This topic describes how to configure Oracle Authorization Policy Manager (OAPM) in an existing Oracle Identity Management domain that contains Oracle Identity Manager (OIM), Oracle Access Manager (OAM), Oracle Adaptive Access Manager (OAAM), and Oracle Identity Navigator (OIN).
It includes the following sections:
Perform the configuration in this topic if you want to install Oracle Authorization Policy Manager in an environment where Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Navigator are installed and configured.
Performing the configuration in this section deploys the Oracle Authorization Policy Manager application on the existing WebLogic Administration Server.
The configuration in this section depends on the following:
Oracle WebLogic Server.
Installation of the Oracle Identity Management 11g software.
Installation of the latest version of Oracle SOA Suite (required by Oracle Identity Manager.
Database schema for Oracle Authorization Policy Manager and Metadata Services (MDS) schema. For more information about schemas specific to Oracle Authorization Policy Manager, see Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU).
To configure Oracle Authorization Policy Manager in an existing WebLogic domain that contains Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Navigator, complete the following steps:
Ensure that all the prerequisites, listed in Prerequisites, are satisfied. In addition, see Important Notes Before You Begin.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Oracle Fusion Middleware Configuration Wizard appears.
Create a new WebLogic domain to support Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Navigator. For more information, see Simultaneous configuration of OIN, OAPM, OAAM, OAM, and OIM.
Note:
On the Select Domain Source screen, do not select the Oracle Authorization Policy Manager - 11.1.1.3.0 [Oracle_IDM2] option.Ensure that the WebLogic domain with Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Navigator is configured correctly. After the domain configuration is complete, on the Creating Domain screen, click Done to dismiss the Oracle Fusion Middleware Configuration Wizard.
A new WebLogic domain to support Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Navigator is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.
Run the <Oracle_IDM2>/common/bin/config.sh script (on UNIX). (<Oracle_IDM2>\common\bin\config.cmd on Windows). The Oracle Fusion Middleware Configuration Wizard appears.
On the Welcome screen, select the Extend an existing WebLogic domain option. Click Next.
On the Select a WebLogic Domain Directory screen, browse to the <MW_HOME>/user_projects/domains directory where you created the domain with Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Navigator. Click Next.
The Select Extension Source screen appears.
On the Select Extension Source screen, ensure that the Extend my domain automatically to support the following products: option is selected. Select Oracle Application Authorization Policy Manager - 11.1.1.3.0 [Oracle_IDM2]. Click Next. The Configure JDBC Component Schema screen appears.
On the Configure JDBC Component Schema screen, select a component schema that you want to modify.
The screen lists the following component schemas:
SOA Infrastructure
OAAM Admin Schema
OAAM Server Schema
User Messaging Service
APM MDS Schema
APM Schema
OAAM Admin MDS Schema
OIM MDS Schema
OWSM MDS Schema
SOA MDS Schema
OIM Schema
You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.
On the Select Optional Configuration screen, you can configure Managed Servers, Clusters, and Machines, Deployments and Services, and JMS File Store. Select the relevant check boxes, and Click Next.
Optional: Configure Managed Servers, as required.
Optional: Configure Clusters, as required.
For more information about configuring clusters for Oracle Identity Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.
Optional: Assign Managed Servers to Clusters, as required.
Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.
Tip:
Before configuring a machine, use theping command to verify whether the machine or host name is accessible.Optional: Assign the Administration Server to a machine.
Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server, such as oam_server1 (default value).
Optional: Configure JMS File Stores, as required.
On the Configuration Summary screen, review the domain configuration, and click Extend to start extending the existing domain, which contains Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Navigator, to support Oracle Authorization Policy Manager.