Oracle9iAS Portal Configuration Guide Release 3.0.9 Part Number A90096-01 |
|
This appendix provides information about the configuration files which can affect the connection to and the behavior of the Oracle9i Application Server and its components in the middle-tier as well as on other machines to which it is connecting.
Specific topics covered include:
Table A-1 lists the important Oracle9i Application Server configuration control points and their locations.
<ORACLE_HOME>
is the location of your Oracle9i Application Server installation.
The Oracle HTTP Server powered by Apache configuration file, httpd.conf
, contains configuration information for running the Oracle HTTP Server. The contents of this file includes information about listening ports, server names, virtual hosts, proxy configurations, and the like. Also, configuring Secure Sockets Layer (SSL) support by defining information such as certificates and other HTTPS configuration directives is done in this file.
<ORACLE_HOME>/Apache/Apache/conf/httpd.conf
The zone.properties
file contains information specific to the servlets being run under the Apache JServ environment. This is the environment where the Parallel Page Engine servility runs. This file sets up specific parameters which the servlets use for initialization.
This file is used by the servlets at initialization time. The Parallel Page Engine uses this file to get certain required information for it to run properly. If configuring the Portal to run in SSL mode, one of the items needed here is to tell the Parallel Page Engine which ports are secure ports. This way it knows what protocol should be used on different ports. You can add as many ports as needed for secure communication by separating the port numbers with a colon ":".
The wdbsvr.app
file contains the definition of the Database Access Descriptors (DADs) which define the connection information that the PL/SQL Gateway (mod_plsql) uses to connect to a particular database schema.
The DAD is the entity which informs the middle-tier which database to connect to, and the username and password for connecting to that database. By specifying the appropriate connect string, the middle-tier can connect to a database on any remote host, or may connect to a database on the local machine.
Table A-2 lists the configuration parameters for setting up a DAD for use with the Login Server or Oracle Portal.
Table A-2 Database Access Descriptor (DAD) configuration parameters
The tnsnames.ora
file defines the entries that can be used as connect strings in the DADs.
Also, the tnsnames.ora
file in the Oracle Home location containing your Oracle9i Application Server must have a connect string entry pointing to the database where your Oracle Portal installation is located.
In the C shell, for example, type the following at a command line prompt:
setenv TNS_ADMIN path
path
points to the tnsnames.ora
file. This command differs depending on the shell.
The WWSEC_ENABLER_CONFIG_INFO$
table is the configuration table for the Single Sign-on enabler stack.
Each Partner Application to the Login Server has such a table for configuration information. As such, one such table exists in the Oracle Portal schema as well as the Login Server schema, since the Login Server application is a Partner Application as well. This table defines the login URL for the Login Server which this Partner Application is associated with.
It is important to understand how the LSNR_TOKEN
is used in the enabler configuration table in order to plan what entries are required depending on your configuration.
This table may have more than one entry. There is one entry for each way the application's server is addressed. Understanding this requires a review of the authentication sequence. For the purposes of this discussion, the main flows include:
wwsec_app_priv.process_signon
).
The Login Server (SSO) partner enabler APIs read the WWSEC_ENABLER_CONFIG_INFO$
table for configuration information. Similarly, in the Login Server, the Login Server's private APIs read the WWSSO_PAPP_CONFIGURATION_INFO$
table. In the latter table, the URL that should be redirected to each Partner Application.
Since each Partner Application's success URL is stored in the Login Server's Partner Application configuration table, to support multiple host names for the Partner Application, each distinct host name requires its own Partner Application entry on the Login Server so that each one can specify a success URL that has the same hostname as the Partner Application so that the session cookie can be scoped appropriately. Furthermore, the domain to which cookies are scoped includes the server name (ServerName) and port, so server.domain.com:80 is treated as a different cookie domain from server.domain.com:8080.
Each entry in the enabler configuration table is then selected based on the host name and port that was used by the Partner Application.
For example, let's say that you wanted Oracle Portal to be accessible from http://www.xyz.com
as well as http://www.abc.com
. In this case, two Partner Applications must be registered in the Login Server. One is defined for the www.xyz.com host and the other for the www.abc.com host. Each one specifies a success URL that is appropriate:
http://www.xyz.com/pls/portal30/portal30.wwsec_app_priv.process_signon
for the www.xyz.com partner
http://www.abc.com/pls/portal30/portal30.wwsec_app_priv.process_signon
for the www.abc.com application
Each of these Partner Application entries on the Login Server would have a distinct site id, site token, and encryption key. Oracle Portal's enabler configuration table has one row for each Partner Application, for example:
LSNR_TOKEN SITE_ID LS_LOGIN_URL ...
www.xyz.com 1321 https://www.login.com/pls/...
www.abc.com 1322 https://www.login.com/pls/...
The configuration table on the Login Server's side is the Partner Application Table, WWSSO_PAPP_CONFIGURATION_INFO$
. Maintenance of this table is typically done using the Login Server application's user interface for Adding or Editing Partner Applications.
For an initial installation on a single database instance, the ssodatan
script populates both the Login Server's partner configuration table as well as Oracle Portal's enabler configuration table.
If running the linstall
script to install a standalone Login Server, this script populates the Login Server's enabler configuration table and Partner Application configuration table as part of the installation. See Section B.3, "Manually Installing a Login Server with the linstall Script".
The HOSTS file on a network host defines mappings of IP names to IP addresses. Normally, the association of IP name to IP address is provided by a Domain Name Server (DNS). In some of the configurations described in Chapter 3, "Basic Oracle Portal Configurations", a host may need to be addressed in an internal network with a domain name that is not defined within the internal network. In these cases, the server's HOSTS file can provide the necessary name resolution.
|
Copyright © 2001 Oracle Corporation. All Rights Reserved. |
|