|
Oracle® Application Server Portal Configuration Guide
10g Release 2 (10.1.2) Part No. B14037-01 |
|
 Previous |
 Next |
|
Oracle® Application Server Portal Configuration Guide
10g Release 2 (10.1.2) Part No. B14037-01 |
|
|
Previous |
Next |
This appendix provides information about the configuration files and tables that can affect the connection to and the behavior of the Oracle Application Server and its components in the middle-tier as well as on other machines to which it is connecting.
Specific topics covered include:
The Oracle HTTP Server configuration file, httpd.conf, contains configuration information for running the Oracle HTTP Server. The content of this file includes information about listening ports, server names, virtual hosts, proxy configurations, and the like. This file also configures Secure Sockets Layer (SSL) support by defining information such as certificates and other HTTPS configuration directives.
ORACLE_HOME/Apache/Apache/conf/httpd.conf
The tnsnames.ora file defines the entries that can be used as connect strings in the DADs.
Also, the tnsnames.ora file in the Oracle home location containing your Oracle Application Server must have a connect string entry pointing to the database where your Oracle Portal installation is located.
In the C shell, for example, enter the following at a command line prompt:
setenv TNS_ADMIN path
path points to the tnsnames.ora file. This command differs depending on the shell used.
The following OracleAS Web Cache configuration files can be found in the ORACLE_HOME/webcache directory:
webcache.xml
internal.xml
internal_admin.xml
The WWSEC_ENABLER_CONFIG_INFO$ table is the configuration table for the Single Sign-On enabler stack. Typically, modifications to this table are handled by running the Portal Dependency Settings tool (ptlconfig), in the case of advanced configurations. This section is provided for additional information about the SSO configuration table. Modifications are not to be made directly, but instead by using the Portal Dependency Settings tool, (ptlconfig) described in Appendix A, "Using the Portal Dependency Settings Tool and File".
Each partner application to the OracleAS Single Sign-On has such a table for configuration information. One such table exists in the OracleAS Portal schema as well as the OracleAS Single Sign-On schema, since the OracleAS Single Sign-On application is also a partner application. This table defines the login URL for the OracleAS Single Sign-On that this partner Application is configured to use.
It is important to understand how the LSNR_TOKEN is used in the enabler configuration table, to help you plan what entries are required depending on your configuration.
This table may have more than one entry. There is one entry for each way the application's server is addressed. Understanding this requires a review of the authentication sequence. For the purpose of this discussion, the main flows include:
Initial request to the requested URL
Redirect to the OracleAS Single Sign-On for authentication
Redirect to OracleAS Portal's success URL (wwsec_app_priv.process_signon)
Redirect back to the requested URL
The OracleAS Single Sign-On (SSO) partner enabler APIs read the WWSEC_ENABLER_CONFIG_INFO$ table for configuration information. Similarly, in the OracleAS Single Sign-On, the OracleAS Single Sign-On's private APIs read the WWSSO_PAPP_CONFIGURATION_INFO$ table. In the latter table, the URL should be redirected to each partner application.
Since each partner application's success URL is stored in the OracleAS Single Sign-On's partner application configuration table, to support multiple host names for the partner application, each distinct host name requires its own partner application entry on the OracleAS Single Sign-On. This is so that each one can specify a success URL that has the same hostname as the partner application, so that the session cookie can be scoped appropriately. Furthermore, the domain to which cookies are scoped includes the server name (ServerName) and port, so server.domain.com:80 is treated as a different cookie domain from server.domain.com:8080.
Each entry in the enabler configuration table is then selected based on the host name and port that was used by the partner application.
For example, let's say that you wanted OracleAS Portal to be accessible from http://www.xyz.com as well as http://www.abc.com. In this case, two partner applications must be registered in the OracleAS Single Sign-On. One is defined for the www.xyz.com host and the other for the www.abc.com host. Each one specifies a success URL that is appropriate:
http://www.xyz.com/pls/portal/portal.wwsec_app_priv.process_signon for the www.xyz.com partner
http://www.abc.com/pls/portal/portal.wwsec_app_priv.process_signon for the www.abc.com application
Each of these partner application entries on the OracleAS Single Sign-On would have a distinct site ID, site token, and encryption key. OracleAS Portal's enabler configuration table has one row for each partner application, for example:
LSNR_TOKEN SITE_ID LS_LOGIN_URL …
www.xyz.com 1321 https://www.login.com/pls/…
www.abc.com 1322 https://www.login.com/pls/…
The configuration table on the OracleAS Single Sign-On's side is the partner application Table, WWSSO_PAPP_CONFIGURATION_INFO$. Maintenance of this table is typically done using the OracleAS Single Sign-On application's user interface for adding or editing partner applications.
For an initial installation on a single database instance, running the Portal Dependency Settings Tool, ptlconfig, populates both the OracleAS Single Sign-On's partner configuration table as well as OracleAS Portal's enabler configuration table. For example:
ptlconfig -dad portal -sso
The HOSTS file on a network host defines mappings of IP names to IP addresses. Normally, a Domain Name Server (DNS) provides the mapping of IP name to IP address. In some of the configurations described in Chapter 4, "Performing Basic Configuration and Administration", a host may need to be addressed in an internal network with a domain name that is not defined within the internal network. In these cases, the server's HOSTS file can provide the necessary name resolution.
You can use Oracle Enterprise Manager 10g Application Server Control Console for administering OracleAS Portal. Application Server Control Console is a Web-based tool that enables you to perform some of the management tasks described in this book. Refer to Chapter 7, "Monitoring and Administering OracleAS Portal" for more information about using Oracle Enterprise Manager 10g.
