4 Upgrading Oracle Adaptive Access Manager 11g Release 2 (11.1.2.x.x) Environments

This chapter describes how to upgrade Oracle Adaptive Access Manager 11g Release 2 (11.1.2.1.0) and 11g Release 2 (11.1.2) environments to Oracle Adaptive Access Manager 11g Release 2 (11.1.2.2.0) on Oracle WebLogic Server.

Note:

For information about upgrading Oracle Adaptive Access Manager on IBM WebSphere, see "Upgrading Oracle Adaptive Access Manager on IBM WebSphere" in the Oracle Fusion Middleware Third-Party Application Server Guide.

Note:

This chapter refers to Oracle Adaptive Access Manager 11g Release 2 (11.1.2) and 11g Release 2 (11.1.2.1.0) environments as 11.1.2.x.x.

This chapter includes the following sections:

4.1 Upgrade Roadmap for Oracle Adaptive Access Manager

Note:

If you do not follow the exact sequence provided in this task table, your Oracle Adaptive Access Manager upgrade may not be successful.

Table 4-1 lists the steps to upgrade Oracle Adaptive Access Manager.

Table 4-1 Roadmap for Upgrading Oracle Adaptive Access Manager 11.1.2.x.x to 11.1.2.2.0.

Sl No Task For More Information

1

Review system requirements and certifications.

See, Reviewing System Requirements and Certification

2

Stop the WebLogic Administration Server and the Oracle Adaptive Access Manager Managed Server(s) before you start the upgrade process.

See, Shutting Down Administration Server and Managed Servers

3

Back up your existing Oracle Adaptive Access Manager 11.1.2.x.x Environment.

See, Backing Up Oracle Adaptive Access Manager 11.1.2.x.x

4

Upgrade Oracle WebLogic Server to 10.3.6, if necessary.

See, Optional: Upgrading Oracle WebLogic Server

5

Update the Oracle Adaptive Access Manager 11.1.2.x.x binaries to 11.1.2.2.0.

See, Updating Oracle Adaptive Access Manager Binaries to 11.1.2.2.0

6

Upgrade the OAAM, MDS, IAU, and OPSS Schemas using Patch Set Assistant.

See, Upgrading OAAM, MDS, IAU, and OPSS Schemas

7

Upgrade the Oracle Platform Security Services.

See, Upgrading Oracle Platform Security Services

8

Start the WebLogic Administration Server and Oracle Adaptive Access Manager Managed Server(s).

See, Starting the Servers

9

If you are upgrading Oracle Adaptive Access Manager 11.1.2 to 11.1.2.2.0, you must redeploy the applications after you start the servers.

See, Redeploying the Applications

10

Verify the Oracle Adaptive Access Manager upgrade.

See, Verifying the Upgrade

4.2 Reviewing System Requirements and Certification

Before you start the upgrade process, you must read the system requirements and certification document to ensure that your system meets the minimum requirements for the products you are installing or upgrading to. For more information see Section 2.1, "Reviewing System Requirements and Certification".

4.3 Shutting Down Administration Server and Managed Servers

The upgrade process involves changes to the binaries and to the schema. Therefore, before you begin the upgrade process, you must shut down the WebLogic Administration Server and the Oracle Adaptive Access Manager Managed Servers.

For more information about stopping the WebLogic Administration Server and the Managed Servers, see Section 2.8, "Stopping the Servers".

4.4 Backing Up Oracle Adaptive Access Manager 11.1.2.x.x

You must back up your Oracle Adaptive Access Manager 11.1.2.x.x environment before you upgrade to Oracle Adaptive Access Manager 11.1.2.2.0.

After stopping the servers, you must back up the following:

  • MW_HOME directory, including the Oracle Home directories inside Middleware Home

  • Oracle Adaptive Access Manager Domain Home directory

  • Oracle Adaptive Access Manager schema

  • IAU schema, if it is part of any of your Oracle Adaptive Access Manager 11.1.2.x.x schema

  • MDS schema

For more information about backing up the Middleware Home and the schemas, see Section 2.2, "Backing up the Existing Environment".

4.5 Optional: Upgrading Oracle WebLogic Server

Note:

Upgrading Oracle WebLogic Server is not mandatory. However, Oracle recommends that you upgrade Oracle WebLogic Server to 10.3.6.

You can upgrade your existing WebLogic Server to Oracle WebLogic Server 10.3.6 if you are not using Oracle WebLogic Server 10.3.6.

For information about upgrading Oracle WebLogic Server to 10.3.6, see Section 2.3, "Upgrading to Oracle WebLogic Server 10.3.6".

4.6 Updating Oracle Adaptive Access Manager Binaries to 11.1.2.2.0

To update the Oracle Adaptive Access Manager 11.1.2.x.x binaries to 11.1.2.2.0, you must use the Oracle Identity and Access Management 11.1.2.2.0 Installer. During the procedure, point the Middleware Home to your existing 11.1.2.x.x Middleware Home. Your Oracle Home is upgraded from 11.1.2.x.x to 11.1.2.2.0.

For information about updating the Oracle Adaptive Access Manager binaries to 11.1.2.2.0, see Section 2.4, "Updating Oracle Identity and Access Management Binaries to 11g Release 2 (11.1.2.2.0)".

4.7 Upgrading OAAM, MDS, IAU, and OPSS Schemas

You must upgrade the following schemas using Patch Set Assistant:

  • OAAM schema

  • MDS schema

  • OPSS schema

  • IAU schema (You must upgrade Audit schema (IAU) only if it is part of your 11.1.2.x.x schemas.

Note:

When upgrading schemas using Patch Set Assistant, you must select OAAM or OAAM_PARTN as appropriate, and provide details on all screens to complete the upgrade.

For information about upgrading schemas using Patch Set Assistant, see Section 2.6, "Upgrading Schemas Using Patch Set Assistant".

4.8 Upgrading Oracle Platform Security Services

After you upgrade schemas, you must upgrade Oracle Platform Security Services (OPSS).

Upgrading Oracle Platform Security Services is required to upgrade the configuration and policy stores of Oracle Adaptive Access Manager to 11.1.2.2.0. It upgrades the jps-config.xml file and policy stores.

For information about upgrading Oracle Platform Security Services, see Section 2.7, "Upgrading Oracle Platform Security Services".

4.9 Starting the Servers

Start the WebLogic Administration Server and the Oracle Adaptive Access Manager Managed Server(s).

For information about starting the WebLogic Administration Server and the Managed Servers, see Section 2.9, "Starting the Servers".

4.10 Redeploying the Applications

If you are upgrading Oracle Adaptive Access Manager 11.1.2 to 11.1.2.2.0, you must redeploy changes to the applications in the domain. Redeploy your 11.1.2 application on the Oracle Adaptive Access Manager 11.1.2.2.0 servers.

You can redeploy the application using command line or using the WebLogic Administration console. Complete the following steps described in one of the following sections to redeploy applications:

Redeploying Applications Using Command Line

To redeploy applications on Oracle Adaptive Access Manager 11.1.2.2.0 servers using command line, do the following:

  1. Launch the WebLogic Scripting Tool (WLST) by running the following command from the location IAM_HOME/common/bin:

    On UNIX: ./wlst.sh

    On Windows: wlst.cmd

  2. Connect to the Administration Server using the following command:

    connect('weblogic-username','weblogic-password','weblogic-url')

    For example:

    connect('wlsuser','wlspassword','localhost:7001')

  3. Stop the applications by running the following commands:

    • stopApplication('oaam_admin')

    • stopApplication('oaam_server')

    Note:

    If you have Oracle Adaptive Access Manager Offline Server in your setup, run the stopApplication() command to stop 'oaam_offline' too.

  4. Redeploy the applications by running the following commands:

    • redeploy('oracle.oaam.extensions')

    • redeploy('oaam_admin')

    • redeploy('oaam_server')

    Note:

    If you have Oracle Adaptive Access Manager Offline Server in your setup, run the redeploy() command to redeploy applications on 'oaam_offline' too.

  5. Start the applications by running the following commands:

    • startApplication('oaam_admin')

    • startApplication('oaam_server')

    Note:

    If you have Oracle Adaptive Access Manager Offline Server in your setup, run the startApplication() command to stop 'oaam_offline' too.

  6. Exit the WLST console using the exit() command.

For more information about using the redeploy command, see "redeploy" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

Redeploying Applications Using WebLogic Administration Console

To redeploy applications on Oracle Adaptive Access Manager 11.1.2.2.0 servers using the WebLogic Administration console, do the following

  1. Log in to the WebLogic Administration console using the following URL:

    http://admin_host:admin_port/console

  2. Go to the Deployments tab.

  3. Click lock and Edit on the left panel.

  4. Select oaam_extension_library.

  5. Click Update.

  6. The console shows the location of the .ear file. Confirm if that is the correct location of the .ear file that you wish to deploy; Otherwise, change the location.

  7. Click Finish.

  8. When the deployment is completed, click Release configuration.

  9. Repeat the procedure for OAAM_ADMIN, OAAM_SERVER, and OAAM_OFFLINE as applicable.

4.11 Verifying the Upgrade

To verify the Oracle Adaptive Access Manager upgrade, do the following:

  • Verify the log file at the location MW_HOME/oracle_common/upgrade/logs to ensure that the upgrade was successful.

  • Verify the version of the OAAM schema by connecting to the OAAM schema as OAAM_schema_user, and running the following query:

    select version,status,upgraded from schema_version_registry where owner=<SCHEMA_NAME>;

    Ensure that the version number is 11.1.2.2.0.

  • Log in to the OAAM Administration console using the following URL:

    http://oaam.example.com:<oaam_port>/oaam_admin

    Verify if the version number of Oracle Adaptive Access Manager is 11.1.2.2.0.