15.7 Remote Registration Templates: OAM Agents

Oracle provides both a short and extended registration request template for use with the remote agent registration tool: oamreg.sh (Linux) or oamreg.bat (Windows).

This topic focuses on OAM Agent templates (WebGates and Access Clients). Regardless of the template you choose (short or extended), only a few differences exist between 11g and 10g OAM Agent templates, listed in Table 15-9 and stored in $OAM_REG_HOME/input/.

Table 15-9 Remote Registration Request Templates for OAM Agents

Template Type Template Name in $OAM_REG_HOME/input/

Abbreviated (Short) Form

  • OAM11GRequest_short.xml (11g WebGates)

  • OAMRequest_short.xml (10g WebGates)

Extended (Full) Form

  • OAM11gRequest.xml (11g WebGates)

  • OAMRequest.xml (10g WebGates)

Other Templates

Update Agent

Create Policies, Update Policies

Out-of-band Response

For a look at these specialized tasks and templates, see:

Note:

Despite being nearly identical for both 10g and 11g WebGates, be sure to copy and use the appropriate request for your release.

15.7.1 OAM Agent Parameters for Remote Registration

Element names in request templates might differ slightly from counterparts in the Oracle Access Management Console. Unless explicitly stated, all information applies equally to requests for both 10g and 11g WebGates/Access Clients.

Table 15-10 describes elements specific to OAM Agent remote registration requests. Protected, public, and excluded resource lists are included in both the short and extended request templates for OAM Agents.

Note:

Descriptions of elements in Table 15-10 are in Table 15-3.

Table 15-10 Elements in Extended OAM Agent Remote Registration Requests

Element Example

<serverAddress>

<agentName>

<hostIdentifier>

<agentBaseUrl>

<autoCreatePolicy>

<applicationDomain>

<virtualhost>

<allowCredentialCollectorOperations>

<allowMasterTokenRetrieval>

See Table 15-8.

<hostPortVariationsList>

 
<hostPortVariationsList>
  <host>host1</host> 
  <port>7777</port>
 </hostPortVariations>
  <host>host2</host> 
  <port>7778</port>
 </hostPortVariations>
</hostPortVariationsList>

<protectedResourcesList>

 
<protectedResourcesList>
   <resource>/</resource>
</protectedResourcesList>

<publicResourcesList>

 
<publicResourcesList>
   <resource>/public/index.html
   </resource>
</publicResourcesList>

<excludedresourcesList>

 
<excludedresourcesList>
   <resource>/excluded/index.html
   </resource>
</excludedresourcesList>

<primaryCookieDomain>

10g Request Only

In OAMRequest.xml (10g WebGates) <hostIdentifier> is also used as preferred HTTP host

 
<primaryCookieDomain>{client_domain}
</primaryCookieDomain>

<maxCacheElems>

 
<maxCacheElems>100000
</maxCacheElems>

<cacheTimeout>

 
<cacheTimeout>1800</cacheTimeout>

<tokenValidityPeriod>

11g Request Only

 
<tokenValidityPeriod>3600
</tokenValidityPeriod>

<cookieSessionTime>

10g WebGate only, Registering and Managing 10g WebGates with Access Manager 11g

 
<cookieSessionTime>3600
</cookieSessionTime>

<maxConnections>

 
<maxConnections>1</maxConnections>

<maxSessionTime>

 
<maxSessionTime>24</maxSessionTime>

<idleSessionTimeout>

10g WebGate only, Registering and Managing 10g WebGates with Access Manager 11g

 
<idleSessionTimeout>3600>
</idleSessionTimeout

<failoverThreshold>

 
<failoverThreshold>1
</failoverThreshold>

<aaaTimeoutThreshold>-

 
<aaaTimeoutThreshold>-1
</aaaTimeoutThreshold>

<sleepFor>

 
<sleepFor>60</sleepFor>

<debug>

 
<debug>false</debug>

<security>

 
<security>open</security

<denyOnNotProtected>

 
<denyOnNotProtected>1
</denyOnNotProtected>

<allowManagementOperations>

 
<allowManagementOperations>false/<allowManagementOperations>

<cachePragmaHeader>

<cacheControlHeader>

 
<cachePragmaHeader>no-cache
</cachePragmaHeader>

<cacheControlHeader>no-cache
</cacheControlHeader

<ipValidation>

 
<ipValidation>0</ipValidation>

<ipValidationExceptions>

 
<ipValidationExceptions>
  <ipAddress>10,11,11,11</ipAddress>
  <ipAddress>10,11,11,12</ipAddress>
  <ipAddress>10,11,11,13</ipAddress>
</ipValidationExceptions>

<logOutUrls>

 
<logOutUrls>
    <url>/logout1.html</url>
    <url>/logout2.html</url>
</logOutUrls>

<logoutCallbackUrl>

11g Request Only

 
<logoutCallbackUrl>/oam_logout_success
</logoutCallbackUrl>

<logoutTargetUrlParamName>

11g Request Only

 
<logoutTargetUrlParamName>end_url
</logoutTargetUrlParamName>

User-Defined Parameter Names

Examples

<userDefinedParameters>
   <userDefinedParam>
      <name>...</name>
      <value>...</value>
</userDefinedParam>

MaxPostDataLength

 
<userDefinedParameters>
   <userDefinedParam>
      <name>MaxPostDataLength</name>
      <value>750000</value>
</userDefinedParam>

maxSessionTimeUnits

 
<userDefinedParameters>
   <name>maxSessionTimeUnits</name>
   <value>hours</value>
</userDefinedParam>

useIISBuiltinAuthentication

 
<userDefinedParameters>
<name>useIISBuiltinAuthentication
   </name>
   <value>false</value>
</userDefinedParam>

idleSessionTimeoutLogic

10g WebGates only

 
<userDefinedParameters>
   <name>idleSessionTimeoutLogic
</name>
   <value>leastComponentIdleTimeout
</value>
</userDefinedParam>

URLInUTF8Format

 
<userDefinedParameters>

   <name>URLInUTF8Format</name>
   <value>true</value>
</userDefinedParam>

inactiveReconfigPeriod

Shared secret applies to only 10g WebGate

Configuration applies to only 11g WebGate.

 
<userDefinedParameters>
<name>inactiveReconfigPeriod</name>
<value>10</value>
</userDefinedParam>

WaitForFailover

 
<userDefinedParameters>
   <name>WaitForFailover</name>
   <value>-1</value>
</userDefinedParam>

proxySSLHeaderVar

 
<userDefinedParameters>
   <name>proxySSLHeaderVar</name>
   <value>IS_SSL</value>
</userDefinedParam>

client_request_retry_attempts

 
<userDefinedParameters>
   <name>client_request_retry_attempts </name>
   <value>1</value>
</userDefinedParam>

ContentLengthFor401Response

 
<userDefinedParameters>
   <name>ContentLengthFor401Response
</name>
   <value>0</value>
</userDefinedParam>

SUN61HttpProtocolVersion

 
<userDefinedParameters>
   <name>SUN61HttpProtocolVersion
</name>
   <value>1.0</value>
</userDefinedParam>

impersonationCredentials

 
<userDefinedParameters>
   <name>username:password
</name>
   <value>cred</value>
</userDefinedParam>

UseWebGateExtForPassthrough

 
<userDefinedParameters>
   <name>UseWebGateExtForPassthrough
</name>
   <value>false</value>
</userDefinedParam>

syncOperationMode

 
<userDefinedParameters>
   <name>syncOperationMode</name>
   <value>false</value>
</userDefinedParam>

filterOAMAuthnCookie

11g Request only.

 
<userDefinedParameters>
   <name>filterOAMAuthnCookie</name>
   <value>true</value>
</userDefinedParam>