|
Oracle® Application Server Portal Configuration Guide
10g Release 2 (10.1.2) Part No. B14037-01 |
|
 Previous |
 Next |
|
Oracle® Application Server Portal Configuration Guide
10g Release 2 (10.1.2) Part No. B14037-01 |
|
|
Previous |
Next |
OracleAS Portal is dependent on other Oracle Application Server components, such as OracleAS Web Cache and Oracle Internet Directory and it can be configured to work with load balancing routers and reverse proxy servers. OracleAS Portal's Portal Dependency Settings File (iasconfig.xml) file stores configuration data about dependent components in a central place. You can use iasconfig.xml to check and edit settings used by an OracleAS Portal instance. If you make changes in the iasconfig.xml file, you must use the Portal Dependency Settings Tool (ptlconfig) to update in the Portal schema in the Oracle Application Server Metadata Repository.
|
Note: Theptlasst command line utility has been removed in this release. All of the functionality that was provided by ptlasst in the previous release is now available through the Portal Dependency Settings tool and file ptlconfig and iasconfig.xml.
|
This appendix discusses the Portal Dependency Settings, and the Portal Dependency Settings tool in the following two sections:
There are two ways to update the OracleAS Metadata Repository with any configuration changes:
Using the Oracle Enterprise Manager 10g Application Server Control Console. See Chapter 7, "Monitoring and Administering OracleAS Portal" for more information. If you make configuration changes using the Application Server Control Console, the iasconfig.xml and the Portal schema in the OracleAS Metadata Repository will be updated for you automatically.
Editing the iasconfig.xml file and running the script ptlconfig.
The ptlconfig script can:
Update the Portal schema in the OracleAS Metadata Repository for a specific Portal instance defined in the Portal Dependency Settings file.
Encrypt all plain text passwords in the Portal Dependency Settings file.
Update OracleAS Web Cache, Oracle Internet Directory, Oracle Enterprise Manager 10g, and OracleAS Portal site data, as defined in the Portal Dependency Settings file.
Update the Portal Dependency Settings file based on configuration information stored in the Portal schema. This is useful for creating entries for migrated portals, and also to restore settings if the Portal Dependency Settings file becomes corrupt.
Create or delete provisioning profiles in Oracle Internet Directory of an OracleAS Portal instance. Refer to Section 6.1.7.3, "Relationship Between OracleAS Portal and Oracle Directory Integration Platform" for more information about provisioning profiles.
OracleAS Portal uses a provisioning profile to receive notifications when user or group privilege information in Oracle Internet Directory changes. This enables OracleAS Portal to keep its authorization information synchronized with the information stored in Oracle Internet Directory. By default, this provisioning profile is enabled.
The configuration script file is named ptlconfig (on UNIX) and ptlconfig.bat (on Windows). It is located in ORACLE_HOME/portal/conf, where ORACLE_HOME is the OracleAS Portal and OracleAS Wireless middle-tier home.
You can use this script as follows:
ptlconfig -dad <dad> -pw <portal schema password or OID password> [-em] [-oid] [-site] [-wc] [-dipreg] [-dipunreg] [-sso [-host <host name> -port <port number> [-ssl]] ]| -encrypt | -load -schema <schema username> -pw <schema password> -conn <connect string> [-lp ldap_ssl_port] |
When you run ptlconfig, the log file ptlconfig.log is created in the directory ORACLE_HOME/portal/logs. If an error displays while running ptlconfig, refer to the full message text in the log file to resolve the error.
ptlconfig can be run in the following three modes:
Updates a specific OracleAS Portal instance from the Portal Dependency Settings file.
Table A-1 Configuration Mode
| Parameter | Description | Example |
|---|---|---|
| -dad | Updates a specific OracleAS Portal instance from the Portal Dependency Settings file. This is the Portal DAD name. | ptlconfig -dad portal
|
| -pw | Portal schema password or Oracle Internet Directory administrator password.
Note: You can provide either the Portal schema password or the Oracle Internet Directory administrator password, to authenticate. |
ptlconfig -dad portal -pw welcome1
|
| -em | Updates Oracle Enterprise Manager 10g data as defined in the Portal Dependency Settings file. | ptlconfig -dad portal -em
|
| -oid | Updates Oracle Internet Directory data as defined in the Portal Dependency Settings file. | ptlconfig -dad portal -oid
|
| -site | Configures OracleAS Portal to work with the Oracle HTTP Server when configuration changes are required in OracleAS Portal due to changes in the Oracle HTTP Server component. For example, changes in the HTTP server host, port, or protocol. It also configures OracleAS Portal as a partner application for OracleAS Single Sign-On as defined in the Portal Dependency Settings file.
Note: The file |
ptlconfig -dad portal -site
|
| -wc | Updates OracleAS Web Cache data for a specific Portal instance, as defined in the Portal Dependency Settings file. | ptlconfig -dad portal -wc
|
| -dipreg | Used to create the provisioning profiles in Oracle Internet Directory.
Note: In this release, running DIPREG to register provisioning profiles actually updates any existing profile. In previous releases, you had to first run DIPUNREG and then DIPREG again, which could result in a minor loss of changes. The new behavior ensures that there are no lost changes. |
ptlconfig -dad portal -dipreg
|
| -dipunreg | Used to delete the provisioning profiles in Oracle Internet Directory of the OracleAS Portal instance. | ptlconfig -dad portal -dipunreg
|
| -sso | Creates partner application entries in OracleAS Single Sign-On.
When run without any additional parameters, partner application details are updated using the details from See the section in Section 5.4.3, "Register OracleAS Portal with OracleAS Single Sign-On" for more details on when you can use this parameter. |
ptlconfig -dad portal -sso
|
| -host | Name of the host that you want to register as a partner application with OracleAS Single Sign-On.
This parameter is used with the |
ptlconfig -dad portal -sso -host abc.company.com -port 7778
|
| -port | Port that is used for registration.
This parameter is used with the |
ptlconfig -dad portal -sso -host abc.company.com -port 7778
|
| -ssl | Indicates that the port is HTTPS.
Used with the |
ptlconfig -dad portal -sso -host abc.company.com -port 7778 -ssl
|
|
Note: Runningptlconfig in the –sso and -site modes updates the OracleAS Single Sign-On Query Path URL with the URL prefix of OracleAS Single Sign-On. If this URL is using the HTTPS protocol, the URL must be updated to use the HTTP protocol instead. Refer to the sub-section "Setting the OracleAS Single Sign-On Query Path URL" under section Section 6.3.2.1.2, "SSL to OracleAS Single Sign-On", for information on updating the OracleAS Single Sign-On Query Path URL.
|
Encrypts any plain text passwords in the Portal Dependency Settings file. For example:
ptlconfig -encrypt
Creates and updates entries in iasconfig.xml with the configuration settings of a specific Portal schema.
Table A-2 Load Mode
| Parameter | Description | Example |
|---|---|---|
| -schema | Name of the Portal schema. | ptlconfig -load -schema portal30 -pw welcome1 -conn abc.company.com:1521:s901dev3
|
| -pw | Portal schema password. | ptlconfig -load -schema portal30 -pw welcome1 -conn abc.company.com:1521:s901dev3
|
| -conn | Connect string to the Portal repository. | ptlconfig -load -schema portal30 -pw welcome1 -conn abc.company.com:1521:s901dev3
|
| -lp | Used to connect to Oracle Internet Directory for getting OracleAS Single Sign-On information. This is the LDAP SSL port of Oracle Internet Directory.
See the section "Updating iasconfig.xml" in Section B.1, "Configuring and Managing the Portal Instance" for more details on when you should use this parameter. |
ptlconfig -load -schema portal30 -pw welcome1 -conn abc.company.com:1521:s901dev3 -lp 4889
|
The following sections describe the Portal Dependency Settings file in more detail:
Post-Installation Mapping in the Portal Dependency Setting File
Common Configuration Mapping in the Portal Dependency Settings File
The name of the Portal Dependency Settings file is iasconfig.xml, and is located by default in ORACLE_HOME/portal/conf, where ORACLE_HOME is the OracleAS Portal and Oracle Application Server Wireless middle-tier home.
When using any of the tools that access the Portal Dependency Settings file, you can override the default location of the file by setting the environment variable IASCONFIG_LOC to the directory in which your file is stored, for example:
set IASCONFIG_LOC=/usr/local/ias904
The Portal Dependency Settings file is an XML file, that is made up of a number of elements that describe the settings of specific Oracle Application Server components and the dependencies Portal instances have on them. Figure A-1 shows all the elements that can be modeled in the Portal Dependency Settings file. The Portal Dependency Settings file definition is modeled in the schema file iasconfig.xsd, which is located in ORACLE_HOME/portal/conf.
Figure A-1 Elements in the Portal Dependency Settings file
The individual elements are:
IASFarm
The IASFarm element represents a logical farm of Oracle Application Server instances, commonly used when modeling a multiple middle-tier scenario front-ended by a load balancing router (LBR). See Section 5.3, "Configuring Multiple Middle-Tiers with a Load Balancing Router" for more information.
Table A-3 Element IASFarm
| Attribute Name | Type | Description |
|---|---|---|
| Name | String | Unique farm name |
| Host | String | Published host name that users will enter in their Web browser to access OracleAS Portal |
IASInstance
The IASInstance element represents a specific Oracle Application Server instance, which usually maps to an Oracle home.
Table A-4 Element IASInstance
| Attribute Name | Type | Description |
|---|---|---|
| Name | String | Oracle Application Server instance name (for example, ias904.host.domain)
|
| Host | String | Host machine |
PortalInstance
These are the OracleAS Portal instance settings.
Table A-5 Element PortalInstance
WebCacheComponent
These are the OracleAS Web Cache settings.
Table A-6 Element WebCacheComponent
| Attribute Name | Type | Description |
|---|---|---|
| ListenPort | Integer | Listening port |
| AdminPort | Integer | Administration port |
| InvalidationPort | Integer | Invalidation port |
| InvalidationUsername | String | Invalidation username |
| InvalidationPassword | String | Invalidation password |
| SSLEnabled | String | Flag to indicate whether the listening port is SSL enabled. The value can either be TRUE or FALSE.
|
OIDComponent
These are the Oracle Internet Directory settings.
Table A-7 Element OIDComponent
| Attribute Name | Type | Description |
|---|---|---|
| AdminPassword | String | Oracle Internet Directory administrator's password. |
| PortSSLEnabled | String | Flag to indicate whether the LDAP port is SSL enabled. The value can either be TRUE or FALSE.
|
| LDAPPort | Integer | LDAP port that Oracle Internet Directory is running on. |
| AdminDN | String | Oracle Internet Directory administrator's distinguished name. |
|
Note: TheorclSizeLimit attribute, in the root node of the Oracle Internet Directory server, is a system operational attribute used to specify the maximum number of entries that can be returned by a search. The value of this attribute comes into effect when configuring OracleAS Portal with the Oracle Internet Directory server. All the groups, which belong to an identity management realm, are searched in the Oracle Internet Directory server to synchronize their profiles in the OracleAS Portal schema.
The value of the You can view and set some of the operational attributes for each Oracle Directory server to which you are connected by using the Oracle Directory Manager. Refer to the section on Setting System Operational Attributes by Using Oracle Directory Manager in the Oracle Internet Directory Administrator's Guide for more details. |
EMComponent
These are the Oracle Enterprise Manager 10g Application Server Control Console settings.
Table A-8 Element EMComponent
| Attribute Name | Type | Description |
|---|---|---|
| ConsoleHTTPPort | Integer | Listening port |
| SSLEnabled | String | Flag to indicate whether the listening port is SSL enabled. The value can either be TRUE or FALSE.
|
WebCacheDependency
This is the OracleAS Portal instance reference to the OracleAS Web Cache it is using.
Table A-9 Element WebCacheDependency
| Attribute Name | Type | Description |
|---|---|---|
| ContainerType | String | The type of the container the OracleAS Web Cache component is running under. This can be either IASInstance or IASFarm. |
| Name | String | IASInstance name or the unique IASFarm name, depending on ContainerType. |
| InvalidationHost | String | This attribute should be set if the OracleAS Web Cache host is different from the published host that a user enters to access OracleAS Portal.
Note: This is an optional attribute. See Section 5.6.3, "Specify the OracleAS Portal Published Address and Protocol" for the scenario in which this attribute is used. |
OIDDependency
This is the OracleAS Portal instance reference to the Oracle Internet Directory it is using.
Table A-10 Element OIDDependency
| Attribute Name | Type | Description |
|---|---|---|
| ContainerType | String | The type of the container the Oracle Internet Directory component is running under. This can be either IASInstance or IASFarm. |
| Name | String | IASInstance name or the unique IASFarm name, depending on ContainerType. |
| LDAPSSLPort | String | LDAP SSL port value - Used to configure OracleAS Single Sign-On details for upgraded OracleAS Portal instances. See the section "Updating iasconfig.xml" in Appendix B, " Configuring and Managing an Upgraded Oracle Application Server Portal Instance" for more information. |
EMDependency
This is the Oracle Enterprise Manager 10g Application Server Control Console managing this OracleAS Portal instance.
The XML in Example A-1 represents the contents of a sample Portal Dependency Settings file.
<IASConfig XSDVersion="1.0">
<IASInstance Name="iAS-1.abc.company.com" Host="abc.company.com">
<WebCacheComponent AdminPort="3001" ListenPort="3002" InvalidationPort="3003" InvalidationUsername="invalidator" InvalidationPassword="welcome1" SSLEnabled="false"/>
</IASInstance>
<IASInstance Name="iAS-2.abc.company.com" Host="xyz.company.com">
<OIDComponent AdminPassword="welcome1" PortSSLEnabled="false" LDAPPort="3002" AdminDN="cn=orcladmin"/>
<EMComponent ConsoleHTTPPort="1814" SSLEnabled="false"/>
</IASInstance>
<PortalInstance DADLocation="/pls/portal" SchemaUsername="portal" SchemaPassword="welcome1" ConnectString="xyz.company.com:1521:s901dev3">
<WebCacheDependency ContainerType="IASInstance" Name="iAS-1.abc.company.com"/>
<OIDDependency ContainerType="IASInstance" Name="iAS-2.abc.company.com"/>
<EMDependency ContainerType="IASInstance" Name="iAS-1.abc.company.com"/>
</PortalInstance>
</IASConfig>
In this example, the OracleAS Portal instance is:
Accessed from the Database Access Descriptor (DAD) /pls/portal.
Dependent on:
OracleAS Web Cache component running in Oracle Application Server instance iAS-1
Oracle Internet Directory component running in Oracle Application Server instance iAS-2
Oracle Enterprise Manager 10g Application Server Control Console component running in Oracle Application Server instance iAS-1
If the Portal Dependency Settings file is accessible over a network file system, you can share the file across multiple hosts, avoiding the need to manually replicate it every time the file is modified. If the installation is running on an operating system which supports symbolic links, it is recommended that you use this mechanism to reference a shared file, instead of setting the IASCONFIG_LOC environment variable.
If, however, the Portal Dependency Settings file is not accessible over the network, you must ensure that the file is kept up-to-date with changes to your site topology. The Portal Dependency Settings file is used to configure the Portal schema with details of OracleAS Web Cache, Oracle Internet Directory, and Oracle Enterprise Manager 10g that it is using. It is not required that it is copied into each individual middle-tier in your site, but you must ensure that any changes to the components modeled in the file that affect OracleAS Portal configuration are updated in the file.
To demonstrate how the Portal Dependency Settings file is kept up-to-date, let's use the configuration defined in Section 5.3, "Configuring Multiple Middle-Tiers with a Load Balancing Router".
The Portal Dependency Settings file gets first created in Section 5.3.1, "Step 1: Install a Single Portal and Wireless Middle-Tier (M1)", during the installation. It looks like Example 5-1, "iasconfig.xml After the First Middle-Tier Installation".
This file will be located on machine m1.abc.com, typically in ORACLE_HOME/portal/conf of the middle-tier that has just been installed.
In Step 1: Install a Single Portal and Wireless Middle-Tier (M1), the Portal Dependency Settings file is manually changed as shown in Example 5-2, "iasconfig.xml File Edited to Include Farm Element".
This file will be on machine m1.abc.com, typically in ORACLE_HOME/portal/conf of the middle-tier installed in Step 1. You use the ptlconfig tool as shown in Section A.1, "Portal Dependency Settings Tool", after you make changes to the file. For example:
ptlconfig -dad <portal_dadname> -wc -site
Any future changes to the OracleAS Web Cache, Oracle Internet Directory, or Oracle Enterprise Manager 10g settings in iasconfig.xml should be made using the Application Server Control Console, or by hand on m1.abc.com. You must also use the ptlconfig tool again after you make changes.
|
Note: Changes to OracleAS Portal's OracleAS Web Cache settings can also be made on the Portal Web Cache Settings page, as described in Section 7.3.3, "Portal Web Cache Settings".Typically, the hostname and port number, by which OracleAS Portal is addressed, uses the OracleAS Web Cache hostname and port number. This is because, in a simple configuration, browser requests go directly to OracleAS Web Cache. However, in a configuration that has a load balancing router (LBR), or reverse proxy server front-ending OracleAS Web Cache, the hostname and port number defined on this page may need to reflect that of the LBR, or reverse proxy server. In this configuration, you want OracleAS Web Cache invalidation messages to be sent directly to the OracleAS Web Cache host, as opposed to the LBR, or reverse proxy server. In the scenario where your published hostname is different from the hostname used for OracleAS Web Cache invalidation, you can use the Portal Dependency Settings file |
In Step 5: Configure the New Middle-Tier (M2) to Run Your Existing Portal, the Portal Dependency Settings file on m2.abc.com needs to be updated manually with the settings defined in the iasconfig.xml file on m2.abc.com.
When OracleAS Portal is installed, appropriate entries are created in the Portal Dependency Settings file, based on what is installed.
In an Application Server installation, the dependencies of OracleAS Portal on Oracle Application Server Web Cache and Oracle Internet Directory are added to the Portal Dependency Settings file. Existing information is not updated if duplicate entries are encountered during the installation. Instead, a warning is output to the installation log file that the entries already exist.
|
See Also: Chapter 3, "Installing OracleAS Portal" for more information about the different installation types. |
In a single machine OracleAS Portal and OracleAS Wireless installation, where OracleAS Web Cache and Oracle Internet Directory instances already reside on the same machine, entries to the Portal Dependency Settings file are created as shown in Example A-2:
Example A-2 Single Machine OracleAS Portal and OracleAS Wireless Installation
<IASConfig XSDVersion="1.0">
<IASInstance Name="iAS-1.abc.company.com" Host="abc.company.com">
<OIDComponent AdminPassword="welcome1" PortSSLEnabled="false" LDAPPort="3002" AdminDN="cn=orcladmin"/>
</IASInstance>
<IASInstance Name="iAS-2.abc.company.com" Host="abc.company.com">
<WebCacheComponent AdminPort="3001" ListenPort="3002" InvalidationPort="3003" InvalidationUsername="invalidator" InvalidationPassword="welcome1" SSLEnabled="false"/>
<EMComponent ConsoleHTTPPort="1814" SSLEnabled="false"/>
</IASInstance>
<PortalInstance DADLocation="/pls/portal" SchemaUsername="portal" SchemaPassword="welcome1" ConnectString="xyz.company.com:1521:s901dev3">
<WebCacheDependency ContainerType="IASInstance" Name="iAS-2.abc.company.com"/>
<OIDDependency ContainerType="IASInstance" Name="iAS-1.abc.company.com"/>
<EMDependency ContainerType="IASInstance" Name="iAS-2.abc.company.com"/>
</PortalInstance>
</IASConfig>
This section shows what the Portal Dependency Settings file looks like in the recommended topologies.
OracleAS Portal and OracleAS Wireless Developer Configuration: Medium Sized Machines
The topology for this common configuration is seen in Figure A-2.
Figure A-2 OracleAS Portal and OracleAS Wireless Developer Configuration
This configuration assumes that both the application server and the infrastructure are installed on the same machine, called Host 1.
When you install OracleAS Portal and OracleAS Wireless on Host 1 in ias.host1.xyz.com, referencing the Oracle Internet Directory instance in infra.host1.xyz.com, the Portal Dependency Settings file looks like Example A-3:
Example A-3 OracleAS Portal and OracleAS Wireless Developer Configuration
<IASConfig XSDVersion="1.0"> <IASInstance Name="ias.host1.xyz.com" Host="host1.xyz.com"> <WebCacheComponent AdminPort="3001" ListenPort="7778" InvalidationPort="3003" InvalidationUsername="invalidator" InvalidationPassword="welcome1" SSLEnabled="false"/> <EMComponent ConsoleHTTPPort="1814" SSLEnabled="false"/> </IASInstance> <IASInstance Name="infra.host1.xyz.com" Host="host1.xyz.com"> <OIDComponent AdminPassword="welcome1" PortSSLEnabled="false" LDAPPort="3002" AdminDN="cn=orcladmin"/> </IASInstance> <PortalInstance DADLocation="/pls/portal" SchemaUsername="portal" SchemaPassword="welcome1" ConnectString="host1.xyz.com:1521:iasdb"> <WebCacheDependency ContainerType="IASInstance" Name="ias.host1.xyz.com"/> <OIDDependency ContainerType="IASInstance" Name="infra.host1.xyz.com"/> <EMDependency ContainerType="IASInstance" Name="ias.host1.xyz.com"/> </PortalInstance> </IASConfig>
Enterprise Data Center Configuration: Multiple Departments Sharing the Same Data Center
The topology for this common configuration is seen in Figure A-3.
Figure A-3 Enterprise Data Center Configuration
This configuration assumes that the application server and the infrastructure are installed on different machines.
As shown in Figure A-3, the OracleAS Web Cache cluster front-ending OracleAS Portal is not yet known. When you install the application server (Portal and Wireless installation) on host Host 1, referencing the Oracle Internet Directory on host Host 2, the configuration will look like Example A-4:
Example A-4 Enterprise Data Center Configuration
<IASConfig XSDVersion="1.0"> <IASInstance Name="infra.host2.xyz.com" Host="host2.xyz.com"> <OIDComponent AdminPassword="welcome1" PortSSLEnabled="false" LDAPPort="3002" AdminDN="cn=orcladmin"/> </IASInstance> <IASInstance Name="ias.host1.xyz.com" Host="host1.xyz.com"> <WebCacheComponent AdminPort="3001" ListenPort="7778" InvalidationPort="3003" InvalidationUsername="invalidator" InvalidationPassword="welcome1" SSLEnabled="false"/> <EMComponent ConsoleHTTPPort="1814" SSLEnabled="false"/> </IASInstance> <PortalInstance DADLocation="/pls/portal" SchemaUsername="portal" SchemaPassword="welcome1" ConnectString="host1.xyz.com:1521:iasdb"> <WebCacheDependency ContainerType="IASInstance" Name="ias.host1.xyz.com"/> <OIDDependency ContainerType="IASInstance" Name="infra.host2.xyz.com"/> <EMDependency ContainerType="IASInstance" Name="ias.host1.xyz.com"/> </PortalInstance> </IASConfig>
If you want the application server on Host 1 to be front-ended by OracleAS Web Cache, you need to manually edit the Portal Dependency Settings file. First, remove the existing OracleAS Web Cache entry and then create an OracleAS Web Cache entry that belongs to a farm. The modified Portal Dependency Settings file will now look like Example A-5:
Example A-5 Enterprise Data Center Configuration - Front-Ended by OracleAS Web Cache
<IASConfig xmlns="http://www.oracle.com/iAS/iASConfigFile" XSDVersion="1.0"> <IASInstance Name="infra.host2.xyz.com" Host="host2.xyz.com"> <OIDComponent AdminPassword="welcome1" PortSSLEnabled="false" LDAPPPort="3002" AdminDN="cn=orcladmin"/> </IASInstance> <IASFarm name="Farm_1" host="frontend.xyz.com"> <WebCacheComponent AdminPort="3001" ListenPort="7778" InvalidationPort="3003" InvalidationUsername="invalidator" InvalidationPassword="welcome1" SSLEnabled="false"/> <EMComponent ConsoleHTTPPort="1814" SSLEnabled="false"/> </IASFarm> <PortalInstance DADLocation="/pls/portal" SchemaUsername="portal" SchemaPassword="welcome1" ConnectString="host1.xyz.com:1521:iasdb"> <WebCacheDependency ContainerType="IASFarm" Name="Farm_1"/> <OIDDependency ContainerType="IASInstance" Name="infra.host2.xyz.com"/> <EMDependency ContainerType="IASInstance" Name="Farm_1"/> </PortalInstance> </IASConfig>
The OracleAS Portal instance now references the virtual OracleAS Web Cache front-ending it.
