Skip Headers
Oracle® Fusion Middleware Upgrade and Migration Guide for Oracle Identity and Access Management
11g Release 2 (11.1.2)

Part Number E28183-12
Go to Documentation Home
Home
Go to Table of Contents
Contents
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

4 Upgrading Oracle Access Manager 11g Release 1 (11.1.1.5.0) Environments

This chapter describes how to upgrade your existing Oracle Access Manager 11g Release 1 (11.1.1.5.0) environment to Oracle Access Management Access Manager (Access Manager) 11g Release 2 (11.1.2).

This chapter contains the following sections:

Read the Oracle Fusion Middleware System Requirements and Specifications document to ensure that your environment meets the minimum requirements for the products you are installing or upgrading.

4.1 Upgrade Roadmap for Oracle Access Manager

Note:

If you do not follow the exact sequence provided in this task table, your Oracle Access Manager upgrade may not be successful.

Table 4-1 lists the steps to upgrade Oracle Access Manager 11.1.1.5.0.

Table 4-1 Upgrade Flow

Task No. Task For More Information

1

Shut down all servers. This includes both Administration Server and Managed Servers.

See, Shutting Down Administration Server and Managed Servers

2

Back up your environment.

See, Backing Up Oracle Access Manager 11g Release 1 (11.1.1.5.0)

3

Optional - Upgrade Oracle WebLogic Server 10.3.5 to Oracle WebLogic Server 10.3.6.

See, Optional: Upgrading Oracle WebLogic Server

4

Run Oracle Fusion Middleware Repository Creation Utility (RCU) to create and load Access Manager schemas and OPSS schema.

See, Creating Oracle Access Management Access Manager Schemas Using Repository Creation Utility

5

Upgrade 11.1.1.5.0 Oracle Home to 11.1.2.

See, Upgrading Oracle Access Manager 11g Release 1 (11.1.1.5.0) to Oracle Access Management Access Manager 11g Release 2 (11.1.2)

6

Extend your Oracle Access Manager 11.1.1.5.0 domain with the OPSS template.

See, Extending Oracle Access Manager 11.1.1.5.0 Component Domains with Oracle Platform Security Services Template

7

Upgrade Oracle Platform Security Services.

See, Upgrading Oracle Platform Security Services

8

Run the configuresecuritystore.py script to configure policy stores.

See, Configuring Oracle Platform Security ServicesSecurity Store

9

Export access data.

See, Exporting Access Data

10

Import access data.

See, Importing Access Data

11

Start the Administration Server and Oracle Access Management Access Manager Managed Servers.

See, Starting the Administration Server and Access Manager Managed Servers

12

Redeploy Access Manager servers and shared libraries.

See, Redeploying Oracle Access Management Access Manager Servers and Shared Libraries

13

Stop the Administration Server and Oracle Access Management Access Manager Managed Server.

See, Stopping the Administration Server and Access Manager Managed Servers

14

Delete the tmp and stage folders.

See, Deleting Folders

15

Start the Administration Server and Oracle Access Management Access Manager Managed Servers.

See, Starting the Administration Server and Access Manager Managed Servers

16

Verify the Access Manager upgrade.

See, Verifying the Upgrade


4.2 Shutting Down Administration Server and Managed Servers

The upgrade process involves changes to the binaries and to the schema. Therefore, before you begin the upgrade process, you must shut down the Administration Server and Managed Servers.

To shut down the Servers, do the following:

Stopping the Administration Server

To stop the Administration Server, do the following:

On UNIX:

Run the following command:

cd <MW_HOME>/user_projects/domains/<domain_name>/bin

./stopWebLogic.sh

On Windows:

Run the following command:

cd <MW_HOME>\user_projects\domains\<domain_name>\bin

stopWebLogic.cmd

Stopping Managed Servers

To stop the Managed Servers, do the following:

On UNIX:

  1. Move from your present working directory to the <MW_HOME>/user_projects/domains/<domain_name>/bin directory by running the following command on the command line:

    cd <MW_HOME>/user_projects/domains/<domain_name>/bin

  2. Run the following command to stop the servers:

    ./stopManagedWebLogic.sh <server_name> <admin_url> <user_name> <password>

    where

    <server_name> is the name of the Managed Server.

    <admin_url> is URL of the WebLogic administration console. Specify it in the format http://<host>:<port>/console. Specify only if the WebLogic Administration Server is on a different computer.

    <user_name> is the username of the WebLogic Administration Server.

    <password> is the password of the WebLogic Administration Server.

On Windows:

  1. Move from your present working directory to the <MW_HOME>\user_projects\domains\<domain_name>\bin directory by running the following command on the command line:

    cd <MW_HOME>\user_projects\domains\<domain_name>\bin

  2. Run the following command to stop the Managed Servers:

    stopManagedWebLogic.cmd <server_name> <admin_url> <username> <password>

    where

    <server_name> is the name of the Managed Server.

    <admin_url> is URL of the WebLogic administration console. Specify it in the format http://<host>:<port>/console. specify only if the WebLogic Administration Server is on a different computer.

    <username> is the username of the WebLogic Administration Server.

    <password> is the password of the WebLogic Administration Server.

For more information, see "Stopping the Stack" in the Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management.

4.3 Backing Up Oracle Access Manager 11g Release 1 (11.1.1.5.0)

You must back up your Oracle Access Manager 11.1.1.5.0 environment before you upgrade to Access Manager 11.1.2.

After stopping the servers, back up the following:

4.4 Optional: Upgrading Oracle WebLogic Server

Note:

Upgrading Oracle WebLogic Server is not mandatory. However, Oracle recommends that you upgrade Oracle WebLogic Server to 10.3.6.

You can upgrade WebLogic Server 10.3.5 to Oracle WebLogic Server 10.3.6 by using the WebLogic 10.3.6 Upgrade Installer. Complete the following steps:

  1. Download the WebLogic 10.3.6 Upgrade Installer from Oracle Technology Network.

    For more information, see "Downloading the Installer From Oracle Technology Network" in the Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server.

  2. Run the Upgrade Installer in graphical mode to upgrade your WebLogic Server.

    For more information, see "Running the Upgrade Installer in Graphical Mode" in the Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server.

4.5 Creating Oracle Access Management Access Manager Schemas Using Repository Creation Utility

Upgrading Oracle Access Manager 11.1.1.5.0 schema to Oracle Access Management Access Manager 11.1.2 is not supported. You cannot update Oracle Access Manager 11.1.1.5.0 schemas to Access Manager 11.1.2, so, you must create new Access Manager 11.1.2 schemas.

Run Repository Creation utility (RCU) to create the Access Manager schema. Select all dependent schemas so that OPSS schema gets created too.

For more information, see "Creating Schemas" in the Using Repository Creation Utility.

Note:

Even if you are creating new schemas, do not delete your Oracle Access Manager 11.1.1.5.0 schemas and do not use the old schema name, as you will need the old schema credentials while "Exporting Access Data".

4.6 Upgrading Oracle Access Manager 11g Release 1 (11.1.1.5.0) to Oracle Access Management Access Manager 11g Release 2 (11.1.2)

To upgrade Oracle Access Manager, you must use the 11.1.2 installer. During the procedure, point the Middleware Home to your existing 11.1.1.5.0 Oracle Access Manager Middleware Home. Your Oracle Home is upgraded from 11.1.1.5.0 to 11.1.2.

This section contains the following topics:

4.6.1 Obtaining the Software

For more information on obtaining Oracle Fusion Middleware 11g software, see Oracle Fusion Middleware Download, Installation, and Configuration ReadMe.

4.6.2 Starting the Oracle Identity and Access Management 11g Release 2 (11.1.2) Installer

This topic explains how to start the Oracle Identity and Access Management Installer.

Notes:

  • If you are installing on an IBM AIX operating system, you must run the rootpre.sh script from the Disk1 directory before you start the Installer.

  • Starting the Installer as the root user is not supported.

Start the Installer by doing the following:

On UNIX:

  1. Move from your present working directory to the directory where you extracted the contents of the Installer to.

  2. Move to the following location:

    cd Disk1

  3. Run the following command:

    ./runInstaller -jreLoc <full path to the JRE directory>

    For example:

    ./runInstaller -jreLoc <MW_HOME>/jdk160_29/jre

On Windows:

  1. Move from your present working directory to the directory where you extracted the contents of the Installer to.

  2. Move to the following location:

    cd Disk1

  3. Run the following command:

    setup.exe -jreLoc <full path to the JRE directory>

    For Example:

    setup.exe -jreLoc <MW_HOME>\jdk160_29\jre

Note:

If you do not specify the -jreLoc option on the command line when using the Oracle JRockit JDK, the following warning message is displayed:

-XX:MaxPermSize=512m is not a valid VM option. Ignoring

This warning message does not affect the installation. You can continue with the installation.

On 64-bit platforms, when you install Oracle WebLogic Server using the generic jar file, the jrockit_1.6.0_29 directory is not created in your Middleware Home. You must enter the absolute path to the JRE folder from where your JDK is located.

4.6.3 Installing Oracle Identity and Access Management 11g Release 2 (11.1.2)

Use the Oracle Identity and Access Management 11.1.2 Installer to upgrade Oracle Access Manager 11.1.1.5.0 to Access Manager 11.1.2:

  1. After you start the Installer, the Welcome screen appears.

  2. Click Next on the Welcome screen. The Install Software Updates screen appears. Select whether or not you want to search for updates. Click Next.The Prerequisite Checks screen appears. If all prerequisite checks pass inspection, click Next. The Specify Installation Location screen appears.

  3. On the Specify Installation Location screen, point the Middleware Home to your existing 11.1.1.5.0 Middleware Home installed on your system.

  4. In the Oracle Home Directory field, specify the path of the existing Oracle Identity and Access Management Home. This directory is also referred to as <IAM_HOME> in this book.

    Click Next. The Installation Summary screen appears.

  5. The Installation Summary screen displays a summary of the choices that you made. Review this summary and decide whether you want to proceed with the installation. If you want to modify any of the configuration settings at this stage, select a topic in the left navigation page and modify your choices. To continue installing Oracle Identity and Access Management, click Install. The Installation Progress screen appears. Click Next.

    Note:

    If you cancel or abort when the installation is in progress, you must manually delete the <IAM_HOME> directory before you can reinstall the Oracle Identity and Access Management software.

    To invoke online help at any stage of the installation process, click Help on the installation wizard screens.

  6. The Installation Complete screen appears. On the Installation Complete screen, click Finish.

    This installation process copies the 11.1.2 Oracle Identity and Access Management software to your system.

For more information, see "Installing and Configuring Oracle Identity and Access Management (11.1.2)" in the Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management.

4.7 Extending Oracle Access Manager 11.1.1.5.0 Component Domains with Oracle Platform Security Services Template

Oracle Access Management Access Manager 11.1.2 uses the database to store policies. This requires extending Oracle Access Manager 11.1.1.5.0 domain to include the OPSS data source.

To extend your Oracle Access Manager 11.1.1.5.0 component domain with the OPSS template, complete the following steps:

  1. Run the following command:

    On UNIX:

    ./config.sh

    It is located in the <MW_HOME>/<Oracle_IDM1>/common/bin directory.

    On Windows:

    config.cmd

    It is located in the <MW_HOME>\<Oracle_IDM1>\common\bin directory.

  2. On the Welcome screen, select the Extend an existing WebLogic domain option. Click Next.

  3. On the Select a WebLogic Domain Directory screen, browse to the directory that contains the WebLogic domain in which you configured Oracle Access Manager. Click Next. The Select Extension Source screen appears.

  4. On the Select Extension Source screen, select the Oracle Platform Security Service - 11.1.1.0 [Oracle_IDM1] option. After selecting the domain configuration options, click Next.

  5. The Configure JDBC Data Sources screen appears. Update the component schemas: Access Manager Infrastructure and OPSS schema. Configure Access Manager Infrastructure, by updating the older Oracle Access Manager 11.1.1.5.0 schema information shown in the screen, with new Access Manager 11.1.2 schema details and OPSS schema data source. After the test succeeds, the Configure JDBC Component Schema screen appears.

  6. On the Configure JDBC Component Schema screen, select Oracle Platform Security Services.

    Set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next.

    The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.

  7. On the Select Optional Configuration screen, you can configure Managed Servers, Clusters, and Machines and Deployments and Services. Do not select anything as you have already configured your Oracle Access Manager 11.1.1.5.0 environment. Click Next.

  8. On the Configuration Summary screen, review the domain configuration, and click Extend to start extending the domain.

Your existing Oracle Access Manager domain is extended to support Oracle Platform Security Services (OPSS), and Oracle Access Manager is configured to use the newly created 11.1.2 OPSS policy schema.

4.8 Upgrading Oracle Platform Security Services

To upgrade Oracle Platform Security Services (OPSS) schema, do the following:

On UNIX:

  1. Move from your present working directory to the <MW_HOME>/oracle_common/common/bin directory by running the following command on the command line:

    cd <MW_HOME>/oracle_common/common/bin

  2. Run the following command to launch the WebLogic Scripting Tool (WLST):

    ./wlst.sh

  3. At the WLST prompt, run the following command:

    upgradeOpss(jpsConfig="existing_jps_config_file", jaznData="system_jazn_data_file")

    For example:

    upgradeOpss(jpsConfig="<MW_HOME>/user_projects/domains/base_domain/config/fmwconfig/jps-config.xml",jaznData="<MW_HOME>/oracle_common/modules/oracle.jps_11.1.1/domain_config/system-jazn-data.xml")

  4. Exit the WLST console using the exit()command.

On Windows:

  1. Move from your present working directory to the <MW_HOME>\oracle_common\common\bin directory by running the following command on the command line:

    cd <MW_HOME>\oracle_common\common\bin

  2. Run the following command to launch the WebLogic Scripting Tool (WLST):

    wlst.cmd

  3. At the WLST prompt, run the following command:

    upgradeOpss(jpsConfig="existing_jps_config_file", jaznData="system_jazn_data_file")

    For example:

    upgradeOpss(jpsConfig="<MW_HOME>\\user_projects\\domains\\base_domain\\config\\fmwconfig\\jps-config.xml",jaznData="<MW_HOME>\\oracle_common\\modules\\oracle.jps_11.1.1\\domain_config\\system-jazn-data.xml")

  4. Exit the WLST console using the exit() command.

Table 4-2 describes the parameters you need to specify on the command line:

Table 4-2 Parameters for Upgrading OPSS

Parameter Description

jpsConfig

Specify the path to the jps-config.xml file in your Access Manager 11.1.2 installation. The following example shows the complete path:

On UNIX, it is located in the <MW_HOME>/user_projects/domains/base_domain/config/fmwconfig/jps-config.xml directory.

On Windows, it is located in the <MW_HOME>\user_projects\domains\base_domain\config\fmwconfig\jps-config.xml directory.

jaznData

Specify the path to the system-jazn-data.xml file in your Access Manager 11.1.2 installation. The following example shows the complete path:

On UNIX, it is located in the <MW_HOME>/oracle_common/modules/oracle.jps_11.1.1/domain_config/system-jazn-data.xml directory.

On Windows, it is located in the <MW_HOME>\oracle_common\modules\oracle.jps_11.1.1\domain_config\system-jazn-data.xml directory.


4.9 Configuring Oracle Platform Security ServicesSecurity Store

You must configure the Database Security Store as it is the only security store type supported by Oracle Identity and Access Management 11g Release 2 (11.1.2).

For more information on configuring Oracle Platform Security Services, see "Configuring Database Security Store for an Oracle Identity and Access Management Domain" in the Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management.

4.10 Exporting Access Data

Policy information from Oracle Access Manager 11.1.1.5.0 schema needs to be extracted before importing it to the Access Manager 11.1.2 schema. The exportAccessData WLST command exports the Access Manager policy and configuration information from the 11.1.1.5.0 Oracle Access Manager domain. You must export Oracle Access Manager 11.1.1.5.0 configuration details, policy stores, keys, and CSF Passwords.

Complete the following steps to export data:

On UNIX:

  1. Move from your present working directory to the <IAM_HOME>/common/bin directory by running the following command on the command line:

    cd <IAM_HOME>/common/bin

  2. Run the following command to launch the WebLogic Scripting Tool (WLST):

    ./wlst.sh

  3. At the WLST prompt, run the following script:

    exportAccessData("<UPGRADE_PROPERTIES_FILE>")

    For example:

    exportAccessData("<IAM_HOME>/oam/server/wlst/scripts/sample_properties/oam_upgrade.properties")

    See Table 4-4 for sample properties and description.

  4. Exit the WLST console using the exit() command.

On Windows:

  1. Move from your present working directory to the <IAM_HOME>\common\bin directory by running the following command on the command line:

    cd <IAM_HOME>\common\bin

  2. Run the following command to launch the WebLogic Scripting Tool (WLST):

    wlst.cmd

  3. At the WLST prompt, run the following script:

    exportAccessData("<UPGRADE_PROPERTIES_FILE>")

    For example:

    exportAccessData("<IAM_HOME>\\oam\\server\\wlst\\scripts\\sample_properties\\oam_upgrade.properties")

    See Table 4-4 for sample properties and description.

  4. Exit the WLST console using the exit() command.

Table 4-3 describes the parameters you must specify on the command line:

Table 4-3 Parameters for Exporting Data

Parameter Description

properties_location

Specify the path to the oam_upgrade.properties file in the Access Manager 11.1.1.5.0 installation. The following example shows the complete path:

On UNIX, it is located in the <IAM_HOME>/oam/server/wlst/scripts/sample_properties/oam_upgrade.properties directory.

On Windows, it is located in the <IAM_HOME>\oam\server\wlst\scripts\sample_properties\oam_upgrade.properties directory.


Table 4-4 lists the properties of oam_upgrade.properties:

Table 4-4 Property Description

Properties Description

MW_HOME

Specify the complete path to the Middleware Home. The following example shows the complete path:

On UNIX, it is located in the Oracle/Middleware directory.

On Windows, it is located in the Oracle\Middleware directory.

IAM_HOME

Specify the complete path to the Oracle Identity and Access Management location. The following example shows the complete path:

On UNIX, it is located in the <MW_HOME>/<Oracle_IDM1> directory.

On Windows, it is located in the <MW_HOME>\<Oracle_IDM1> directory.

ORACLE_HOME

This property refers to the location of the Oracle Identity and Access Management software. The following example shows the complete path:

On UNIX, it is located in the <MW_HOME>/<IAM_HOME> directory.

On Windows, it is located in the <MW_HOME>\<IAM_HOME> directory.

OAM_DOMAIN_HOME

This property refers to the existing Oracle Access Manager 11.1.1.5.0 domain home. The following example shows the complete path:

On UNIX, it is located in the <MW_HOME>/user_projects/domains/<oam_domain> directory.

On Windows, it is located in the <MW_HOME>\user_projects\domains\<oam_domain> directory.

ORACLE_COMMON_HOME

This property refers to the common components home. The following example shows the complete path:

On UNIX, it is located in the <MW_HOME>/Oracle_Common directory.

On Windows, it is located in the <MW_HOME>\Oracle_Common directory.

OAM_DEST_ARTIFACTS_LOCATION

This property refers to the location where you want to place the upgrade artifacts, such as Oracle Access Manager 11.1.1.5.0 configuration and policy files.

OAM_TYPE_OF_UPGRADE

This is an InPlace upgrade.

OAM_IS_INCREMENTAL

This property is used to specify if you run the upgrade in an incremental mode.

Incremental form of upgrade is not supported in Access Manager 11.1.2. Therefore, set the value as False.

OAM_POLICY_UPGRADE_OPTIMIZATION

As a part of the Oracle Access Manager policy upgrade, the changes to the out of the box Access Manager policies are applied on top of the existing (11.1.1.5.0) out of the box policies. This process involves a three way merge of the Access Manager policies. This is a time consuming process (takes about 30 minutes).

If you want to proceed with the merge, set the property to False.

If you want to replace the Oracle Access Manager 11.1.1.5.0 out of the box policies with the new ones, without the merge process, set this property to True.

OAM_PS1_SCHEMA_OWNER

Use this property to connect to the 11.1.1.5.0 policy store. Specify the Oracle Access Manager 11.1.1.5.0 schema owner.

OAM_PS1_SCHEMA_CRED

Use this property to connect to the 11.1.1.5.0 policy store. Specify the Oracle Access Manager 11.1.1.5.0 schema credentials.

OAM_PS1_CREDENTIAL_ALIAS

Use this property to connect to the 11.1.1.5.0 policy store. Specify the Oracle Access Manager 11.1.1.5.0 Oracle Entitlements Server database credential alias as:

OESDBCredentialAlias

OAM_PS1_JDBC_CONN_STRING

Use this property to connect to the 11.1.1.5.0 policy store. Specify the JDBC connection string in the following format:

jdbc:oracle:thin:@dbhost:dbport/sid

OAM_PS1_JDBC_DRIVER_CLASS

Use this property to connect to the 11.1.1.5.0 policy store. Specify the JDBC driver class in the following format:

oracle.jdbc.OracleDriver

OAM_PS1_ROOT_DN

Use this property to connect to the 11.1.1.5.0 policy store. Specify the properties as:

cn=farm,cn=JPSContext,cn=jpsroot

OAM_PS1_POLICY_FILE

This property refers to the absolute path to the XML file where extracted 11.1.1.5.0 policy needs to be saved. Specify the path where you want to save the extracted Oracle Access Manager 11.1.1.5.0 policies.

For example:

On UNIX, specify the following path:

OAM_PS1_POLICY_FILE=<UPGRADE_ATRIFACTS_DIR>/oam-policy-ps1.xml

On Windows, specify the following path:

OAM_PS1_POLICY_FILE=<UPGRADE_ATRIFACTS_DIR>\oam-policy-ps1.xml

OAM_PS1_POLICY_JARS

Upgrade frameworks loads version specific jars for Exporting and Importing data. This property refers to the Oracle Access Manager 11.1.1.5.0 policy jars available at the following path:

On UNIX, it is located in the $<ORACLE_HOME>/oam/server/lib/upgrade/ps1-policy directory.

On Windows, it is located in the <ORACLE_HOME>\oam\server\lib\upgrade\ps1-policy directory.

OAM_PS1_CONFIG_FILE_LOC

This property refers to the Oracle Access Manager 11.1.1.5.0 configuration files available in the following location:

On UNIX, it is located in the $<DOMAIN_HOME>/config/fmwconfig/oam-config.xml directory.

On Windows, it is located in the <DOMAIN_HOME>\config\fmwconfig\oam-config.xml directory.

OAM_PS1_POLICY_FILE_TEMP

This property refers to the absolute path to the temporary policy XML. This temporary XML will be used for policy transformation.

Specify the temporary location of the XML file.

For example:

On UNIX, specify the following path:

OAM_PS1_POLICY_FILE_TEMP=<UPGRADE_ATRIFACTS_DIR>/oam-policy-ps1_temp.xml

On Windows, specify the following path:

OAM_PS1_POLICY_FILE_TEMP=<UPGRADE_ATRIFACTS_DIR>\oam-policy-ps1_temp.xml

OAM_R2_POLICY_JARS

Upgrade frameworks loads version specific jars for exporting and importing data. This property refers to the Access Manager 11.1.2 policy jars available at the following location:

On UNIX, it is located in the $<ORACLE_HOME>/oam/server/lib/upgrade/ps2-policy directory.

On Windows, it is located in the <ORACLE_HOME>\oam\server\lib\upgrade\ps2-policy directory.

OAM_R2_CONFIG_FILE_LOC

This property refers to the Access Manager 11.1.2 configuration files available at the following location:

On UNIX, it is located in the $<ORACLE_HOME>/oam/server/config/oam-config.xml directory.

On Windows, it is located in the <ORACLE_HOME>\oam\server\config\oam-config.xml directory.

OAM_SOURCE_VERSION

The Oracle Access Manager source version is 11.1.1.5.0.

OAM_TARGET_VERSION

The Access Manager target version is 11.1.2.


Note:

The variables listed in Table 4-4 are not environment variables. These variables must be defined in the oam_upgrade.properties file.

Sample Output of exportAccessData

wls:/offline> exportAccessData("<IAM_HOME>/oam/server/wlst/scripts/sample_properties/oam_upgrade.properties")
Jul 7, 2012 1:37:30 AM oracle.security.access.upgrade.WLSTExecutor executeCommand
INFO: EXPORT_DATA_COMMAND
Jul 7, 2012 1:37:30 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
INFO: OAAM PRODUCT
Jul 7, 2012 1:37:30 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
INFO: OAM PRODUCT
Jul 7, 2012 1:37:30 AM oracle.security.access.upgrade.util.WLSTExportDataUtil executeCommand
INFO: oamPlugin.getName() = oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory
Jul 7, 2012 1:37:30 AM oracle.security.am.upgrade.plugin.util.UpgradeUtil exportConfiguration
INFO: Copying configuration file....
oracle.security.am.upgrade.plugin.upgradehelper.OAMVersionSpecificClassLoader@1e330f43
[EL Info]: 2012-07-07 01:37:32.849--ServerSession(503497062)--EclipseLink, version: Eclipse Persistence Services - 1.1.0.r3634
[EL Info]: 2012-07-07 01:37:35.212--ServerSession(503497062)--file:$ORACLE_HOME/oam/server/lib/upgrade/ps1-policy/oes-d8/jps-internal.jar-JpsDBDataManager login successful
Jul 7, 2012 1:37:39 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2012-07-07 01:37:39.026/135.466 Oracle Coherence 3.5.3/465p2 <Info> (thread=Main Thread, member=n/a): Loaded operational configuration from resource "jar:file:$ORACLE_HOME/oam/server/lib/upgrade/ps1-policy/coherence.jar!/tangosol-coherence.xml"
Jul 7, 2012 1:37:39 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2012-07-07 01:37:39.035/135.474 Oracle Coherence 3.5.3/465p2 <Info> (thread=Main Thread, member=n/a): Loaded operational overrides from resource "jar:file:$ORACLE_HOME/oam/server/lib/upgrade/ps1-policy/coherence.jar!/tangosol-coherence-override-dev.xml"
...................
WARNING: Cannot load audit configuration.
Jul 7, 2012 1:37:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Jul 7, 2012 1:37:47 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Jul 7, 2012 1:37:47 AM oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory exportData
INFO: Extraction Done!!
Jul 7, 2012 1:37:47 AM oracle.security.am.upgrade.plugin.util.UpgradeCommonUtil removeDirectory
INFO: Deletion of Directory: true path: $OAM_ARTIFACTS_DIRECTORTY/temp.zip
Jul 7, 2012 1:37:47 AM oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory exportData
INFO: Export completed successfully!

4.11 Importing Access Data

It is necessary to import the extracted Oracle Access Manager 11.1.1.5.0 data to the Access Manager 11.1.2 schema. The Oracle Access Manager 11.1.1.5.0 domain configuration is also merged with the Access Manager 11.1.2 configuration.

To import Oracle Access Manager 11.1.1.5.0 configuration data into Access Manager 11.1.2, complete the following steps:

On UNIX:

  1. Move from your present working directory to the <IAM_HOME>/common/bin directory by running the following command on the command line:

    cd <IAM_HOME>/common/bin

  2. Run the following command to launch the WebLogic Scripting Tool (WLST):

    ./wlst.sh

  3. At the WLST prompt, run the following script:

    importAccessData("<UPGRADE_PROPERTIES_FILE>")

    For example:

    importAccessData("<IAM_HOME>/oam/server/wlst/scripts/sample_properties/oam_upgrade.properties")

    See Table 4-4 for sample properties and description.

  4. Exit the WLST console using the exit() command.

On Windows:

  1. Move from your present working directory to the <IAM_HOME>\common\bin directory by running the following command on the command line:

    cd <IAM_HOME>\common\bin

  2. Run the following command to launch the WebLogic Scripting Tool (WLST):

    wlst.cmd

  3. At the WLST prompt, run the following script:

    importAccessData("<UPGRADE_PROPERTIES_FILE>")

    For example:

    importAccessData("<IAM_HOME>\\oam\\server\\wlst\\scripts\\sample_properties\\oam_upgrade.properties")

    See Table 4-4 for sample properties and description.

  4. Exit the WLST console using the exit() command.

Table 4-5 describes the parameters you need to specify on the command line:

Table 4-5 Parameters for Importing Data

Parameter Description

properties_location

Specify the path to the oam_upgrade.properties file in the Oracle Access Manager 11.1.1.5.0 installation. The following example shows the complete path:

On UNIX, it is located in the IDM_HOME/oam/server/wlst/scripts/sample_properties/oam_upgrade.properties directory.

On Windows, it is located in the IDM_HOME\oam\server\wlst\scripts\sample_properties\oam_upgrade.properties directory.


Sample Output of importAccessData

wls:/offline> importAccessData("<IAM_HOME>/oam/server/wlst/scripts/sample_properties/oam_upgrade.properties")
LOGGER intialised java.util.logging.Logger@1e26e4b1
Jul 7, 2012 1:38:25 AM oracle.security.access.upgrade.WLSTExecutor executeCommand
INFO: IMPORT_DATA_COMMAND
Jul 7, 2012 1:38:25 AM oracle.security.access.upgrade.util.WLSTImportDataUtil executeCommand
INFO: OAAM PRODUCT IMPORT DATA
Jul 7, 2012 1:38:25 AM oracle.security.access.upgrade.util.WLSTImportDataUtil executeCommand
INFO: OAM PRODUCT
Jul 7, 2012 1:38:25 AM oracle.security.access.upgrade.util.WLSTImportDataUtil executeCommand
INFO: oamPlugin.getName() = oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory
Jul 7, 2012 1:38:27 AM oracle.security.am.common.policy.admin.provider.xml.XMLStore <init>
INFO: Loading policy store file: $OAM_ARTIFACTS_DIRECTORTY/oam-policy.xml.
Jul 7, 2012 1:38:30 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2012-07-07 01:38:30.069/17.816 Oracle Coherence 3.7.1.1 <Info> (thread=Main Thread, member=n/a): Loaded operational configuration from "jar:file:$MIDDLEWARE_HOMEoracle_common/modules/oracle.coherence/coherence.jar!/tangosol-coherence.xml"
Jul 7, 2012 1:38:30 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2012-07-07 01:38:30.103/17.850 Oracle Coherence 3.7.1.1 <Info> (thread=Main Thread, member=n/a): Loaded operational overrides from "jar:file:$MIDDLEWARE_HOMEoracle_common/modules/oracle.coherence/coherence.jar!/tangosol-coherence-override-dev.xml"
Jul 7, 2012 1:38:30 AM com.tangosol.coherence.component.util.logOutput.Jdk log
INFO: 2012-07-07 01:38:30.107/17.854 Oracle Coherence 3.7.1.1 <Info> (thread=Main Thread, member=n/a): Loaded operational overrides from "jar:file:$ORACLE_HOME/oam/server/lib/upgrade/ps2-policy/mapstore-coherence.jar!/tangosol-coherence-override.xml"
.....
Jul 7, 2012 1:38:36 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Jul 7, 2012 1:38:36 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Jul 7, 2012 1:38:36 AM oracle.security.am.common.audit.AuditHandler getAuditor
WARNING: Cannot load audit configuration.
Jul 7, 2012 1:38:38 AM oracle.security.am.upgrade.plugin.upgradehelper.UpgradeFactory importData
INFO: Import completed successfully!!

4.12 Starting the Administration Server and Access Manager Managed Servers

Note:

When you start the Administration Server and the Managed Servers, the Access Manager Administration console application and the Access Manager Managed server application does not start up. This is expected.

The redeploy command is an online WLST command. Therefore, you must start the Oracle Access Management Access Manager Administration and Managed Servers before running the redeploy command.

Starting the Administration Server

To start the Administration Server, do the following:

On UNIX:

Run the following command:

cd <MW_HOME>/user_projects/domains/<domain_name>/bin

./startWebLogic.sh

On Windows:

Run the following command:

cd <MW_HOME>\user_projects\domains\<domain_name>\bin

startWebLogic.cmd

Exceptions:

The following exception is displayed when you start the Administration Server. Ignore it:

<Month Date, year Time Timezone> <Error> <Deployer> <BEA-149205> <Failed to initialize the application 'oracle.oaam.libs
[LibSpecVersion=11.1.1.3.0,LibImplVersion=11.1.1.3.0]' due to error weblogic.application.library.LibraryDeployment
Exception: [J2EE:160145]Failed to deploy library Extension-Name: oracle.oaam.libs, Specification-Version:11.1.2, Implementation-Version: 11.1.2.0.0, because of conflicting library Manifest values,and library information registered with the server:
[Specification-Version: 11.1.2 vs. 11.1.1.3, Implementation-Version: 
11.1.2.0.0 vs. 11.1.1.3.0]. Check the library"s MANIFEST.MF file, and correct version info there to match server settings. Or undeploy the misconfigured library..
weblogic.application.library.LibraryDeploymentException: [J2EE:160145]Failed to deploy library Extension-Name: oracle.oaam.libs, Specification-Version: 
11.1.2, Implementation-Version: 11.1.2.0.0, because of conflicting library 
Manifest values, and library information registered with the server: 
[Specification-Version: 11.1.2 vs. 11.1.1.3, Implementation-Version: 
11.1.2.0.0 vs. 11.1.1.3.0]. Check the library"s MANIFEST.MF file, and correct version info there to match server settings. Or undeploy the misconfigured library.
at weblogic.application.internal.library.LibraryDeploymentFactory.getLibData(Libr aryDeploymentFactory.java:113)
at weblogic.application.internal.library.LibraryDeploymentFactory.createDeploymen t(LibraryDeploymentFactory.java:48)
at weblogic.application.internal.DeploymentManagerImpl.createDeployment(Deploymen tManagerImpl.java:84)
at weblogic.deploy.internal.targetserver.BasicDeployment.createDeployment(BasicDe ployment.java:149)
at weblogic.deploy.internal.targetserver.AppDeployment.prepare(AppDeployment.java :114)
Truncated. see log file for complete stacktrace 
<Month Date, year Time Timezone> <Error> <Deployer> <BEA-149205> <Failed to initialize the application 'oam_server' due to error weblogic.management.DeploymentException: [Deployer:149268]Static deployment of non-versioned application 'oam_server' failed due it its manifest defines version..
weblogic.management.DeploymentException: [Deployer:149268]Static deployment of non-versioned application 'oam_server' failed due it its manifest defines version.
at weblogic.deploy.internal.targetserver.AppDeployment.staticDeployValidationForN onVersion(AppDeployment.java:186)
at weblogic.deploy.internal.targetserver.AppDeployment.prepare(AppDeployment.java:108)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:40)
at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
at weblogic.management.deploy.internal.AppTransit

Starting Managed Servers

To start the Access Manager Managed Servers, do the following:

On UNIX:

  1. Move from your present working directory to the <MW_HOME>/user_projects/domains/<domain_name>/bin directory by running the following command on the command line:

    cd <MW_HOME>/user_projects/domains/<domain_name>/bin

  2. Run the following command to start the Servers:

    ./startManagedWebLogic.sh <managed_server_name> <admin_url> <user_name> <password>

    where

    <managed_server_name> is the name of the Managed Server

    <admin_url> is URL of the administration console. Specify it in the format http://<host>:<port>/console. Specify only if the WebLogic Administration Server is on a different computer.

    <user_name> is the username of the WebLogic Administration Server.

    <password> is the password of the WebLogic Administration Server.

On Windows:

  1. Move from your present working directory to the <MW_HOME>\user_projects\domains\<domain_name>\bin directory by running the following command on the command line:

    cd <MW_HOME>\user_projects\domains\<domain_name>\bin

  2. Run the following command to start the Managed Servers:

    startManagedWebLogic.cmd <managed_server_name> <admin_url> <user_name> <password>

    where

    <managed_server_name> is the name of the Managed Server.

    <admin_url> is URL of the administration console. Specify it in the format http://<host>:<port>/console. Specify only if the WebLogic Administration Server is on a different computer.

    <user_name> is the username of the WebLogic Administration Server.

    <password> is the password of the WebLogic Administration Server.

Exceptions:

The following exception is displayed when you start the Managed Server. Ignore it:

<Month Date, year Time Timezone> <Error> <Deployer> <BEA-149205> <Failed to initialize the application 'oracle.oaam.libs 
[LibSpecVersion=11.1.1.3.0,LibImplVersion=11.1.1.3.0]' due to error weblogic.application.library.LibraryDeploymentException: [J2EE:160145]Failed to deploy library Extension-Name: oracle.oaam.libs, Specification-Version: 
11.1.2, Implementation-Version: 11.1.2.0.0, because of conflicting library 
Manifest values, and library information registered with the server: 
[Specification-Version: 11.1.2 vs. 11.1.1.3, Implementation-Version: 
11.1.2.0.0 vs. 11.1.1.3.0]. Check the library"s MANIFEST.MF file, and correct version info there to match server settings. Or undeploy the misconfigured library.. 
weblogic.application.library.LibraryDeploymentException: [J2EE:160145]Failed to deploy library Extension-Name: oracle.oaam.libs, Specification-Version: 
11.1.2, Implementation-Version: 11.1.2.0.0, because of conflicting library 
Manifest values, and library information registered with the server: 
[Specification-Version: 11.1.2 vs. 11.1.1.3, Implementation-Version: 
11.1.2.0.0 vs. 11.1.1.3.0]. Check the library"s MANIFEST.MF file, and correct version info there to match server settings. Or undeploy the misconfigured library.
at weblogic.application.internal.library.LibraryDeploymentFactory.getLibData(LibraryDeploymentFactory.java:113)
at weblogic.application.internal.library.LibraryDeploymentFactory.createDeployment(LibraryDeploymentFactory.java:48)
at weblogic.application.internal.DeploymentManagerImpl.createDeployment(DeploymentManagerImpl.java:84)
at weblogic.deploy.internal.targetserver.BasicDeployment.createDeployment(BasicDeployment.java:149)
at weblogic.deploy.internal.targetserver.AppDeployment.prepare(AppDeployment.java:114)
Truncated. see log file for complete stacktrace
<Month Date, year Time Timezone> <Error> <Deployer> <BEA-149205> <Failed to initialize the application 'oam_server' due to error weblogic.management.DeploymentException: [Deployer:149268]Static deployment 
of non-versioned application 'oam_server' failed due it its manifest defines version.. 
weblogic.management.DeploymentException: [Deployer:149268]Static deployment of non-versioned application 'oam_server' failed due it its manifest defines version.
at weblogic.deploy.internal.targetserver.AppDeployment.staticDeployValidationForN 
onVersion(AppDeployment.java:186)
at weblogic.deploy.internal.targetserver.AppDeployment.prepare(AppDeployment.java:108)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:40)
at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
at weblogic.management.deploy.internal.AppTransit

For more information, see "Starting the Stack" in the Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management.

4.13 Redeploying Oracle Access Management Access Manager Servers and Shared Libraries

You must redeploy Oracle Access Management Access Manager for the following reasons:

To redeploy Access Manager servers and shared Access Manager libraries, complete the following steps:

On UNIX:

  1. Move from your present working directory to the <IAM_HOME>/common/bin directory by running the following command on the command line:

    cd <IAM_HOME>/common/bin

  2. Run the following command to launch the WebLogic Scripting Tool (WLST):

    ./wlst.sh

  3. Connect to the Administration Server using the following command:

    connect('weblogic-username','weblogic-password','<weblogic_host>:<port>')

  4. Run the following command:

    redeployOAM("<ORACLE_HOME>","<ORACLE_COMMON_HOME>",adminTarget="Admin_name",serverTarget="oam_server1")

    Note:

    The following exception is displayed after the Access Manager server deployment because tmp and stage directories still exists. You can ignore the errors:

    [HTTP:101216]Servlet: "AMInitServlet" failed to preload on startup in Web application: "oam".
    java.lang.ExceptionInInitializerError
    at java.lang.J9VMInternals.initialize(J9VMInternals.java:222)
    at oracle.security.am.engines.sso.adapter.AbstractSessionAdapterImpl.checkAndInit(AbstractSessionAdapterImpl.java:97)
    at oracle.security.am.engines.sso.adapter.AbstractSessionAdapterImpl.<init>(AbstractSessionAdapterImpl.java:75)
    at oracle.security.am.engines.sso.adapter.MultipleUserSessionAdapterImpl.<init>(MultipleUserSessionAdapterImpl.java:56
    at oracle.security.am.engines.sso.adapter.MultipleUserSessionAdapterImpl.<clinit>(MultipleUserSessionAdapterImpl.java:45)
    at java.lang.J9VMInternals.initializeImpl(Native Method)
    at java.lang.J9VMInternals.initialize(J9VMInternals.java:200)
    at oracle.security.am.engines.sso.adapter.SessionManagementAdapterFactory.getAdapter(SessionManagementAdapterFactory.java:46
    Caused by: oracle.security.am.common.utilities.exception.AmRuntimeException:OAM Server Key initialization failed
    Caused by: javax.crypto.BadPaddingException: Given final block not properly padded
    
  5. Exit the WLST console using the exit() command.

On Windows:

  1. Move from your present working directory to the <IAM_HOME>\common\bin directory by running the following command on the command line:

    cd <IAM_HOME>\common\bin

  2. Run the following command to launch the WebLogic Scripting Tool (WLST):

    wlst.cmd

  3. Connect to the Administration Server using the following command:

    connect('weblogic-username','weblogic-password','<weblogic_host>:<port>')

  4. Run the following command:

    redeployOAM("<MW_HOME>","<ORACLE_COMMON_HOME>",adminTarget="AdminServer",serverTarget="oam_server1"

    Note:

    The following exception is displayed after Access Manager server deployment because the tmp and stage directories still exists. You can ignore the errors:

    [HTTP:101216]Servlet: "AMInitServlet" failed to preload on startup in Web application: "oam".
    java.lang.ExceptionInInitializerError
    at java.lang.J9VMInternals.initialize(J9VMInternals.java:222)
    at oracle.security.am.engines.sso.adapter.AbstractSessionAdapterImpl.checkAndInit(AbstractSessionAdapterImpl.java:97)
    at oracle.security.am.engines.sso.adapter.AbstractSessionAdapterImpl.<init>(AbstractSessionAdapterImpl.java:75)
    at oracle.security.am.engines.sso.adapter.MultipleUserSessionAdapterImpl.<init>(MultipleUserSessionAdapterImpl.java:56
    at oracle.security.am.engines.sso.adapter.MultipleUserSessionAdapterImpl.<clinit>(MultipleUserSessionAdapterImpl.java:45)
    at java.lang.J9VMInternals.initializeImpl(Native Method)
    at java.lang.J9VMInternals.initialize(J9VMInternals.java:200)
    at oracle.security.am.engines.sso.adapter.SessionManagementAdapterFactory.getAdapter(SessionManagementAdapterFactory.java:46)
    Caused by: oracle.security.am.common.utilities.exception.AmRuntimeException:OAM  Server Key initialization failed
    Caused by: javax.crypto.BadPaddingException: Given final block not properly padded
    
  5. Exit the WLST console using the exit() command.

Table 4-6 describes the parameters you need to specify on the command line:

Table 4-6 Parameters for Redeploying Access Manager Servers and Shared Libraries

Parameter Description

ORACLE_HOME

Specify the complete path to the Oracle Home.

For example:

On UNIX, it is located in the Oracle/Middleware directory.

On Windows, it is located in the Oracle\Middleware directory.

ORACLE_COMMON_HOME

Specify the complete path to the Oracle common home.

For example:

On UNIX, it is located in the Oracle/Middleware/Common_home directory.

On Windows, it is located in the Oracle\Middleware\Common_home directory.

adminTarget

Specify the Administration Server name you have given while configuring Access Manager.

serverTarget

Specify the Managed Server name you have given while configuring Access Manager.


The deployment may fail if the SDP library is already installed as a part of the SOA deployments. See Section 4.18.2, "Redeploy Oracle Access Management Access Manager" for recovery procedures.

4.14 Stopping the Administration Server and Access Manager Managed Servers

To stop the servers, see Section 4.2, "Shutting Down Administration Server and Managed Servers".

4.15 Deleting Folders

This step is required to uptake new version of the Access Manager Managed Server. The redeploy command does not delete the tmp directories.

In order to deploy Oracle Access Manager 11.1.1.5.0 server content and applications to Access Manager 11.1.2, you must delete all folders in the following location:

On UNIX:

<MW_Home>/user_projects/domains/domain_home/servers/<OAM_MANAGED_SERVER_NAME>

On Windows:

<MW_Home>\user_projects\domains\domain_home\servers\<OAM_MANAGED_SERVER_NAME>

4.16 Starting the Administration Server and Access Manager Managed Servers

To start the servers, see Section 4.12, "Starting the Administration Server and Access Manager Managed Servers".

Note:

The Administration server start-up takes approximately 30 minutes due to policy migration.

4.17 Verifying the Upgrade

Use the following URL in a web browser to verify that Oracle Access Management Access Manager 11g Release 2 (11.1.2) is running:

http(s)://<oam_admin_server_host>:<oam_admin_server_port>/oamconsole

Note:

This note is applicable only to users who currently have Oracle Identity Manager and Oracle Access Manager components integrated in 11g R1 (11.1.1.5.1) or earlier versions, and are upgrading both Oracle Identity Manager and Access Manager to 11g R2 (11.1.2).

After upgrading the components to 11g Release 2 (11.1.2), see "Using the idmConfigTool Command" in the Oracle Fusion Middleware Integration Guide for Oracle Identity Management Suite.

4.18 Troubleshooting

For troubleshooting topics, see the following sections:

4.18.1 ImportAccessData

If you get a class not found exception, it is because you have not exited from the WLST console after running the exportAccessData command.

Exit the WLST console using the exit() command.

4.18.2 Redeploy Oracle Access Management Access Manager

  • If you get the following exception, then the SDP library is already installed.

    <Month <Date>, Year Time Time ZOne> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating deploy operation for application, oracle.sdp.client#11.1.1@11.1.1 [archive: <ORACLE_HOME>/communications/modules/oracle.sdp.client_11.1.1/sdpclient.jar], to oam_server1 .>
    weblogic.management.ManagementException: [Deployer:149007]New source location, '<ORACLE_HOME>/communications/modules/oracle.sdp.client_11.1.1/sdpclient.jar', cannot be deployed to configured application, 'oracle.sdp.client [LibSpecVersion=11.1.1,LibImplVersion=11.1.1]'. The application source is at '<ORACLE_SOA_HOME>/communications/modules/oracle.sdp.client_11.1.1/sdpclient.jar'. Changing the source location is not allowed for a previously attempted deployment. Try deploying without specifying the source.Failed to deploy the application with status failed
    Current Status of your Deployment:
    Deployment command type: deploy
    Deployment State : failed
    Deployment Message : weblogic.management.ManagementException: [Deployer:149007]New source location, '<ORACLE_HOME>/communications/modules/oracle.sdp.client_11.1.1/sdpclient.jar', cannot be deployed to configured application, 'oracle.sdp.client [LibSpecVersion=11.1.1,LibImplVersion=11.1.1]'. The application source is at '<ORACLE_SOA_HOME>/communications/modules/oracle.sdp.client_11.1.1/sdpclient.jar'. Changing the source location is not allowed for a previously attempted deployment. Try deploying without specifying the source.
    Error occured while performing deploy : Target exception thrown while deploying application: Error occured while performing deploy : Deployment Failed. : Error occured while performing deploy : Deployment Failed.
    Use dumpStack() to view the full stacktrace
    Deploying application from <ORACLE_HOME>/oam/server/apps/oam-admin.ear to targets AdminServer (upload=false) ...
    

    Complete the following steps to recover:

    1. Log into the WebLogic console.

    2. Check for the following library:

      oracle.sdp.client(11.1.1,11.1.1)

    3. Target this library to oam_server1

    4. Run the following command:

      deployOAMServer("<ORACLE_HOME>",adminTarget="AdminServer",serverTarget="oam_server1")

  • If you get the following error after the Access Manager server deployment, it is because the tmp and stage directories still exist in your environment.

    Ignore it:

    [HTTP:101216]Servlet: "AMInitServlet" failed to preload on startup in Web application: "oam".
    java.lang.ExceptionInInitializerError
    at java.lang.J9VMInternals.initialize(J9VMInternals.java:222)
    at oracle.security.am.engines.sso.adapter.AbstractSessionAdapterImpl.checkAndInit(AbstractSessionAdapterImpl.java:97)
    at oracle.security.am.engines.sso.adapter.AbstractSessionAdapterImpl.<init>(AbstractSessionAdapterImpl.java:75)
    at oracle.security.am.engines.sso.adapter.MultipleUserSessionAdapterImpl.<init>(MultipleUserSessionAdapterImpl.java:56)
    at oracle.security.am.engines.sso.adapter.MultipleUserSessionAdapterImpl.<clinit>(MultipleUserSessionAdapterImpl.java:45)
    at java.lang.J9VMInternals.initializeImpl(Native Method)
    at java.lang.J9VMInternals.initialize(J9VMInternals.java:200)
    at oracle.security.am.engines.sso.adapter.SessionManagementAdapterFactory.getAdapter(SessionManagementAdapterFactory.java:46)
    

4.18.3 Restarting Administration Server

If you get the following error, the 11.1.2 Repository Creation Utility is not new and has data.

oracle.security.am.common.policy.admin.impl.PolicyValidationException: OAMSSA-06045: An object of this type named "HTTP" already exists.
at oracle.security.am.common.policy.admin.impl.ResourceTypeManagerImpl.isValidWrite(ResourceTypeManagerImpl.java:482)
at oracle.security.am.common.policy.admin.impl.ResourceTypeManagerImpl.createResourceType(ResourceTypeManagerImpl.java:165)
at oracle.security.am.common.policy.tools.OAMPolicyStoreBootstrap.createResourceType(OAMPolicyStoreBootstrap.java:554)
at oracle.security.am.common.policy.tools.OAMPolicyStoreBootstrap.addOAMObjs(OAMPolicyStoreBootstrap.java:328)
at oracle.security.am.common.policy.tools.OAMPolicyStoreBootstrap.addPolicyObjects(OAMPolicyStoreBootstrap.java:280)
at oracle.security.am.common.policy.tools.OAMPolicyStoreBootstrap.bootstrap(OAMPolicyStoreBootstrap.java:233)
at oracle.security.am.install.OAMInstaller.bootstrapOES(OAMInstaller.java:1064)
at oracle.security.am.install.OAMInstaller.bootstrapPolicy(OAMInstaller.java:1423)
at oracle.security.am.install.OAMInstaller.upgradePolicy(OAMInstaller.java:1513)

Check if a new Repository Creation Utility schema is created for Access Manager. Also check if the domain has been updated to use the new 11.1.2 Repository Creation Utility.

4.18.4 Restarting Managed Server

If you get the following error, the tmp and stage folders still exists:

Caused by:
com.bea.security.ParameterException: Invalid configuration: cannot locate class: com.bea.security.ssal.micro.MicroSecurityServiceManagerWrapper
at com.bea.security.impl.SecurityRuntimeImpl.getNewInstance(SecurityRuntimeImpl.java:263)
at com.bea.security.impl.SecurityRuntimeImpl.initialize(SecurityRuntimeImpl.java:313)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.security.SecurityRuntime.initialize(SecurityRuntime.java:140)
at com.bea.security.impl.MicroSMImpl.getInstance(MicroSMImpl.java:167)

This error is resolved once you remove the tmp and stage folders, as instructed in Section 4.15, "Deleting Folders".