Go to primary content
Oracle Agile Engineering Data Management Security Guide
Release e6.2.0.0
E52560-02
Next
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Overview of Agile e6 System
1.1
Agile e6 System Services
1.2
Agile e6 System Components
1.2.1
Server Side Components
1.2.2
Client Side Components
1.3
Security Objectives of Agile e6 System
1.4
System-wide Advice
2
Secure Environment - HTTP(S) Support
2.1
Prerequisites
2.2
Secure External Communication
2.2.1
Setup Apache HTTPD as SSL Reverse Proxy
2.2.1.1
Tokens in the Configuration Files
2.2.1.2
Check Your Configuration
2.2.2
Setup HTTPS on the Oracle WebLogic Servers
2.2.3
Setup the Java Client/Java Virtual Machine
2.2.3.1
Java Client with Proxy
2.2.4
Setup Web Fileservice
2.2.5
Setup AutoVue
2.2.6
Setup Web Client
2.2.6.1
Setting up WPS to use HTTPS
2.2.6.2
Deactivate Web Client
2.2.7
Change Lightweight Report URL
2.2.8
Setup Workflow Mailing
3
Wallets
3.1
Overview Wallet Infrastructure
3.2
Manual Creation of Wallets
3.2.1
Admin Client
3.2.2
Batch
3.2.2.1
Use the batchkeytool to Create the Oracle Wallet
3.2.2.2
Use the epkeytool to Create the Oracle Wallet for a Batch Client
3.2.3
EIP
3.2.4
FMS
3.2.5
Server
3.2.6
SSO
3.2.7
WebService SSO
3.2.8
Upgrade Tool
4
Encryption
4.1
Encrypt Passwords
4.2
Secured Components
4.3
WebLogic Encryption
4.4
Agile e6 Encryption
4.4.1
EDM Server
4.4.2
File Server
4.4.3
WebLogic
4.4.4
Batch Clients
4.5
Enterprise Integration Platform Encryption
5
Authentication
5.1
LDAP Support
5.1.1
Prerequisites
5.1.2
User Authentication via LDAP
5.1.3
Setup an LDAP User
5.1.4
Configuration Parameter
5.1.5
Secure LDAP Connection
5.1.5.1
Support Oracle Wallet to store the LDAP Server Certificate
5.1.5.2
Import LDAP Server Certificate on Windows
5.1.5.3
Verify LDAP Environment
5.1.5.4
Support Backup LDAP Server for Fail Over
5.2
Java Client Single Sign-On (SSO)
5.2.1
Kerberos Prerequisites
5.2.1.1
Kerberos Infrastructure
5.2.1.2
Request Basic Information About Your Kerberos Environment
5.2.1.3
Java Kerberos Configuration File
5.2.1.4
Store the Java Kerberos Configuration File
5.2.1.5
Service Principals and keyTab Files
5.2.1.6
Define Installation Environment
5.2.1.7
Determine the Servers for Kerberos Principals
5.2.1.8
Required Service Principal Names for the Examples
5.2.1.9
Request Kerberos Service Principals for Your Servers
5.2.1.10
Get the keyTab Files From Your Kerberos Administrator
5.2.1.11
Create keyTab for Service Principal
5.2.1.12
Store the keyTab Files
5.2.2
EDM Server Configuration
5.2.3
Agile e6 J2EE Components Configuration
5.2.3.1
Create Secured Directory
5.2.3.2
Install Java Kerberos Configuration File
5.2.3.3
Install keyTab File(s)
5.2.3.4
Configure Your Service Principal Name(s)
5.2.3.5
Populate Kerberos Configuration to WebLogic Server
5.2.3.6
Restart the Domain
5.2.3.7
Troubleshooting
5.2.3.8
Tracing
5.2.3.9
Common reasons for an error
5.3
Web Service SSO
5.3.1
WebLogic SAML Configuration
6
Agile e6 Database User and Privileges
6.1
Predefined Agile e6 User
6.2
Windows Users
6.3
UNIX Users
6.4
Default Installation Permissions
6.4.1
Windows
6.4.2
UNIX
6.5
Detailed Access Permissions
6.5.1
Installation User
6.5.2
Runtime User
6.5.3
File Server User
6.6
Example How to Use Strict Access Permissions
6.6.1
Windows
6.6.2
UNIX
7
Securing Ports
7.1
Range of Ports
7.1.1
Well Known Port Numbers
7.1.2
Registered Port Numbers
7.1.3
Dynamic and/or Private Ports
7.2
Range of Values and Dependencies
8
Securing the Database
8.1
Default Setup
8.1.1
DB Role AGILE_E_ROLE
8.2
Advanced Setup
9
Additional Security Relevant Information
9.1
Access Rights for User
9.2
URL Linking Support
9.3
Whitelist Mechanism for Masks
9.4
Number Variant configuration for ECI Web Service Access
9.5
Apache Tomcat Security
9.6
WebLogic Security