13 Configuring Oracle Identity Navigator

This chapter explains how to configure Oracle Identity Navigator (OIN). It includes the following topics:

• General Prerequisites

• Installing OIN

• Important Notes Before You Begin

• Configuring OIN in a New WebLogic Domain

• OIN with OIM, OAM, and OAAM

• Starting the Servers

• Verifying OIN

• Getting Started with Oracle OIN After Installation

13.1 General Prerequisites

The following are the general prerequisites for installing and configuring Oracle Identity and Access Management 11g Release 1 (11.1.1) products:

1. Installing Oracle Database, as described in Installing Oracle Database.

2. Installing Oracle WebLogic Server and creating a Middleware Home, as described in Installing Oracle WebLogic Server and Creating the Oracle Middleware Home.

3. Installing the Oracle Identity and Access Management 11g Release 1 (11.1.1.5.0) suite, as described in Installing Oracle Identity and Access Management (11.1.1.5.0). The Oracle Identity and Access Management suite contains Oracle Identity Manager (OIM), Oracle Access Manager (OAM), Oracle Adaptive Access Manager (OAAM), Oracle Entitlements Server (OES), and Oracle Identity Navigator (OIN).

13.2 Installing OIN

Oracle Identity Navigator (OIN) is included in the Oracle Identity and Access Management Suite. You can use the Oracle Identity and Access Management 11g Installer to install Oracle Identity and Access Management Suite, as described in Installing Oracle Identity and Access Management (11.1.1.5.0).

13.3 Important Notes Before You Begin

Before you start installing and configuring Oracle Identity and Access Management products in any of the scenarios discussed in this chapter, keep the following points in mind:

It is assumed that you are installing Oracle Internet Directory, Oracle Virtual Directory, Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Navigator on the same machine.

Note:

In this chapter, two IDM_Home directories are mentioned in descriptions and procedures. For example, the first one, IDM_Home can be the IDM_Home directory for Oracle Internet Directory, Oracle Virtual Directory, Oracle Directory Services Manager, Oracle Directory Integration Platform, and Oracle Identity Federation. The second one, IAM_Home can be the IDM_Home directory for Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlements Server, and Oracle Identity Navigator.

However, note that IDM_Home and IAM_Home are used as examples in this document. You can specify any name for either of your IDM_Home directories. In addition, you can install the two Oracle Identity Management suites (one containing Oracle Internet Directory, Oracle Virtual Directory, Oracle Directory Services Manager, Oracle Directory Integration Platform, and Oracle Identity Federation; another containing Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlements Server, and Oracle Identity Navigator) in any order on your machine.

If you choose to use the default names, the first installation creates an Oracle_IDM1 directory, and the second installation creates an Oracle_IDM2 directory.

If you have not installed Oracle Internet Directory, Oracle Virtual Directory, Oracle Directory Services Manager, Oracle Directory Integration Platform, or Oracle Identity Federation on the same machine where you are installing Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlements Server, and Oracle Identity Navigator, then you will see a single IDM_Home directory, such as Oracle_IDM1 (which is the default name), under your MW_HOME directory.

For more information, see Overview and Structure of Oracle Identity Management 11g Installation.

13.4 Configuring OIN in a New WebLogic Domain

This topic describes how to configure only Oracle Identity Navigator (OIN) in a new WebLogic administration domain. It includes the following sections:

• Appropriate Deployment Environment

• Components Deployed

• Dependencies

• Procedure

13.4.1 Appropriate Deployment Environment

Perform the configuration in this topic if you want to configure Oracle Identity Navigator with Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager in a new WebLogic domain and then run the Oracle Identity Navigator discovery feature. This feature populates links to the product consoles for Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager. You can then access those product consoles from within the Oracle Identity Navigator interface, without having to remember the individual console URLs.

13.4.2 Components Deployed

Performing the configuration in this section deploys the Oracle Identity Navigator application on a new WebLogic Administration Server.

13.4.3 Dependencies

The configuration in this section depends on the following:

• Oracle WebLogic Server

• Installation of the Oracle Identity and Access Management 11g software

For more information, see Preparing to Install and Installing Oracle Identity and Access Management (11.1.1.5.0).

13.4.4 Procedure

Perform the following steps to configure only Oracle Identity Navigator in a new WebLogic administration domain:

1. Install Oracle WebLogic Server, and create a Middleware Home, as described in Installing Oracle WebLogic Server and Creating the Oracle Middleware Home.

2. Install the Oracle Identity and Access Management 11g software. Refer to Installing Oracle Identity and Access Management (11.1.1.5.0) for more information.

3. Run the <IAM_Home>/common/bin/config.sh script. (<IAM_Home>\common\bin\config.cmd on Windows). The Welcome screen of the Oracle Fusion Middleware Configuration Wizard appears.

   Note:

   IAM_Home is used as an example here. You must run this script from your IDM_Home directory that contains Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlements Server, and Oracle Identity Navigator.

4. On the Welcome screen, select Create a new WebLogic domain, and click Next. The Select Domain Source screen appears.

5. On the Select Domain Source screen, ensure that the Generate a domain configured automatically to support the following products: option is selected. Create a WebLogic administration domain, which supports Oracle Identity Navigator (choose Oracle Identity Navigator - 11.1.1.3.0 [Oracle_IDM2]), and click Next. The Specify Domain Name and Location screen appears.

   Note:

   When you select the Oracle Identity Navigator - 11.1.1.3.0 [Oracle_IDM2] check box, the Oracle JRF 11.1.1.0 [oracle_common] option is also selected, by default.

6. Enter a name and a location for the domain to be created, and click Next. The Configure Administrator User Name and Password screen appears.

7. Configure a user name and a password for the administrator. The default user name is weblogic. Click Next.

8. Choose JRockit SDK 1.6.0_24 and Production Mode in the Configure Server Start Mode and JDK screen of the Oracle Fusion Middleware Configuration Wizard.

   The Select Optional Configuration screen appears.

9. On the Select Optional Configuration screen, you can configure Administration Server and Managed Servers, Clusters, and Machines, Deployments and Services, and RDBMS Security Store options. Click Next.

10. Optional: Configure the following Administration Server parameters:

    • Name

    • Listen address

    • Listen port

    • SSL listen port

    • SSL enabled or disabled

11. Optional: Configure Managed Servers, as required.

12. Optional: Configure Clusters, as required.

    For more information about configuring clusters for Oracle Identity and Access Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.

13. Optional: Assign Managed Servers to clusters, as required.

14. Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.

    Tip:

    Before configuring a machine, use the ping command to verify whether the machine or host name is accessible.

15. Optional: Assign the Administration Server to a machine.

16. Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server.

17. Optional: Configure RDBMS Security Store, as required.

18. On the Configuration Summary screen, you can view summaries of your configuration for deployments, application, and service. Review the domain configuration, and click Create to start creating the domain.

A new WebLogic domain to support Oracle Identity Navigator is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.

13.5 OIN with OIM, OAM, and OAAM

This topic describes how to configure Oracle Identity Navigator (OIN) in an existing Oracle Identity and Access Management domain that contains Oracle Identity Manager (OIM), Oracle Access Manager (OAM), and Oracle Adaptive Access Manager (OAAM).

It includes the following sections:

• Appropriate Deployment Environment

• Components Deployed

• Dependencies

• Procedure

13.5.1 Appropriate Deployment Environment

Perform the configuration in this topic if you want to install Oracle Identity Navigator in an existing Oracle Identity and Access Management environment where Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager are installed.

After performing this configuration, you can run the discovery feature of Oracle Identity Navigator to discover the product consoles for Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager. You can view the product consoles in the dashboard of Oracle Identity Navigator. Then you can use the Oracle Identity Navigator user interface to launch consoles for products, such as Oracle Identity Manager, Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Enterprise Manager Fusion Middleware Control, and so on.

13.5.2 Components Deployed

Performing the configuration in this section deploys the Oracle Identity Navigator application on the existing Administration Server. This application is deployed on the same machine where the Administration Server is running.

13.5.3 Dependencies

The configuration in this section depends on the following:

• Oracle WebLogic Server

• Installation of the Oracle Identity and Access Management 11g software

For more information, see Preparing to Install and Installing Oracle Identity and Access Management (11.1.1.5.0).

13.5.4 Procedure

To configure only Oracle Identity Navigator in an existing Oracle Identity and Access Management domain that contains Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager, complete the following steps:

1. Install Oracle WebLogic Server, and create a Middleware Home, as described in Installing Oracle WebLogic Server and Creating the Oracle Middleware Home.

2. Install the Oracle Identity and Access Management 11g software. Refer to Installing Oracle Identity and Access Management (11.1.1.5.0) for more information.

3. Run the <IAM_Home>/common/bin/config.sh script. (<IAM_Home>\common\bin\config.cmd on Windows). Use the Oracle Fusion Middleware Configuration Wizard to create a new domain to support Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager in the same domain. Ensure that the appropriate domain templates are selected during domain configuration.

   A new domain with the selected configuration is created in the <MW_HOME>\user_projects\domains directory (on Windows). On UNIX, the domain is created in the <MW_HOME>/user_projects/domains directory.

4. Run the <IAM_Home>/common/bin/config.sh script. (<IAM_Home>\common\bin\config.cmd on Windows). The Oracle Fusion Middleware Configuration Wizard appears.

5. On the Welcome screen, select the Extend an existing WebLogic domain option. Click Next.

6. Select your WebLogic domain directory that contains Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager. Click Next.

7. On the Select Extension Source screen, ensure that the Extend my domain automatically to support the following products: option is selected. Select Oracle Identity Navigator - 11.1.1.3.0 [Oracle_IDM2], and click Next. The Configure JDBC Component Schema screen appears.

8. On the Configure JDBC Component Schema screen, select a component schema that you want to modify. You can set values for Schema Owner, Schema Password, Database and Service, Host Name, and Port. Click Next. The Test JDBC Component Schema screen appears. After the test succeeds, the Select Optional Configuration screen appears.

9. Optional: On the Select Optional Configuration screen, you can configure Managed Servers, Clusters, and Machines, Deployments and Services, and JMS File Store. Select the relevant check boxes, and Click Next.

10. Optional: Configure Clusters, as required.

    For more information about configuring clusters for Oracle Identity and Access Management products, see the "Configuring High Availability for Identity Management Components" topic in the guide Oracle Fusion Middleware High Availability Guide.

11. Optional: Assign Managed Servers to clusters, as required.

12. Optional: Configure Machines, as needed. This step is useful when you want to run the Administration Server on one machine and Managed Servers on another physical machine.

    Tip:

    Before configuring a machine, use the ping command to verify whether the machine or host name is accessible.

13. Optional: Assign the Administration Server to a machine.

14. Optional: Select Deployments, such as applications and libraries, and Services to target them to a particular cluster or server.

15. On the Configuration Summary screen, review the domain configuration, and click Extend to start extending the domain.

    Your existing Oracle Identity and Access Management domain with Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager is configured to support Oracle Identity Navigator.

16. Start the Oracle Identity Manager Configuration Wizard, as described in Starting the Oracle Identity Manager 11g Configuration Wizard.

17. Configure Oracle Identity Manager Server, as described in Configuring OIM Server.

18. Follow the wizard and the steps described in Configuring OIM Server to complete the Oracle Identity Manager Server configuration. Similarly, follow the wizard to configure Oracle Identity Manager Design Console (Windows only) and to configure Oracle Identity Manager Remote Server, as described in Configuring OIM Design Console, and Configuring OIM Remote Manager.

13.6 Starting the Servers

After installing and configuring Oracle Identity Navigator, you must run the Oracle WebLogic Administration Server and various Managed Servers, as described in Starting or Stopping the Oracle Stack.

13.7 Verifying OIN

To verify the installation of Oracle Identity Navigator (OIN), complete the following steps:

1. Launch Oracle Identity Navigator in a browser by using the following URL:

   http://<host>:7001/oinav/faces/idmNag.jspx

   The Oracle Identity Navigator dashboard and the resource catalog are displayed.

2. Click the Customize link on the upper right corner of the screen to switch to the Edit mode.

3. Click the Add Content button on the page. A resource catalog pops up.

4. In the pop-up dialog, click the Open link for the folder IDM Product Launcher. The Launcher task flow pops up.

5. In the pop-up dialog, click the Add link. Verify that the Launcher portlet is added to the page content. Continue to add News task flows to the page, without closing the pop-up dialog. Click the up arrow at the upper left corner. The top folder layout is displayed again. Click the Open link for the folder News. The News and Announcements task flow pops up.

6. In the News and Announcements pop-up dialog, click the Add link. Verify that the Report portlet is added to the page content. Continue to add Reports task flows to the page, without closing the pop-up dialog. Click the up arrow at the upper left corner. The top folder layout is displayed again. Click the Open link for the folder My Reports. Click the Add link and the Close button (X). All the three workflows are added to the page content.

7. Change the default layout, if necessary, by clicking the Pencil icon located on the upper right area of the screen.

8. To exit the Edit mode, click the Close button.

   If the task flows are properly added to the page content, the screen displays the task flow content.

9. Test the Product Registration functionality as follows:

   1. Create, edit, or delete the product information by clicking the Administration tab.

   2. To add a new product, click the Create image icon in the Product Registration section. The New Product Registration dialog pops up.

   3. Enter the relevant information in this dialog, and the new product registration is updated accordingly. The new product registration data is updated on the Launcher portlet after you click the Dashboard tab.

   4. Click the product link and ensure that a new browser window or tab opens with the registered product URL.

10. Test the News functionality as follows:

    1. Click the refresh icon to update the RSS feed content.

    2. Click the news item link to open the source of content in a new browser window or tab.

11. Test the Reports functionality as follows:

    1. Add a report by clicking the Add icon. The Add Report dialog pops up.

    2. In this dialog, select a report to add, and click the Add Report button. Verify that the report is added.

    3. Run a report by clicking the report icon. The report opens in a new browser window or tab.

13.8 Getting Started with Oracle OIN After Installation

After installing Oracle Identity Navigator (OIN), refer to the "Using Identity Navigator" chapter in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Navigator.