Skip Headers
Oracle® Application Server Enterprise Deployment Guide
10g Release 3 (10.1.3.2.0)
Part Number B32125-02
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
View PDF

3 Installing and Configuring the myWebCenter Application and Web Tiers

Installing and Configuring the Web and Application Tiers

Configuring Session State Replication for the OC4J_Apps and OC4J_WebCenter Instance

Configuring APPHOST1 and APPHOST2 for the RAC Database

Configuring Network Communication

Configuring Application Authentication and Authorization

WebCenter Application Deployment and Migration Utilities (Optional)

Installing and Configuring the Web and Application Tiers

The myWebCenterApplication Tier consists of multiple computers hosting middle-tier Oracle Application Server instances. Each instance can contain multiple Oracle Containers for J2EE instances on which you deploy applications. In the complete configuration, requests are balanced among the OC4J instances on the application tier computers to create a performant and fault tolerant application environment.

Note:

When the Application Server Control application and the JSSO application are in the same OC4J instance, complex application deployments through the Application Server Control may consume the majority of resources in the JVM, and affect single sign-on. Ideally, the Application Server Control and JSSO should reside in separate OC4J instances.

The Web Tier(WEBHOST1 and WEBHOST2) consists of Oracle HTTP Servers. Figure 1-1, "Enterprise Deployment Architecture for myWebCenter.com with JSSO and Oracle Internet Directory" shows the Application Tier (APPHOST1 and APPHOST2) and Web tiers.

Installing the Oracle HTTP Servers on WEBHOST1 and WEBHOST2 (and IDMWEBHOST1 and IDMWEBHOST2, for myWebCenter.com with Oracle Application Server Single Sign-On)

Note:

These instructions assume installation of Oracle HTTP Server based on Apache 1.3.33 from the Oracle WebCenter Suite from the product CD. However, you may install Oracle HTTP Server based on Apache 2.0 from the Companion CD instead. If you choose to do this, note that the path to the Oracle HTTP Server configuration file for the Oracle HTTP Server from the Companion CD is:

ORACLE_HOME/ohs/conf/httpd.conf

  1. Ensure that the system, patch, kernel and other requirements are met as specified in the installation guide. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Copy the staticports.ini file from the Disk1/stage/Response directory to a local directory, such as TMP. You will provide the path to this file during installation.

  3. Edit the staticport.ini file to assign the following custom ports:

    Oracle HTTP Server port = 7777

    Note:

    Ensure that these ports are not already in use by any other service on the computer. Using the Static Ports feature to install the the Application Server Tier ensures that the port assignments will be consistent, if the ports are correctly specified in the file and the port is not already in use. If a port is incorrectly specified, the Oracle Universal Installer will assign the default port. If a port is already in use, the Oracle Universal Installer will select the next available port.

  4. Start the Oracle Universal Installer as follows:

    On UNIX, issue this command: runInstaller

    On Windows, double-click setup.exe

    The Oracle Application Server WebCenter 10.1.3.2.0 installation screen appears.

  5. Specify an installation directory for the instance.

  6. Select Advanced Installation.

  7. Click Next.

    A confirmation dialog appears.

  8. Click Yes.

    A progress dialog appears, then the Select Installation Type screen appears.

  9. Select Oracle HTTP Server and click Next.

    The Specify Port Configuration Options screen appears.

  10. Select Manual, specify the location of the staticports.ini file, and click Next.

    The Specify Instance Name screen appears.

  11. Specify the instance name and click Next.

    The Cluster Topology Configuration screen appears.

  12. Check the box to configure the instance to be part of an Oracle Application Server cluster.

  13. Specify the multicast address and port.

    Note:

    An example of a multicast address is 225.0.0.20, with port 8001. The address and port should be the same for each computer in a farm.

  14. Click Install.

  15. The Configuration Assistants screen appears. When the configuration process completes, the End of Installation screen appears.

  16. Click Exit, and then confirm your choice to exit.

  17. Verify that the installation was successful by viewing the Oracle HTTP Server instance. Start a browser and access:

    http://WEBHOST1:7777 or

    http://WEBHOST2:7777

    Note:

    The ORACLE_HOME/install/readme.txt file contains the URLs for the installation and a command to verify the status of processes.

Renaming Apache 2.0 Web Server Instances (Optional)

If you installed the Oracle HTTP Server based on Apache 2.0 from the Companion CD on WEBHOST1 and WEBHOST2, the instance name on both computers will be the default name assigned by the installer. In a cluster, you will want the instance names to be unique when you view the instances with the opmnctl @cluster status command. Follow these steps to rename an instance:

  1. Stop the instance by issuing this command:

    opmnctl stopall

  2. Modify the ORACLE_HOME/opmn/conf/opmn.xml file to change the instance id and name as shown:

    <ias-instance id="IAS-1 
 name="IAS-1">

    Replace both occurrences of the existing instance name (IAS-1 in the example) with a unique instance name.

  3. Save and close the file.

  4. Restart the instance by issuing this command:

    opmnctl startall

Installing the WebCenter Framework Instances on APPHOST1 and APPHOST2

  1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Start the Oracle Universal Installer using one of these commands:

    • On UNIX, issue this command: runInstaller

    • On Windows, double-click setup.exe

    The Oracle WebCenter Suite 10.1.3.2.0 installation screen appears.

  3. Specify an installation directory for the instance, or leave the default.

  4. Select Advanced Installation and click Next.

    A confirmation dialog appears.

  5. Click Yes.

    A progress dialog appears, then the Select Installation Type screen appears.

  6. Select Oracle WebCenter Framework and click Next.

    The Specify Port Configuration Options screen appears.

  7. Select Automatic and click Next.

    The Administration Settings screen appears.

  8. Specify the instance name, provide and confirm the administrator password, and on the APPHOST1 installation only, select the Start ASControl in this instance home checkbox and click Next.

    The Cluster Topology Configuration screen appears.

  9. Check the box to configure the instance to be part of an Oracle Application Server cluster, and check the box to access the instance from a separate Oracle HTTP Server.

  10. Specify the multicast address and port.

    Note:

    An example of a multicast address is 225.0.0.20, with port 8001. The address and port should be the same for each computer in a farm.

  11. Click Install.

  12. The Configuration Assistants screen appears. When the configuration process completes, the End of Installation screen appears.

  13. Click Exit, and then confirm your choice to exit.

Specifying an Oracle Metadata Services (MDS) Location

WebCenter application customizations are stored in MDS on the file system. When you predeploy a WebCenter Application, you must specify an MDS location on APPHOST1 and APPHOST2. A shared file system is used for high availability (see Figure 1-1, Figure 1-2 and Figure 1-3). The locations must be identical. You can use any location on the file system, observing these conditions:

  • On Microsoft Windows, the drive letter must be the same on both systems: for example, system 1 and system 2 must both refer to the location as X:\mds; it cannot be D:\mds on one system and and E:\mds on the other system.

  • On UNIX, the mount point must be identical: system 1 and system 2 must refer to the same directory, such as /oracle/webcenter.

  • In a clustered environment, you need only execute the predeployment tool once to produce the target EAR file, and then you deploy that EAR file on other OC4J instances. For more information about the predeployment for deploying WebCenter applications, see the Oracle WebCenter Framework Developer's Guide.

About Portlet Preference Stores

WebCenter applications can consume portlets such as Web Services for Remote Portlets (WSRP) or Portal Developer Kit (PDK-Java) portlets hosted by a portlet producer. The portlet producers store portlet customizations, or preferences, in a preference store that resides in a database or on a file system. In an enterprise deployment, you put the preference store on a database that is configured for high availability, such as a Real Application Clusters database or a cold failover cluster database.A portlet preference store is different from MDS in purpose and implementation. MDS stores application metadata and can reside only on a file system, as described in Chapter3, "Specifying an Oracle Metadata Services (MDS) Location".

Configuring OC4J to Run Portlet Producers on APPHOST1 and APPHOST2

By default, the PDK-Java and WSRP producers that are located in the OC4J_WebCenter instances are configured to use the file-based preference store. For high availability, you configure the preference store to use a database. To do this, you must set up a schema for the preference store in the database, configure the producer, and map preference store connection details to a JDBC data source.

Creating the Producer Schemas User and JPDK and WSRP Schemas

  1. Navigate to the ORACLE_HOME/bin directory.

  2. Connect to SQL*Plus using the SYS account and SYSDBA database administrator role.

  3. Issue this command (substituting the Oracle home path):

    @ORACLE_HOME/j2ee/home/database/wsrp/dbprefstore.sql

  4. When prompted, create a user name and password for the WSRP and PDK-Java preference store database schema. This user name and password will be used in the command in Chapter3, "Creating the WebClipping Schema".

    A database preference store is created and the schema populated with the required database objects.

Creating the WebClipping Schema

  1. Create the schema by issuing this command (shown on multiple lines for readability):

    ORACLE_HOME/jdk/bin/java
  -classpath ORACLE_HOME/lib/xmlparserv2.jar:ORACLE_HOME/jdbc/lib/ojdbc14.jar:ORACLE_HOME/portal/jlib/wce.jar
  oracle.portal.wcs.Installer -installSchema
  -username preference store schema user
  -password preference store schema user password
  -dburl jdbc:oracle:thin:@//database host:database port/database service name

    Substitute Oracle home values, user name, password, and database information where indicated with italics.

Configuring WSRP Producers to use a Database Preference Store

  1. Add a new data source entry that maps the connection details for the preference store schema to a JDBC data source. You can use any data source that has its JNDI location set to jdbc/portletPrefs.

    1. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

      The Cluster Topology page appears.

    2. Click the link for the OC4J_WebCenter instance.

    3. Click Administration.

      The Administration Tasks list appears.

    4. Click the Go to Task icon for JDBC Resources under the Services task.

      The JDBC Resources page appears.

      Click Create in the Connection Pools section.

      The Create Connection Pool - Application page appears.

    5. Click Continue (leave the default selections).

      The Create Connection Pool page appears.

    6. Specify the following values:

      Name: The name of the connection pool, for example, OracleWSRPPool.

      Connection Factory Class: Leave the default value.

      JDBC URL: The JDBC URL for the Oracle database that contains the schema for the application. For example:

      jdbc:oracle:thin:@//custdbhost.mycompany.com:1521/service name

      Username: The username for the database that contains the schema for this application.

      Use Cleartext Password/Password: N/A

      Use Indirect Password/Indirect Password: Select this radio button and provide the indirect password for the database that contains the schema for this application.

    7. Click Finish.

      The JDBC Resources page appears.

    8. Click the Test Connection icon for the newly created connection.

    9. Click Create in the Data Sources section.

      The Create Data Source - Application & Type page appears.

    10. Click Continue (leave the defaults).

      The Create Data Source - Managed Data Source page appears.

    11. Specify the following values:

      Name: The name of the data source, for example, WSRP_PREF_DS.

      JNDI Location: jdbc/portletPrefs

      Transaction Level: Leave the default.

      Connection Pool: OracleWSRPPool(created in prior step)

      Login Timeout: Leave the default.

    12. Click Finish.

  2. Edit the ORACLE_HOME/j2ee/OC4J_instance/applications/application name/optional web module name/WEB-INF/web.xml file to specify a database preference store for each application (replace OC4J_instance, application name, and, if applicable, optional web module name with the applicable names). Modify (or, if necessary, add under the web-app tag) the env-entry-value as shown in the example:

    <env-entry>
<env-entry-name>oracle/portal/wsrp/server/persistentStore</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>Database</env-entry-value>
</env-entry>

  3. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

    The Cluster Topology page appears.Check the box in the Select column for the OC4J_WebCenter instance.

  4. Click Restart.

Configuring PDK-Java Producers to use a Database Preference Store

  1. Map the connection details for the preference store schema to a JDBC data source. You can use any data source that has its JNDI location set to jdbc/portletPrefs.

    1. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

      The Cluster Topology page appears.

    2. Click the link for the home instance.

    3. Click Administration.

      The Administration Tasks list appears.

    4. Click the Go to Task icon for JDBC Resources under the Services task.

      The JDBC Resources page appears.

      Click Create in the Connection Pools section.

      The Create Connection Pool - Application page appears.

    5. Click Continue (leave the default selections).

      The Create Connection Pool page appears.

    6. Specify the following values:

      Name: The name of the connection pool, for example, OracleWSRPPool.

      Connection Factory Class: Leave the default value.

      JDBC URL: The JDBC URL for the Oracle database that contains the schema for the application. For example:

      jdbc:oracle:thin:@//custdbhost.mycompany.com:1521/service name

      Username: The username for the database that contains the schema for this application.

      Use Cleartext Password/Password: N/A

      Use Indirect Password/Indirect Password: Select this radio button and provide the indirect password for the database that contains the schema for this application.

    7. Click Finish.

      The JDBC Resources page appears.

    8. Click the Test Connection icon for the newly created connection.

    9. Click Create in the Data Sources section.

      The Create Data Source - Application & Type page appears.

    10. Click Continue (leave the defaults).

      The Create Data Source - Managed Data Source page appears.

    11. Specify the following values:

      Name: The name of the data source, for example, PDK_PREF_DS.

      JNDI Location: jdbc/portletPrefs

      Transaction Level: Leave the default.

      Connection Pool: OraclePDKPool(created in prior step)

      Login Timeout: Leave the default.

    12. Click Finish.

  2. Update the OmniPortlet producer to use a database preference store:

    1. Open the ORACLE_HOME/j2ee/OC4J_WebCenter/applications/portalTools/omniPortlet/WEB-INF/providers/omniPortlet/provider.xml file.

    2. Modify the the preferenceStore tag to use the database preference store.

      <preferenceStore class="oracle.portal.provider.v2.preference.DBPreferenceStore">
<name>omniPortletprefStore</name>
<connection>jdbc/PooledConnection</connection>
</preferenceStore>

  3. Update the PDK-Java sample producers to use a database preference store.

    1. Open the ORACLE_HOME/j2ee/OC4J_WebCenter/applications/jpdk/jpdk/WEB-INF/providers/provider name/provider.xml file.

    2. Modify the the preferenceStore tag to use the database preference store, substituting provider name with the application name.

      <preferenceStore class="oracle.portal.provider.v2.preference.DBPreferenceStore">
<name>provider name</name>
<connection>jdbc/PooledConnection</connection>
</preferenceStore>

  4. Update the WebClipping producers to use a database repository (by default, it uses MDS, a file-based storage location, as its repository).

    1. Open the ORACLE_HOME/j2ee/OC4J_WebCenter/applications/portalTools/webClipping/WEB-INF/providers/webClipping/provider.xml file.

    2. Update the repositoryInfo tag as shown, substituting current values for mysid, webclipping user, and password (these are the same values provided when creating the schema for the preference store in Chapter3) and, if necessary, the customer database host and port:

      <repositoryInfo
class="oracle.portal.wcs.provider.info.DatabaseInformation">
   <useRAA>false</useRAA>
   <databaseHost>custdbhost.mycompany.com</databaseHost>
   <databasePort>1521</databasePort>
   <databaseSid>mysid</databaseSid>
   <databaseUsername>webclipping user</databaseUsername>
   <databasePassword>password</databasePassword>
   <useASO>false</useASO>
</repositoryInfo>

  5. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

    The Cluster Topology page appears.Check the box in the Select column for the OC4J_WebCenter instance.

  6. Click Restart.

Configuring Java Object Cache Communication on APPHOST1 and APPHOST2

When Java Object Cache is configured in a clustered environment, it requires a list of all cluster members' IP addresses and port numbers to share objects and coordinate across the cluster. This list must be specified in the discoverer attribute of the javacache.xml file. All caches cooperating in the same cache system must specify exactly the same set of IP addresses and port numbers, in the same order. To configure this, perform the following steps:

  1. Modify the ORACLE_HOME/portal/conf/javacache.xml file and the ORACLE_HOME/javacache/admin/javacache.xml file to configure or add the isDistributed and discoverer elements as shown in Example 3-1.

    Example 3-1 javacache.xml file communication element

    <communication>
  <isDistributed>true</isDistributed>
  <discoverer ip="APPHOST1 IP address"
     discovery-port="APPHOST1 discovery port"/> 
  <discoverer ip="APPHOST2 IP address"
     discovery-port="APPHOST2 discovery port"/> 
</communication>

  2. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

    The Cluster Topology page appears.

  3. Check the box in the Select column for the OC4J_WebCenter instance.

  4. Click Restart.

  5. Check the box in the Select column for the OC4J_Apps instance.

  6. Click Restart.

  7. Check the box in the Select column for the home instance.

  8. Click Restart.

Configuring Corporate Proxy Server Settings for OmniPortlet and OracleAS Web Clipping on APPHOST1 and APPHOST2 (Optional)

  1. Configure the HTTP proxy for OmniPortlet and OracleAS Web Clipping by performing the following steps (the Load Balancing Router must already be configured):

    1. Open the provider.xml file, located at:

      OmniPortlet:

      ORACLE_HOME/j2ee/OC4J_WebCenter/applications/portalTools/omniPortlet/WEB-INF/providers/omniPortlet/provider.xml

      WebClipping:

      ORACLE_HOME/j2ee/OC4J_WebCenter/applications/portalTools/webClipping/WEB-INF/providers/webClipping/provider.xml

    2. Update the proxyInfo tag as shown:

      <proxyInfo class="oracle.portal.provider.v2.ProxyInformation">
   <httpProxyHost>proxy.mycompany.com</httpProxyHost>
   <httpProxyPort>80</httpProxyPort>
   <dontProxyFor>*.mycompany.com</dontProxyFor>
   <proxyUseAuth>true</proxyUseAuth>
   <proxyType>Basic</proxyType>
   <proxyRealm>realm1</proxyRealm>
   <proxyUseGlobal>false</proxyUseGlobal>
   <proxyUser>scott</proxyUser>
   <proxyPassword>!tiger</proxyPassword>
</proxyInfo>

  2. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

    The Cluster Topology page appears.Check the box in the Select column for the OC4J_WebCenter instance.

  3. Click Restart.

  4. Verify that OmniPortlet and the OracleAS Web Clipping providers work properly through the Load Balancing Router, by accessing the test pages at these URLs:

    http://mywebcenter.com/portalTools/omniPortlet/providers/omniPortlet

    Note:

    If the "No Portlets Available" message appears under the Portlet Information section in the OmniPortlet Provider test page, then OmniPortlet is not configured correctly. If OmniPortlet is configured correctly, then the OmniPortlet and Simple Parameter Form portlets are available on the test page.

    http://mywebcenter.com/portalTools/webClipping/providers/webClipping

Oracle Content DB Limitations

In this release, there are some limitations to Oracle Content DB functionality:

  • Oracle Content DB does not provide single sign-on support. In Oracle Content DB server failover situations, users will have to log in to the servers again.

  • Any in-flight transactions (such as uploading a file) or transactions that require multiple steps (such as creation of a group) will be lost in the event of server failure, and will have to be restarted.

  • Users will need to re-launch the user interface in the event of server failure (the session established on the failed server is no longer valid).

  • Oracle Content DB agents can only be run on one computer. If the computer operating the agent fails, the system administrator must manually start the agents on the other computer. These agents perform housekeeping tasks for the Oracle Content DB server. Their failure does not cause Oracle Content DB server failure, but over time, with out the agents operating, the server's performance and scalability will be degraded.

Installing the Oracle Content DB Instances on CTHOST1 and CTHOST2

Before you install the Oracle Content DB instances, review the "Requirements for Oracle Content Database" section in the installation guide for the platform you are using.

The procedures for the Oracle Content DB instances on CTHOST1 and CTHOST2 differ slightly; this section contains a separate procedure for each. The directions for CTHOST2 apply to any additional instances installed.

Note:

Before you begin installing the Oracle Content DB instances, a Real Application Clusters (RAC) database must be installed and configured on CUSTDBHOST1 and CUSTDBHOST2, and the database character set must be ALT32UTF8. If it is not, an error occurs and installation cannot proceed.

Installing the First Oracle Content DB Instance on CTHOST1

  1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Start the Oracle Universal Installer using one of these commands:

    • On UNIX, issue this command: runInstaller

    • On Windows, double-click setup.exe

    The WebCenter Suite 10.1.3.2.0 Installation screen appears.

  3. Specify an installation directory for the instance, or leave the default.

  4. Select Advanced Installation and click Next.

    A confirmation dialog appears.

  5. Click Yes.

    A progress dialog appears, then the Select Installation Type screen appears.

  6. Select Oracle Content Database and click Next.

    The Specify Port Configuration Options screen appears.

  7. Select Manual, provide a path to the staticports.ini file, and click Next.

    The Administration Settings screen appears.

  8. Specify an instance name for the application server instance.

    Note:

    The instance name you specify will be prepended to the host name. For example, if you specify CTDB1 as the instance name and the host name is server1.mycompany.com, the instance name will be CTDB1.server1.mycompany.com.

  9. Specify and confirm the administrator password for the application server instance.

  10. Click Next.

    The Specify Database Information screen appears.

  11. Provide the SYS password, the hostname and port (in RAC database format CUSTDBHOST1:1521^CUSTDBHOST2:1521), and the service name, and click Next.

    The Specify Content Database Schema Password screen appears.

  12. Establish and confirm the Oracle Content DB schema password and click Next.

    The Specify User Repository Info screen appears.

  13. Select Directory Based, select Oracle Internet Directory (or any LDAP service available), provide the connection information, and click Next.

    The Cluster Topology screen appears.

  14. Enter 225.0.0.1 for the IP Address and 8001 for the port and click Next.

    The Summary screen appears.

  15. Click Install.

    The Preparing to Install dialog appears, then the Install screen appears.

  16. The Configuration Assistants screen appears. When the configuration process completes, the End of Installation screen appears.

  17. Click Exit, and then confirm your choice to exit.

Installing the Second Oracle Content DB Instance on CTHOST2

  1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Start the Oracle Universal Installer using one of these commands:

    • On UNIX, issue this command: runInstaller

    • On Windows, double-click setup.exe

    The WebCenter Suite 10.1.3.2.0 Installation screen appears.

  3. Specify an installation directory for the instance, or leave the default.

  4. Select Advanced Installation and click Next.

    A confirmation dialog appears.

  5. Click Yes.

    A progress dialog appears, then the Select Installation Type screen appears.

  6. Select Oracle Content Database and click Next.

    The Specify Port Configuration Options screen appears.

  7. Select Manual and click Next.

    The Administration Settings screen appears.

  8. Specify an instance name for the application server instance.

    Note:

    The instance name you specify will be prepended to the host name. For example, if you specify CTDB2 as the instance name and the host name is server1.mycompany.com, the instance name will be CTDB2.server1.mycompany.com.

  9. Specify and confirm the administrator password for the application server instance.

  10. Click Next.

    The Specify Database Information screen appears.

  11. Provide the SYS password, the hostname and port (in RAC database format CUSTDBHOST1:1521^CUSTDBHOST2:1521), and the service name, and click Next.

    The Specify Content Database Schema Password screen appears.

  12. Provide the schema password and click Next.

    The Specify User Repository Info screen appears.

  13. Provide the user name and password for the selected LDAP service, and click Next.

    The Cluster Topology page appears.

  14. Enter 225.0.0.1 for the IP Address and 8001 for the port and click Next.

    The Summary screen appears.

  15. Click Install.

    The Preparing to Install dialog appears, then the Install page appears.

  16. The Configuration Assistants page appears. When the configuration process completes, the End of Installation page appears.

  17. Click Exit, and then confirm your choice to exit.

Configuring the Load Balancing Router

Configure a virtual IP address on the Load Balancing Router that listens on port 80 and maps to Oracle HTTP Server on WEBHOST1 and WEBHOST2, with no stick session enabled.

Disabling the Oracle HTTP Server in the Oracle Content DB Instances on CTHOST1 and CTHOST2

  1. Open the ORACLE_HOME/opmn/conf/opmn.xml file.

  2. Edit the file to disable the Oracle HTTP Server as shown:

    <ias-component id="HTTP_Server" status="disabled">

  3. Issue this command in ORACLE_HOME/opmn/bin:

    opmnctl stopall

    opmnctl startall

    Oracle Content DB now receives requests from the Oracle HTTP Servers on WEBHOST1 and WEBHOST2.

Defining the Virtual Hosts on WEBHOST1 and WEBHOST2 (and IDMWEBHOST1 and IDMWEBHOST2, for myWebCenter.com with Oracle Application Server Single Sign-On)

  1. Open the Oracle HTTP Server configuration file:

    Apache 1.3:

    ORACLE_HOME/Apache/Apache/conf/httpd.conf

    Apache 2.0:

    ORACLE_HOME/ohs/conf/httpd.conf

  2. Perform the following steps:

    1. Add the LoadModule certheaders_module directive for the appropriate platform.

      UNIX Apache 1.3:

      LoadModule certheaders_module libexec/mod_certheaders.so

      UNIX Apache 2.0; use this directive if you plan to use Apache 2.0 on UNIX:

      LoadModule certheaders_module modules/mod_certheaders.so

      Windows:

      LoadModule certheaders_module modules/ApacheModuleCertHeaders.dll

    2. Add the lines shown to create a NameVirtualHost directive and a VirtualHost container for mywebcenter.mycompany.com and port 80.

      NameVirtualHost *:7777
<VirtualHost *:7777>
  ServerName mywebcenter.mycompany.com
  Port 443
  ServerAdmin you@your.address 
  RewriteEngine On 
  RewriteOptions inherit
  SimulateHTTPS On
</VirtualHost> 
<VirtualHost *:7777>
  ServerName mywebcenter-producers.mycompany.com
  Port 7777
  ServerAdmin you@your.address 
  RewriteEngine On 
  RewriteOptions inherit
</VirtualHost>

      Notes:

      The LoadModule directives (in particular, the LoadModule rewrite_module directive) must appear in the httpd.conf file at a location preceding the VirtualHost directives. The server must load all modules before it can execute the directives in the VirtualHost container.

      It is a good idea to create the VirtualHost directives at the end of the httpd.conf file.

      The LoadModule rewrite_module directive must appear before the LoadModule certheaders_module directive.

    3. Add the lines shown to create a NameVirtualHost directive and a VirtualHost container for ctdb.mycompany.com and port 80.

      NameVirtualHost *:7777
<VirtualHost *:7777>
  ServerName ctdb.mycompany.com
  Port 443
  ServerAdmin you@your.address 
  RewriteEngine On 
  RewriteOptions inherit
  SimulateHTTPS On
</VirtualHost>

    4. Add the lines shown to create a NameVirtualHost directive and a VirtualHost container for portlets.mycompany.com and port 80.

      NameVirtualHost *:7777
<VirtualHost *:7777>
  ServerName portlets.mycompany.com
  Port 443
  ServerAdmin you@your.address 
  RewriteEngine On 
  RewriteOptions inherit
  SimulateHTTPS On
</VirtualHost>

  3. Save the httpd.conf file.

  4. Restart the Oracle HTTP Server using these commands in ORACLE_HOME/opmn/bin:

    opmnctl stopall

    opmnctl startall

  5. Verify that you can access this URL:

    https://mywebcenter.mycompany.com/content/

    Note:

    When producers are registered, the address is:

    http://mywebcenter-producers.com:7777/...

Updating Domain Properties for Applications

  1. Access the Oracle Enterprise Manager 10g Application Server Control Console at:

    https://mywebcenter.com/em

  2. Select the instance.

  3. Select OC4J_Content.

  4. On the Applications tab, select the content link.

  5. Select Content DB Extension.

  6. On the Administration tab, select Go to Task next to Domain Properties.

  7. Update the IFS.DOMAIN.APPLICATION.ApplicationHost to the Load Balancing Router Virtual IP host name.

  8. Update the IFS.DOMAIN.APPLICATION.ApplicationPort to the Load Balancing Router Virtual IP port.

  9. Update the IFS.DOMAIN.APPLICATION.ApplicationUseHttps to true.

  10. Issue these commands in ORACLE_HOME/opmn/bin:

    opmnctl stopall

    opmnctl startall

  11. Access this URL:

    http://mywebcenter.com/content

  12. Log in as the administrator (orcladmin user, Oracle Internet Directory administrator password).

Configuring the Oracle Content DB Instances on CTHOST1 and CTHOST2

  1. Access the Application Server Control Console at http://APPHOST:port/em/ and log in with the oc4jadmin password set during installation.

    The Cluster Topology page appears.

  2. Select the Oracle Content DB instance.

  3. Select the OC4J_Content instance.

  4. Click Applications.

  5. Click Content.

  6. Click Go to Task next to Domain Properties.

  7. Update the IFS.DOMAIN.APPLICATION.ApplicationHost to the Load Balancing Router virtual IP name and IFS.DOMAIN.APPLICATION.ApplicationPort to the Load Balancing Router virtual IP port.

  8. Issue this command in CONTENT_DB_ORACLE_HOME/opmn/bin on CTHOST1 and CTHOST2:

    opmnctl reload

Disabling Application Server Control Console on APPHOST2 (Optional)

Application Server Control Console stores certain local state information that does not get replicated to another active Application Server Control Console. This includes things such as JMX Notification Subscriptions and Received Notifications. If you use JMX notifications, you may wish to disable the second Application Server Control Console so that Oracle HTTP Server does not route requests to it. This will ensure that notifications subscriptions are not changed or deleted on the instance receiving requests (causing the two instances to be out of synchronization). You can disable routing to one of the Application Server Control Consoles by setting the ohs-routing tag in the default-web-site.xml file for the second Application Server Control Console to false as shown:

<web-app application="ascontrol" load-on-startup="true" name="ascontrol"
ohs-routing="false" root="/em"/>

You can set ohs-routing to true if you need to use the secondary Application Server Control Console for failover. You will need to use some backup and recovery procedure in order to restore the state of notification subscriptions and received notifications from the primary Application Server Control Console to the secondary.If you have two Application Server Control Consoles active, be aware of the following:

  • If you change the administrator password on the managed OC4J instances, you will have to make the same change to the stored administrator password on all Application Server Control Console instances. When Oracle HTTP Server directs requests to an Application Server Control Console that does not have the correct password, attempts to connect to the managed instance will fail and Application Server Control Console will prompt for the new administrator password.

    On login, Application Server Control Console displays a warning on the Cluster Topology page that there are multiple instances running.

Listing Occupied Ports

Use the netstat command to identify occupied ports:

netstat -an

The AJP port range is 12501-12600. Note the port numbers in this range that do not appear in the output of the netstat command; these are the ports you can assign to OC4J instances.

Configuring the Firewall for the Application Tier

After you have installed all of the components on the Application Tier, you will be able to identify the port numbers that need to be opened on the firewall. This depends on the number of application server instances and types of components installed. In general, the process of configuring the firewall involves these steps:

  1. For each installed instance, determine the component types and their designated port ranges (for example, the home instance and any instances you create) by examining the ORACLE_HOME/opmn/conf/opmn.xml/opmn.xml file. Example 3-2 shows components and default ports in the opmn.xml file. In the example, the OC4J Admin instance is listening on port 12501. Another instance, Apps, occupies port 12502.

  2. Determine the ports in use with the netstat command:

    netstat -an

  3. Configure the firewall to open only the ports in use.

Example 3-2 Oracle Application Server components and port ranges in opmn.xml

<opmn xmlns="http://www.oracle.com/ias-instance">
 <log path="$ORACLE_HOME\opmn\logs\opmn.log" comp="internal;ons;pm"
 rotation-size="1500000" />
 <debug path="$ORACLE_HOME\opmn\logs\opmn.dbg" comp="internal"
 rotation-size="1500000" />
 <notification-server>
 <port local="6100" remote="6200" request="6003" />
 <ssl enabled="true" wallet-file="$ORACLE_HOME\opmn\conf\ssl.wlt\default" />
 <topology>
 <discover list="*225.0.0.20:8001" />
 </topology>
 </notification-server>
...
       <ias-component id="OC4J">
         <process-type id="Admin" module-id="OC4J" status="enabled">
             ...
             <port id="default-web-site" range="*12501*" protocol="ajp"/>
             ...
         </process-type>
         <process-type id="OC4J_WP" module-id="OC4J" status="enabled">
             ...
             <port id="default-web-site" range="*12502*" protocol="ajp"/>
         </process-type>
       </ias-component>
...

Note that the AJP ports used by applications fall within the range 12501-12600. Ensure that all of the AJP ports used by OC4J applications are open on the firewall between the Web server and the application. If a port is not open, the following error occurs when access to the application from the Web tier is attempted (that is, when the URL web host:port/application is requested):

mod_oc4j: request to OC4J apphost1.us.oracle.com:12501 failed: Connect failed (errno=110)

This error creates an entry in a log file in the ohs/logs directory.

Configuring the Cluster Gateway

Because there is a firewall between the instances clustered on the Web tier and the instances clustered on the Application tier, you must configure a cross-topology gateway to enable communication between the clusters. In the gateway configuration, one server on each side of the firewall is an entry point into the cluster. These instructions designate APPHOST1 and WEBHOST1 as the gateway servers, but any server may be designated the gateway server. The remote port is used for communication with the gateway server; it is designated in the <gateway> subelement in opmn.xml as shown in bold.

Follow these steps to specify gateway servers on the Application Tier and the Web Tier:

  1. Open the APPHOST1_ORACLE_HOME/opmn/conf/opmn.xml file.

  2. Create the <gateway> subelement as shown in the example:

    <notification-server>
  <port local="6101" remote="6201" request="6004"/>
  <ssl enabled="true" wallet-file="$ORACLE_HOME\opmn\conf\ssl.wlt\default"/>
   <topology>
   <discover list="*225.0.0.20:8001"/>
    <gateway list="apphost1.mycompany.com:6200&amp;apphost2.mycompany.com:6200&amp;webhost1.mycompany.com:6200&amp;webhost2.mycompany.com:6200/"/>
   </topology>
</notification-server>
...

    Note:

    6201 is the OPMN remote port onAPPHOST1, and 6202 is the OPMN remote port on WEBHOST1. You must view the opmn.xml file on each server to determine the port values needed for the configuration.

  3. Issue this command in APPHOST1_ORACLE_HOME/opmn/bin:

    opmnctl reload

  4. Copy the <gateway> subelement to:

    • The WEBHOST1_ORACLE_HOME/opmn/conf/opmn.xml file

    • The WEBHOST2_ORACLE_HOME/opmn/conf/opmn.xml file

    • The APPHOST1_ORACLE_HOME/opmn/conf/opmn.xml file

  5. Issue the opmnctl reload command in:

    • WEBHOST1_ORACLE_HOME/opmn/bin

    • WEBHOST2_ORACLE_HOME/opmn/bin

    • APPHOST1_ORACLE_HOME/opmn/bin

Note:

For more information, see "Configuring Cross-Topology Gateways" in the Oracle Containers for J2EE Configuration and Administration Guide.

Creating the OC4J_Apps Instance and Associating it with Oracle Internet Directory

  1. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

    The Cluster Topology page appears.

  2. Click the application server instance link.

    The Application Server page appears.

  3. Click Create OC4J Instance.

    The Create OC4J Instance page appears.

  4. Name the instance OC4J_Apps and leave the default group selection.

  5. Check the Start this OC4J instance after creation checkbox.

  6. Click Create.

    The Processing: Create OC4J Instance page appears with a progress message, then the Application Server page appears with the newly created instance.

  7. Click the link for the OC4J_Apps instance.

    The OC4J:OC4J_Apps page appears.

  8. Click Administration.

    The Administration page appears.

  9. Click the icon for the Identity Management task (in the Security section).

    The Identity Management page appears.

  10. Click Configure.

    The Configure Identity Management: Connect Information page appears.

  11. Specify the Load Balancing Router (oid.mycompany.com) for the Oracle Internet Directory host, cn=orcladmin for the Oracle Internet Directory User DN, and 389 for the non-SSL Oracle Internet Directory port.

  12. Click Next.

    The Configure Identity Management: Application Server Control page appears.

  13. Click the Use Oracle Identity Management Security Provider checkbox.

  14. Click Next.

    The Configure Identity Management: Deployed Applications page appears.

  15. Click Configure.

    The Identity Management page appears with a confirmation message that the OC4J_Apps instance was successfully associated with Oracle Internet Directory, and a prompt to restart OC4J_Apps.

  16. Click Restart.

    A warning message appears.

  17. Click Yes.

    A status message appears, then the Cluster Topology page reappears with a message that the instance was restarted.

Note:

If the application uses JAAS permissions (for example, if it uses ADF Security authorization) then the permissions need to be migrated to Oracle Internet Directory. See the Oracle WebCenter Framework Developer's Guide, "Using the OracleAS JAAS Provider Migration Tool".

Deploying WebCenter Applications on APPHOST1 or APPHOST2

  1. Predeploy the application by issuing this command (shown on multiple lines for readability):

    ORACLE_HOME/jdk/bin/java
  -jar ORACLE_HOME/adfp/lib/portlet-client-deploy.jar
  -predeploy -source myWebCenterArchive.ear
  -target target.ear
  -configuration config.xml
-profile Template

    Substitute Oracle home values where indicated with italics, and substitute the EAR file name for myWebCenterArchive.ear and target.ear.

  2. Deploy the application by following these steps:

    1. Click the link for the OC4J_Apps instance.

      The OC4J: OC4J_Apps page appears.

    2. Click Applications.

      The Applications page appears.

    3. Click Deploy.

      The Deploy: Select Archive page appears.

    4. Provide the location of the EAR file you predeployed and click Next.

      The Deploy: Application Attributes page appears.

    5. Provide the application name and click Next.

      The Deploy: Deployment Settings page appears.

    6. Click the icon for the Select Security Provider task.

      The Deployment Settings: Select Security Provider page appears.

    7. Select Oracle Identity Management from the Security Provider drop-down list.

    8. Click OK.

      The Deploy: Deployment settings page appears with an information message that the deployment plan was updated successfully.

    9. Click Cancel.

      The OC4J: OC4J_Apps page appears.

  3. Migrate security information:

    1. Create an LDIF file by issuing this command (shown on multiple lines for readability):

      java oracle.security.jazn.tools.JAZNMigrationTool
  -D binddn
  -w password
  -h host name
  -p 389
  -sr jazn.com
  -st xml
  -dt ldap
  -sf ORACLE_HOME/j2ee/OC4J_Apps/applications/webCenterArchive1/adf/META-INF/app-jazn-data.xml 
  -df ORACLE_HOME/temp/migrate.ldif
  -m all

      Substitute password, host name, and Oracle home values where indicated with italics.

    2. Import the LDIF file into Oracle Internet Directory by issuing this command (shown on multiple lines for readability):

      ldapmodify
  -h host name
  -p 389
  -D jazn.com
  -w password
  -f ORACLE_HOME/temp/migrate.ldif
  -v -c -o ORACLE_HOME/temp errors_ldiffile

      Substitute host name, password, host name, and Oracle home values where indicated with italics.

  4. Configure role mapping manually in the deployed ORACLE_HOME/j2ee/OC4J_Apps/application-deployments/application name/orion-application.xml file:

    1. Set jaas-mode to doASPrivileged as follows:

      <jazn provider="LDAP" jaas-mode="doAsPrivileged"/>

    2. Set security-role-mapping to users as follows:

      <security-role-mapping name="users">
<group name="users" />
</security-role-mapping>

  5. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

    The Cluster Topology page appears.Check the box in the Select column for the OC4J_Apps instance.

  6. Click Restart.

Configuring Session State Replication for the OC4J_Apps and OC4J_WebCenter Instance

  1. Access the Application Server Control Console at http://hostname:port/em/ and log in with the oc4jadmin password set during installation.

    The Cluster Topology page appears.

  2. Select the OC4J_Apps instance.

    The OC4J:OC4J_Apps page appears.

  3. Click Applications.

  4. Click the default application.

    The Application: default page appears.

  5. Click Administration.

  6. Click the icon for Clustering Properties in the Properties section.

    The Clustering Properties page appears showing that the parent application is not clustered.

  7. Click the radio button for Override parent application clustering settings and select Enable from the drop-down list.

    The Replication Properties selections appear with Peer-Peer Replication selected as the default.

  8. Leave the default and click OK.

    The Application: default page appears with a confirmation message that the changes were applied.

  9. Return to the Cluster Topology page and select the OC4J_WebCenter instance.

    The OC4J:OC4J_WebCenter page appears.

  10. Click Applications.

  11. Click the default application.

    The Application: default page appears.

  12. Click Administration.

  13. Click the icon for Clustering Properties in the Properties section.

    The Clustering Properties page appears showing that the parent application is not clustered.

  14. Click the radio button for Override parent application clustering settings and select Enable from the drop-down list.

    The Replication Properties selections appear with Peer-Peer Replication selected as the default.

  15. Leave the default and click OK.

    The Application: default page appears with a confirmation message that the changes were applied.

  16. Add an empty <distributable/> tag to:

    ORACLE_HOME/j2ee/OC4J_Apps/applications/application name/web module name/WEB-INF/web.xml

    ORACLE_HOME/j2ee/OC4J_WebCenter/applications/application name/web module name/WEB-INF/web.xml

    The tag must be added for all Web modules that are part of a clustered application.

  17. Return to the Cluster Topology page and restart the OC4J_Apps and OC4J_WebCenter instances.

Configuring APPHOST1 and APPHOST2 for the RAC Database

  1. Open the ORACLE_HOME/opmn/conf/opmn.xml file.

  2. Add the RAC database hostname and remote port identifiers:

    <notification-server>
  <port local="6100" remote="6200" request="6003"/>
  <ssl enabled="false" wallet-file="$ORACLE_HOME\opmn\conf\ssl.wlt\default"/>
  <topology>
  <nodeslist="apphost1:6200,apphost2:6200,webhost1:6200,webhost2:6200,infradbhost1:6200,infradbhost2:6200"/>
  </topology>
</notification-server>

  3. Save and close the file.

  4. Open the ORACLE_HOME/j2ee/OC4J_WebCenter/config/data-sources.xml file.

  5. Add the RAC node information:

    <?xml version = '1.0' encoding = 'UTF-8'?>
<data-sources xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/data-sources-10_1.xsd" schema-major-version="10" schema-minor-version="1">
     <managed-data-source connection-pool-name="Example Connection Pool" jndi-name="jdbc/OracleDS" name="OracleDS"/>
     <managed-data-source connection-pool-name="OracleWSRPPool" jndi-name="jdbc/portletPrefs" name="WSRP_PREF_DS"/>
     <connection-pool name="Example Connection Pool">
       <connection-factory factory-class="oracle.jdbc.pool.OracleDataSource"  user="scott" password="tiger" url="jdbc:oracle:thin:@//localhost:1521/ORCL"/>
     </connection-pool>
     <connection-pool name="OracleWSRPPool">
        <connection-factory factory-class="oracle.jdbc.pool.OracleDataSource"  user="pref1" password="pref1" url="jdbc:oracle:thin:@//(DESCRIPTION =(ADDRESS  = (PROTOCOL = TCP)(HOST = infradbhost1)(PORT = 1521))(ADDRESS = PROTOCOL = TCP)(HOST = infradbhost2)(PORT = 1521))(LOAD_BALANCE=yes)(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME = stork)))"/>
     </connection-pool>
</data-sources>

  6. Save and close the file.

  7. Issue this command in ORACLE_HOME/opmn/bin:

    opmnctl reload

Configuring Network Communication

After the installation and configuration is complete, configure the network communication as described in this section. Table 3-1 lists the ports open on each firewall.Configure the Load Balancing Router to:

Configure the firewall for communication into DMZ1:

Configure the firewall for communication into and out of DMZ2:

Configure the firewall for communication into DMZ3:

Table 3-1 Open ports between firewall zones

Firewall Zones Ports Purpose

DMZ1 to DMZ2

12510-12510

WEBHOST1 and WEBHOST2, to access APPHOST1 and APPHOST2 AJP ports

DMZ1 to DMZ2

6200, 6201

OPMN cluster gateway

DMZ2 to DMZ1

7777

Communication to Oracle Content DB

DMZ1 to DMZ2

6021, 6022

WEBHOST1 and WEBHOST2 to IDMHOST1 and IDMHOST2

DMZ2 to DMZ1

6021, 6022

IDMHOST1 and IDMHOST2 to WEBHOST1 and WEBHOST2

DMZ2 to DMZ3

1521

Database access

DMZ2 to DMZ3

389, 636

Oracle Internet Directory server access

Managing Oracle Application Server Component Connections

In order to ensure consistent availability of all services, ensure that the connection time out values for all Oracle Application Server components are set to a lower time out value than that on the firewall and Load Balancing Router. If the firewall or Load Balancing Router drops a connection without sending a TCP close notification message, then Oracle Application Server components will continue to try to use the connection when it is no longer available.

Configuring Application Authentication and Authorization

The tasks you have to perform depend on the authentication method you will use for myWebCenter. If you want user login sessions to persist after a failover event, you will need to use single sign-on.

myWebCenter with JSSO and Oracle Internet Directory

Perform these steps:

  1. "Steps to Use the Oracle Identity Management Security Provider" and "Settings for Authentication Method with Oracle Identity Management" in the Oracle Containers for J2EE Security Guide, Chapter 8.

  2. Chapter3, "Configuring Java SSO on APPHOST1 and APPHOST2".

myWebCenter with Oracle Application Server Single Sign-On

Perform these steps:

  1. "Steps to Use the Oracle Identity Management Security Provider" and "Settings for Authentication Method with Oracle Identity Management" in the Oracle Containers for J2EE Security Guide, Chapter 8.

  2. Chapter 5, "Installing and Configuring OracleAS Single Sign-On and Oracle Delegated Administration Services".

Configuring Java SSO on APPHOST1 and APPHOST2

You will need to follow these steps on both Oracle Application Server instances (APPHOST1 and APPHOST2), to configure Java SSO for the ascontrol (for Application Server Control Console) application in the home instances:

Access the Oracle Enterprise Manager 10g Application Server Control Console and perform these steps:

  1. Click the link for the home instance.

    The OC4J:home page appears.

  2. Click Applications.

    The applications are listed.

  3. Click Expand All.

  4. Select the javasso application and click Start.

    This warning message appears:

    Java SSO is not properly configured. This is often caused when you are running multiple Java SSO applications in the cluster that use different shared symmetric keys. Please configure all Java SSO applications in the cluster to use the same shared symmetric key. You can do this from Java SSO Configuration page.

  5. Click Configure Java SSO.

    A confirmation message appears that the SSO configuration was completed and will take effect after the instances are restarted.

  6. Click Restart.

    A confirmation message appears.

  7. Click Yes.

    The instance is restarted. When configuring the home instance, the system terminates your login session and you must log back in to continue the setup.

  8. Scroll to the Administration section and click Java SSO Configuration.

    The Java SSO Configuration page appears.

  9. Click Participating Applications.

    The applications are listed.

  10. Click the check box for the applications to be Java SSO enabled.

  11. Click Apply.

WebCenter Application Deployment and Migration Utilities (Optional)

There are several migration utilities available that can help you deploy WebCenter applications:

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us