Skip Headers
Oracle® Student Learning Installation and Deployment Guide
Release 3.1.3

Part Number E20664-04
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

5 Configuring Oracle Internet Directory

Oracle Internet Directory (OID) is the default LDAP mechanism used by OSL Learning Tool (OSL LT) components for authentication and authorization.

OID is an LDAP Version 3 certified directory. Users are granted access and privileges within OSL based on the groups they are assigned in OID.

5.1 Creating Groups in OID

There are two possible deployment scenarios.

5.1.1 Scenario 1: Using Existing Groups for OSL

This scenario applies when the deployment uses an OID instance with existing users assigned to predefined groups. In this scenario, creating new groups is not required. However, customization is required to map existing groups to OSL application-specific roles. For more information about mapping OID groups, see Section 9.1.4, "Updating Security Role Mappings".

5.1.2 Scenario 2: Creating New Groups for OSL

This scenario applies when the deployment uses an OID instance where users must be assigned to new groups. The following groups should be created:

  • DeptAdminGroup

  • DeptCurrAdminGroup

  • SchAdminGroup

  • SchCurrAdminGroup

  • TeacherGroup

  • StudentGroup

  • ParentGroup

  • DataLoadingGroup

  • ContentIntegrationGroup

5.2 Understanding Pre-seeded Users and Institution in OSL Database

One institution and three users are pre-seeded into the OSL database during installation. These are described below:

For related information about configuring the two pre-seeded users in OID, see Section 5.4, "Assigning Content Integration User".

For related information about updating the name of Department, see Section 5.6, "Updating the Name of Department".

5.3 Assigning Data Loading User

The user named DataLoading is created as part of database initialization during OSL installation. See Step 15 of the installation process in Chapter 2, "Installation Tasks". Access to the OSL LT DataLoading service is granted to an OID user belonging to the DataLoadingGroup (or the equivalent, mapped OID Group, as described in Scenario 1 of Section 5.1, "Creating Groups in OID"). This user has the DataLoading role in OSL.

Create a user named DataLoading as a member of the DataLoadingGroup of OID. See Section 5.1, "Creating Groups in OID" for detailed information.

Alternatively, create and assign a DataLoading user to the DataLoadingGroup in the WebLogic embedded LDAP server. Detailed instructions for creating users and groups in the embedded LDAP server are available at: http://download.oracle.com/docs/cd/E14571_01/apirefs.1111/e13952/taskhelp/security/ManageUsersAndGroups.html

If an LDAP server is also set up as a Security Provider (See Section 8.5, "Configuring OID as Security Provider" for more information), then the order of the providers must be as follows:

  1. LDAP Authenticator (SUFFICIENT)

  2. Default Authenticator (SUFFICIENT)

5.4 Assigning Content Integration User

The user named ContentIntegration is created as part of database initialization during OSL installation. See Step 15 of the installation process in Chapter 2, "Installation Tasks". Access to the OSL CMS integration service is granted to an OID user belonging to the ContentIntegrationGroup (or the equivalent, mapped OID Group, as described in Scenario 1 of Section 5.1, "Creating Groups in OID".) This user has the ContentIntegration role in OSL.

Create a user named ContentIntegration as a member of the ContentIntegrationGroup of OID. See Section 5.1, "Creating Groups in OID" for detailed information.

Alternatively, create and assign a ContentIntegration user to the ContentIntegrationGroup in the WebLogic embedded LDAP server as explained in Section 5.3, "Assigning Data Loading User".

5.5 Creating a User and Assigning Department Administrator Role

To create and load users, use the createPersons method in DataLoadingpartyService of the OSL LT Data Loading service. At least one user must be the Department Administrator to access the department administration functionality in the OSL LT Admin user interface (UI). This user can assign other application roles and configure the OSL system in OSL LT Admin.

Following these steps to create a Department Administrator:

  1. Use the createPersons method in DataLoadingpartyService.

  2. Enter appropriate information for the following parameters:

    • firstName: for example, Robert

    • lastName: for example, Brown

    • Relationship action: Create

    • RelationshipType: DEPARTMENT_ADMIN_OF

    • TargetPartyId: ID of Department (Department in OSL database normally has an ID of 2)

The OSL LT Data Loading service assigns a login ID in the firstName.lastName format, for example, Robert.Brown.

A default password welcome1 is assigned. Use OID to manually replace this password with a secure password.

For information about deploying the OSL Learning Tool, see Part II, "Deploying the OSL Learning Tool".

For information about using the createPersons method, see Section 2.1.6, "createPersons," in Oracle Student Learning Programmer's Guide.

5.6 Updating the Name of Department

The pre-seeded institution in the OSL database has the default organization type DEPARTMENT and default name Department Of Education. After OSL installation and deployment, you can change the name.

Log in to OSL LT Admin as the Department Administrator to change the institution name.

For information about creating the user with the role of Department Administrator, see Section 5.5, "Creating a User and Assigning Department Administrator Role".

For information about changing the name of Department using LT Admin, see Chapter 3, How to Manage Institutions, in Oracle Student Learning Learning Tool Admin User's Guide.