Oracle® Application Server Installation Guide 10g (10.1.4.0.1) for Solaris Operating System (x86) and Solaris Operating System (x86-64) B32091-01 |
|
Previous |
Next |
This chapter describes what is contained in Oracle Application Server and recommended topologies. It contains the following sections:
Oracle Application Server is made up of a middle tier and OracleAS Infrastructure. You deploy and run your applications on the middle tiers. The infrastructure provides services that are used by middle tiers. These services can be shared by one or more middle tiers.
Oracle Application Server 10g (10.1.4.0.1) provides a comprehensive Identity and Access Management solution. The Identity and Access Management Suite includes:
Oracle Internet Directory: Provides scalable, robust LDAP V3-compliant directory services implemented on the Oracle Database.
Oracle Identity Federation: Provides standards-based, multi-protocol, and cross-domain single sign-on.
Oracle Security Developer Tools: Provides a APIs for developing federation and secure web services applications.
Oracle Access Manager: Provides a state-of-the-art solution for centralized identity administration and access control.
Oracle Identity Manager: Provides a powerful and flexible enterprise identity management system that automatically manages users' access privileges within enterprise IT resources.
Oracle Virtual Directory: Provides Internet and industry-standard LDAP and XML views of existing enterprise identity information, without synchronizing or moving data from its native locations.
In addition to the Identity and Access Management Suite, this release provides a revision of OracleAS Infrastructure, which includes the following Oracle Identity Management components and OracleAS Metadata Repository:
Oracle Internet Directory: A scalable, robust LDAP V3-compliant directory service implemented on the Oracle Database.
Oracle Directory Integration Platform: A component of Oracle Internet Directory designed to perform directory synchronization with third party directory products.
Oracle Application Server Certificate Authority: A component that issues, revokes, renews, and publishes X.509v3 certificates to support PKI-based strong authentication methods.
Oracle Application Server Single Sign-On (OracleAS Single Sign-On): Provides single sign-on access to Oracle and third-party Web applications.
Oracle Delegated Administration Services: Provides trusted proxy-based administration of directory information by users and application administrators.
OracleAS Metadata Repository: Provides a collection of schemas used by other Oracle Application Server components.
Oracle Enterprise Manager 10g Application Server Control Console: Enables you to manage and configure the OracleAS Infrastructure.
This guide focuses on installation instructions for OracleAS Infrastructure. See Section 1.2, "Where Do I Find Installation Instructions for My Product?" for the location of installation instructions for other components.
You can integrate Oracle Application Server 10g (10.1.4.0.1) Identity Management with an existing Oracle Application Server environment that includes:
10g (9.0.4), 10g Release 2 (10.1.2), or 10g Release 3 (10.1.3) middle tier
10g (9.0.4) or 10g Release 2 (10.1.2) OracleAS Metadata Repository
You can integrate Oracle Application Server 10g (10.1.4.0.1) Metadata Repository with an existing Oracle Application Server environment that includes:
10g Release 2 (10.1.2) middle tier
10g (9.0.4) or 10g Release 2 (10.1.2) Identity Management
See Also: Oracle Application Server Upgrade and Compatibility Guide for more information about which specific versions are compatible with 10g (10.1.4.0.1). |
Table 1-1 summarizes the products available in Oracle Application Server 10g (10.1.4.0.1) and the books where the installation instructions are located.
Table 1-1 Product and Installation Documentation Locations
Product | See This Documentation for Installation Details |
---|---|
OracleAS Infrastructure |
Chapter 4, "Installing OracleAS Infrastructure" |
Oracle Identity Federation |
Oracle Identity Federation Administrator's Guide |
Oracle Identity Management Grid Control Plug-in |
Appendix A, "Installing the Oracle Identity Management Grid Control Plug-in" |
OracleAS Metadata Repository in an existing database |
Oracle Application Server Metadata Repository Creation Assistant User's Guide |
Oracle Access Manager |
Oracle Access Manager Installation Guide |
Table 1-2 provides a road map of where to find information about the supported 10g (10.1.4.0.1) topologies.
Table 1-2 Recommended Topologies
Topology | See This Documentation for Details |
---|---|
An Oracle Application Server instance containing all Oracle Identity Management components in one Oracle home. |
Section 1.3.1, "Installing Oracle Identity Management in a Single Oracle Home" |
Two Oracle Homes, one containing Oracle HTTP Server, OracleAS Single Sign-On, and Oracle Delegated Administration Services. and the other containing Oracle Internet Directory and Oracle Directory Integration Platform. |
|
Three Oracle Homes, one containing Oracle HTTP Server, a second containing OracleAS Single Sign-On and Oracle Delegated Administration Services. and a third containing Oracle Internet Directory and Oracle Directory Integration Platform. |
|
An enterprise data center for J2EE applications that uses one of the following methods for user authentication:
Each of these topologies contains a web tier, an application tier, and a data tier. The three tiers are separated by firewalls. |
"myJ2EECompany," in the Oracle Application Server Enterprise Deployment Guide |
An Oracle Identity Federation instance configured with OracleAS Infrastructure so that it is integrated with OracleAS Single Sign-On. |
"Deploying Oracle Identity Federation with OracleAS Single Sign-On," in the Oracle Identity Federation Administrator's Guide |
An Oracle Identity Federation instance configured with OracleAS Infrastructure and Oracle Access Manager. |
"Deploying Oracle Identity Federation with Oracle Access Manager," in the Oracle Identity Federation Administrator's Guide |
An OracleAS Cluster (Identity Management) configuration in which two or more Oracle Identity Management instances serve the same content. A load balancer distributes requests equally among the active instances. |
Chapter 9, "Installing in High Availability Environments: OracleAS Cluster (Identity Management)" |
An OracleAS Cold Failover Cluster configuration in which two or more OracleAS Infrastructure or Oracle Identity Management instances serve the same content, but only one instance is active at any one time. |
Chapter 8, "Installing in High Availability Environments: OracleAS Cold Failover Cluster" |
An OracleAS Disaster Recovery configuration in which a standby site mirrors a production site. During normal operation, the production site handles all the requests. If the production site goes down, the standby site takes over and handles all the requests. |
Chapter 10, "Installing in High Availability Environments: OracleAS Disaster Recovery" |
An active-active topology in which two or more Oracle Access Manager instances serve the same content. A load balancer distributes requests equally among the active instances. |
"High Availability for Oracle Access Manager" in the Oracle Application Server High Availability Guide |
An OracleAS Cold Failover Cluster configuration in which two or more Oracle Identity Federation instances serve the same content, but only one instance is active at any one time. |
"High Availability for Oracle Identity Federation" in the Oracle Application Server High Availability Guide |
OracleAS Cold Failover Cluster or Real Application Clusters configurations for OracleAS Metadata Repository. |
"High Availability for OracleAS Metadata Repository" in the Oracle Application Server High Availability Guide |
10.1.4.0.1 OracleAS Infrastructure with Existing 10.1.2 or 10.1.3 Environments |
|
10.1.2 or 10.1.3 Middle Tiers: Configure a 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) middle-tier instance to use a new 10g (10.1.4.0.1) OracleAS Infrastructure. This topology also supports associating a 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) middle-tier instance with a new 10g (10.1.4.0.1) Oracle Identity Management for the following scenarios:
|
"Configuring 10.1.2 and 10.1.3 Middle Tiers to Use OracleAS Infrastructure" in the Oracle Application Server Administrator's Guide "Moving Identity Management to a New Host" in Oracle Application Server Administrator's Guide "Changing from a Test to a Production Environment" in the Oracle Application Server Administrator's Guide |
The remainder of this section addresses the recommended topologies for installing OracleAS Infrastructure instances. It contains the following topics:
This topology has all of the Oracle Identity Management components installed in the same Oracle home, as depicted in Figure 1-1. This topology can be associated with a 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) middle tier.
Figure 1-1 Oracle Identity Management in a Single Oracle Home
Requirements
The requirements are the same as those listed in Chapter 2, "Requirements".
Installation Sequence
Perform an installation of Oracle Identity Management as described in Section 4.23, "Installing Oracle Identity Management Components Only (Including Oracle Internet Directory)".
It is recommended that you install OracleAS Metadata Repository in an existing database. See the Oracle Application Server Metadata Repository Creation Assistant User's Guide for details.
In this topology, there are two Oracle Homes as depicted in Figure 1-2. The first Oracle Home contains Oracle HTTP Server, OracleAS Single Sign-On, and Oracle Delegated Administration Services. The second Oracle Home contains Oracle Internet Directory and Oracle Directory Integration Platform. This topology can be associated with a 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) middle tier.
Figure 1-2 Cluster with a Distributed Oracle Identity Management with an Integrated Oracle HTTP Server
Requirements
The requirements are the same as those listed in Chapter 2, "Requirements".
Installation Sequence
To install this topology:
Install OracleAS Metadata Repository on a shared disk. It is recommended that you install OracleAS Metadata Repository in an existing database. See the Oracle Application Server Metadata Repository Creation Assistant User's Guide for details.
For Oracle Home 2, follow the installation instructions in Section 4.23, "Installing Oracle Identity Management Components Only (Including Oracle Internet Directory)". On the Select Configuration Options screen, perform the following steps:
Select Oracle Internet Directory.
Do not select Oracle Application Server Single Sign-On.
Do not select Oracle Application Server Delegated Administration Services.
Select Oracle Directory Integration Platform.
Do not select Oracle Application Server Certificate Authority (OCA).
Select High Availability and Replication.
For Oracle Home 1, follow the installation instructions in Section 4.24, "Installing Oracle Identity Management Components Only (Excluding Oracle Internet Directory)". On the Select Configuration Options screen, perform the following steps:
Do not select Oracle Internet Directory.
Select Oracle Application Server Single Sign-On.
Select Oracle Application Server Delegated Administration Services.
Do not select Oracle Directory Integration Platform.
Do not select Oracle Application Server Certificate Authority (OCA).
Select High Availability and Replication.
On Oracle Home 2, perform the following commands to disable Oracle HTTP Server:
Edit the ORACLE_HOME
/opmn/bin/opmn.xml
file to change the Oracle HTTP Server status to disabled, as shown in bold.
<ias-component id="HTTP_Server" status="disabled" > <process-type id="HTTP_Server" module-id="OHS"> <module-data>...</ias-component>
Perform the following command to stop OPMN:
prompt> ORACLE_HOME/opmn/bin/opmnctl stopall
Perform the following command to start OPMN:
prompt> ORACLE_HOME/opmn/bin/opmnctl startall
In this topology, there are three Oracle Homes as depicted in Figure 1-3. The first Oracle Home contains Oracle HTTP Server. The second Oracle Home contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The second Oracle Home contains Oracle Internet Directory and Oracle Directory Integration Platform. This topology can be associated with a 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) middle tier.
Figure 1-3 Cluster with a Distributed Oracle Identity Management with a Standalone Oracle HTTP Server
Requirements
The requirements are the same as those listed in Chapter 2, "Requirements".
Installation Sequence
To install this topology:
Install OracleAS Metadata Repository on a shared disk. It is recommended that you install OracleAS Metadata Repository in an existing database. See Oracle Application Server Metadata Repository Creation Assistant User's Guide for details.
Install Oracle HTTP Server with Apache 2.0 from Oracle Application Server Companion CD, included in the 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) CD Pack.
For Oracle Home 3, follow the installation instructions in Section 4.23, "Installing Oracle Identity Management Components Only (Including Oracle Internet Directory)". On the Select Configuration Options screen, perform the following steps:
Select Oracle Internet Directory.
Do not select Oracle Application Server Single Sign-On.
Do not select Oracle Application Server Delegated Administration Services.
Select Oracle Directory Integration Platform.
Do not select Oracle Application Server Certificate Authority (OCA).
Select High Availability and Replication.
For Oracle Home 2, follow the installation instructions in Section 4.24, "Installing Oracle Identity Management Components Only (Excluding Oracle Internet Directory)". On the Select Configuration Options screen, perform the following steps:
Do not select Oracle Internet Directory.
Select Oracle Application Server Single Sign-On.
Select Oracle Application Server Delegated Administration Services.
Do not select Oracle Directory Integration Platform.
Do not select Oracle Application Server Certificate Authority (OCA).
Select High Availability and Replication.
On Oracle Home 2 and 3, perform the following commands to disable Oracle HTTP Server:
Edit the ORACLE_HOME
/opmn/bin/opmn.xml
file to change the Oracle HTTP Server status to disabled, as shown in bold.
<ias-component id="HTTP_Server" status="disabled" > <process-type id="HTTP_Server" module-id="OHS"> <module-data>...</ias-component>
Perform the following command to stop OPMN:
prompt> ORACLE_HOME/opmn/bin/opmnctl stopall
Perform the following command to start OPMN:
prompt> ORACLE_HOME/opmn/bin/opmnctl startall
Configure the standalone Oracle HTTP Server in Oracle Home 1. See "Configuring Standalone Oracle HTTP Server with Oracle Application Server" in Oracle HTTP Server Administering a Standalone Deployment Based on Apache 2.0 in the 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) documentation library.