserter | (REQUIRED) |
| OID | (SUFFICIENT) |
| Default Authenticator | (SUFFICIENT) |
| DefaultIdentityAsserter | (SUFFICIENT) |
Click OK to save the changes.
In the Change Center, click Activate Changes.
Reboot Oracle WebLogic Server.
Perform these steps to copy the Webgate artifacts.
In the IDM tier, go to <WebLogic_idm_domain>/output/webgate_oslsrv, and then copy ObAccessClient.xml and cwallet.sso.
Go to the Apps tier, and then paste the files in /instances/instance1/config/OHS/ohs1/webgate/config.
Restart the Web tier instance.
The OAM Webgate home directory is <Oracle Middleware home directory>/<Oracle_OAMWebgate>.
This section describes how to configure the web.xml file for the OAM Identity Asserter.
Find the web.xml file located in these directories:
OSL installation directory / LearningTool / Configuration / LearningTool / DeploymentDescriptors for Learning Tool
OSL installation directory / LearningTool / Configuration / Admin / DeploymentDescriptors for Learning Tool Admin
Update the login-config section of the web.xml file with the following information:
<login-config><auth-method>CLIENT-CERT</auth-method><realm-name>myRealm</realm-name></login-config><!--login-config><auth-method>FORM</auth-method><form-login-config><form-login-page>/faces/loginView.jspx</form-login-page><form-error-page>/faces/loginErrorView.jspx</form-error-page></form-login-config></login-config-->
Run the OSL LT Configurator using Ant:
[~]#cd $DOMAIN_HOME/bin[bin]#source./setDomainEnv.sh[bin]#cd [OSL Home directory]/LearningTool/Scripts[Scripts]#ant repackageLT
The OSLLearningToolApp.ear located in [OSL Home directory]/LearningTool will be updated
Redeploy LT by running the deployment using Ant:
[~]#cd $DOMAIN_HOME/bin[bin]#source ./setDomainEnv.sh[bin]#cd [OSL Home directory]/LearningTool/Scripts[Scripts]#ant deployLT
If OSL is installed and configured, you can log in to LT using the SSO with this URL: http://<OHS host name>:<OHS port>/LTWeb.
Similarly, you can log into LTAdminWeb using the SSO with this URL
http://<OHS host name>:<OHS port>/LTAdminWeb
The WebLogic application session timeout value must be the same as the WebGate session timeout value.
To set the WebLogic session timeout, modify the web.xml as follow:
<session-config> <session-timeout>60</session-timeout> </session-config>
Note in web.xml the session time-out is set in minutes.
To set the WebGate session time-out, modify the Max Session Time (seconds) in OAM console for the webgate created.
If the value you set in the WebLogic session timeout is greater than the current values specified in the OAM Session Lifetime and Idle Timeout, you must change the values of Session Lifetime and Idle Timeout accordingly.
To edit the OAM common session settings:
Log in to Oracle Access Manager.
Click System Configuration.
From the Common Configuration panel, double-click Common Settings.
In the Session area:
In Session Lifetime, increase the current value.
In IdleTimeout (minutes), increase the current value.
Click Apply.
In case the Global SSO Logout is triggered by another application, the Learning Tool session will still be active. Therefore, the session data will not be cleaned up until the session times out.
To clean up the Learning Tool session data after the Global SSO Logout occurs from another application, you need to send an http request to the below Learning Tool URL:
http://<LT_WEB_HOST>:<LT_WEB_PORT>/LTWeb/logout.jsp
This URL will clear the Learning Tool session and then perform an http redirect to the URL.
Oracle Business Intelligence (OBIEE) 11g (11.1.1.5.0) is deployed on an Oracle WebLogic Server. For information on configuring OAM as the SSO solution for OBIEE, follow the steps in Section 12.2, "Configuring SSO for OSL Learning Tool."
When you install Web Tier Utilities 11.1.1.3.0, you can use Oracle HTTP Server (OHS) 11g as a Web server that acts as the front end to the Oracle WebLogic Server.
It is not necessary to perform this step if your OBIEE uses an existing HTTP server.
If the OBIEE.ear file is deployed on a WebLogic Server, follow the steps in Section 12.2.1, "Step 1: Configuring mod_wl_ohs.conf file" to configure mod_wl_ohs.
LoadModule weblogic_module "${ORACLE_HOME}/ohs/modules/mod_wl_ohs.so"
<IfModule weblogic_module>
<Location /analytics>
SetHandler weblogic-handler
WebLogicHost <obiee-host-name>
WebLogicPort <obiee-port>
</Location>
</IfModule>
Perform similar steps as Section 12.2.2, "Step 2: Creating an AccessGate Object on OAM Access Server" to create the AccessGate object for the HTTP server of OBIEE.
Note:
You can use the same agent you created in Section 12.2.2.To add protected resources:
Click Policy Configuration > Application Domains > [WebGate name] > Resources > Create.
Added resources:
- /analytics- /analytics/…/*
Add the new resource to the following:
Authentication Policies > Protected Resource Policy
Authorization Policies > Protected Resource Policy
Perform similar steps as Section 12.1.7, "Installing and Configuring Oracle HTTP Server Webgate 11g" to install the WebGate plug-in for OBIEE's HTTP Server. Ignore this step if OBIEE uses an existing HTTP Server with WebGate plug-in.
Perform similar steps as in Section 12.3.7, "Configuring BI Presentation Services to Operate in the SSO Environment".
Perform similar steps as Section 12.3.8, "Setting up Providers for OAM SSO in a Weblogic domain".
To enable SSO:
Log in to OBIEE at
Click Farm_<OBIEEDomain>_domain > Business Intelligence > Coreapplication.
Click the Security tab.
Select Enable SSO.
Select SSO Provider: Oracle Access Manager.
Click Apply and Activate Changes.
Perform similar steps as Section 12.2.3, "Step 3: Setting up Providers for OAM SSO in the WebLogic Domain" to set up the providers for OAM SSO in a Weblogic domain to which OBIEE is deployed.
Oracle Universal Content Management (Oracle UCM) 11g Release 1 (11.1.1) is deployed on an Oracle WebLogic Server. The steps to configure OAM as the SSO solution for UCM is therefore similar to the steps described in section Section 10.2, "Configuring SSO for Learning Tool."
For more detailed explanation of configuring SSO for UCM 11g, you can read Chapter 4.2.3 "Configuring Oracle UCM to Use Single Sign-On" in the Oracle® Fusion Middleware System Administrator's Guide for Content Server 11g Release 1 (11.1.1) at
http://download.oracle.com/docs/cd/E14571_01/doc.1111/e10792/c03_security002.htm#insertedID3
When you install Web Tier Utilities 11.1.1.3.0, you can use Oracle HTTP Server (OHS) 11g as a Web server that acts as the front end to the Oracle WebLogic Server.
It is not necessary to perform this step if your UCM uses an existing HTTP server.
Perform similar steps as Section 12.3.2, "Configure mod_wl_ohs" to configure mod_wl_ohs.
LoadModule weblogic_module "${ORACLE_HOME}/ohs/modules/mod_wl_ohs.so"
<IfModule weblogic_module>
<Location /cs>
SetHandler weblogic-handler
WebLogicHost <ucm-hostname>
WebLogicPort <ucm-server-port>
</Location>
</IfModule>
Perform similar steps as Section 12.3.3, "Creating an AccessGate Object on OAM Access Server" to create the AccessGate object for the HTTP server for UCM.
Note:
You can use the same agent you created in Section 12.2.2.To add protected resources:
Click Policy Configuration > Application Domains > [WebGate name] > Resources > Create.
Added resources:
- /cs- /cs/…/*- /ContentAccessWeb- / ContentAccessWeb/…/*
Add the new resource to the following:
Authentication Policies > Protected Resource Policy
Authorization Policies > Protected Resource Policy
Perform similar steps as Section 12.2.7, "Step 7: Calling Learning Tool Logout from other Applications" to register the ECM logout link as a Global SSO Logout.
/cs/logout.htm
Perform similar steps as Section 12.3.4, "Installing the WebGate Plug-in for the HTTP Server" to install the WebGate plug-in for UCM's HTTP Server. You can skip this step if UCM uses an existing HTTP Server with WebGate plug-in.
Perform similar steps as Section 12.2.3, "Step 3: Setting up Providers for OAM SSO in the WebLogic Domain" to set up the providers for OAM SSO in a WebLogic domain that UCM is deployed to.
The following configuration is required for OSL to operate in an SSO environment:
Update the OSL_PROFILE_OPTION_VALUES:
Set the values for OSL_SHOW_LOGOUT_LINK in OSL_PROFILE_OPTION_VALUES table as follows:
Update the logout URL for LearningTool and LearningToolAdmin in osl_configuration.properties file located in:
[OSL Home directory]/LearningTool/Configuration/LearningTool/DeploymentDescriptors.
Set OSL_ADMIN_LOGOUT_URL as follows:
http://<LT_WEB_HOST>:<LT_WEB_PORT>/LTAdminWeb/faces/logout.jspxwhere:
<LT_WEB_HOST> and <LT_WEB_PORT> are the host name and port of the Web server configured as a front end to provide access to the Learning Tool Admin application
Set OSL_LOGOUT_URL as follows:
http://<LT_WEB_HOST>:<LT_WEB_PORT>/LTWeb/faces/logout.jsp
where:
<LT_WEB_HOST> and <LT_WEB_PORT> are the host name and port of the web server configured as a front end to provide access to the Learning Tool application
For information about the OSL configuration file where you must make these changes, see Section 9.1.7, "Updating Logout URL for Learning Tool and Learning Tool Admin".
By default, the Cache Pragma Header and Cache Control Header parameters are set to no-cache. This setting prevents Webgate from caching data at the Web server application and a user's browser. To improve the performance of Webgate, you should set Cache Pragma Header and Cache Control Header values to public.
Log in to Oracle Access Manager.
Click System Configuration.
From Access Manager Settings, click SSO Agents > OAM Agents.
In the Search panel, click Search.
From the Search Results panel, select the Webgate agent you created.
In Cache Pragma Header, enter public.
In Cache Control Header, enter public.
Click Apply.
|
 Copyright © 2009, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|