Oracle® Thesaurus Management System Installation Guide Release 5.0.1 E37007-02 |
|
|
PDF · Mobi · ePub |
For Oracle Thesaurus Management System 5.0.1, the Application Tier technology includes:
Oracle Application Server 11gR1 , which includes the Oracle Forms Server and the Oracle Reports Server. Both are required for TMS.
WebLogic Server 11gR1 (10.3.6) and Oracle Application Developer Framework 11g R1. These are required for the TMS HTML Browser.
Critical Patch Updates See Section 1.8, "Applying Oracle Critical Patch Updates"
This chapter includes the following topics:
Section 4.4, "Installing and Configuring Oracle WebLogic Server"
Section 4.5, "Installing and Configuring Oracle Application Server"
Section 4.6, "Enabling SSL Between a Browser and Oracle HTTP Server"
Section 4.7, "Installing Oracle Application Developer FrameWork and Applying Patches"
Section 4.9, "Testing Connectivity to Databases for Forms and Reports Servers"
Do the following.
You must install all application tier components using the same user account. The account must have administrator privileges on the server computer.
To support HTTPS, you need to request a certificate from a Certificate Authority (CA) vendor such as Thawte, Entrust, or Verisign, and then import the certificate into the Oracle Wallet for the Oracle Application Server.
In the last step in Section 4.6.1.1, "Creating an Oracle Wallet and Generating a Certificate Request" you generate an encoded plain text certificate request file that you can email to the CA vendor. The vendor will sign the file and send you a Trusted Certificate and a User Certificate.
Allow some time for the certificates to be issued.
Adobe Reader is required for TMS. Download it from adobe.com. At this time no particular version is required.
You can do this step at any time during the installation process.
To download and install JDK:
If you have not already done so, follow instructions in Section 1.4.4, "Downloading Oracle Java Development Kit."
Follow instructions in the release notes to apply the patch. By default, the download directory is C:\Program Files\java\jdkversion. "Program Files" includes a space, which can cause problems. Oracle recommends specifying a directory with no spaces in the name, and also reducing the directory name to at most 8 characters; for example, C:\app\java\jdkversion.
Make a note of the directory in which you install JDK; you will need it when you install WebLogic Server.
Instructions in this section should be complete. However, additional information is in the WebLogic 10.3.6 following instructions in Oracle® Fusion Middleware Installation Guide for Oracle WebLogic Server 11g Release 1 (10.3.6), which you can find on the media pack or at http://docs.oracle.com/cd/E23943_01/doc.1111/e14142/overview.htm
, or download the PDF from here: http://docs.oracle.com/cd/E23943_01/web.1111/e13708/toc.htm
.
The complete documentation set for Oracle WebLogic Server 10.3.6 is available at: http://docs.oracle.com/cd/E23943_01/wls.htm
.
In the staging area where you downloaded the media pack (see Section 1.4, "Downloading and Extracting the Software") locate the Oracle WebLogic Server 11gR1 (10.3.6) Generic and Coherence directory where you extracted the WebLogic Server .zip file.
Log in as the user you selected in Section 4.1.1, "Identify a Single Account to Perform All Application Tier Installation Tasks".
Install Oracle WebLogic Server using a Generic Package installer—This type of installer is a .jar file; wls1036_generic.jar. Double-click on the .jar file to open the Installer.
You can accept most default values, with the exceptions noted below.
Note:
You can change the default value of the middleware home directory, which is C:\Oracle\Middleware, but you must NOT change the default values for any of its subdirectories, including:wlserver_10.3
common
FR_HOME
Specify whether you want to register the product installation with My Oracle Support. By registering, Oracle Support emails you immediately of any security updates that are specific to your installation. Follow instructions on screen to register or to reject the option.
Note:
At the time of publication of this document, there seems to be a bug in the WLS installer that makes it difficult to deselect this option.Also note that even if you accept this option you should check My Oracle Support for quarterly Oracle Critical Patch Update (CPU) security patches certified for use with Oracle Thesaurus Management System; see Section 1.8, "Applying Oracle Critical Patch Updates".
Choose the "Custom" Install Type
Select a "Custom" installation type rather than the default value, "Typical." This is required in order to create a Node Manager.
Browse to the Oracle Java Development Kit (JDK) 1.6.0_65 (JDK 6) that you installed in the previous section.
Be sure to install the Oracle WebLogic Node Manager in the Install Windows Service screen. The Node Manager is used to monitor, start, and stop server instances in a WebLogic domain.
Note:
Continue to click Next until you are finished. After the Installation Summary the processing may take a few minutes. You can safely ignore the Quick Start screen.Install Oracle Applications Server as indicated below.
Oracle Application Server 11.1.2.1 provides Oracle Forms, Oracle Reports, and Oracle HTTP Server (OHS).
To install Oracle Application Server 11.1.2.1:
Restart the computer.
Log in as the user you selected in Section 4.1.1, "Identify a Single Account to Perform All Application Tier Installation Tasks".
Stop the WebLogic Node Manager:
Close the command shell in which the Node Manager is running.
If any DOS windows are open that are running the node manager, close them.
Go to the Windows Control Panel, then Services, and turn off the Oracle WebLogic Node Manager service.
For further information on the Node Manager, see the Oracle® Fusion Middleware Node Manager Administrator's Guide for Oracle WebLogic Server 11g Release 1 (10.3.6) at http://docs.oracle.com/cd/E23943_01/web.1111/e13740/toc.htm
.
In the staging area where you downloaded the media pack—see Section 1.4, "Downloading and Extracting the Software"—locate the directory where you downloaded Oracle Forms and Reports 11g R2 (11.1.2.1.0) for Microsoft Windows x64 (64-bit) and extract the .zip file if you have not already done so.
Double-click setup.exe, which is located in the Disk1 directory.
Follow the instructions on the installation screens as the Oracle Universal Installer guides you through the installation. You can accept most defaults except as noted below:
Select Skip Software Updates instead of the default value, Search My Oracle Support for Updates. TMS may not be certified with these updates.
In the Select Domain window, the default name for the domain created by the Installer is ClassicDomain
. You must rename it to FRDomain
or RDC Onsite installation will fail.
In the same screen, enter and confirm a password for WebLogic Server.
Oracle Instance MUST Be asinst_1
When prompted for the Oracle Instance, accept the default value: Middleware_Home\asinst_1.
Specify whether you want to register the product installation with My Oracle Support. By registering, Oracle Support emails you immediately of any security updates that are specific to your installation. Follow instructions on screen to register or to reject the option.
Note that even if you accept this option you should check My Oracle Support for quarterly Oracle Critical Patch Update (CPU) security patches certified for use with TMS; see Section 1.8, "Applying Oracle Critical Patch Updates".
For greater security, you may want to customize the port. Auto Port Configuration is the default setting.
For greater security, you may want to use a proxy. No proxy is the default setting.
Do NOT Use Application Identity Store
Uncheck the Use Application Identity Store check box at the top of the screen; TMS does not use OID (Oracle Identity).
This step is required to run reports from RDC Onsite and TMS. Without changing this setting an error appears: "Remote JDBC disabled."
Open setDomainEnv.cmd in a text editor. The file is located in folder:
drive:\middleware_home\user_projects\domains\FRDomain\bin\setDomainEnv.cmd
By default middleware_home is c:\oracle\middleware.
Replace the following line:
-Dweblogic.jdbc.remoteEnabled=false
with the following to change the setting from false to true:
-Dweblogic.jdbc.remoteEnabled=true
Create the ORACLE_INSTANCE environment variable and define it as the Oracle Application Server Home:
From the Control Panel, select System, then Advanced System Settings.
Create a system variable named ORACLE_INSTANCE
and set its value to your Oracle Instance Home; for example C:\oracle\middleware\asinst_1
.
Create the following SSL (HTTP Secure Socket Layer) configuration: from users' browsers, HTTPS to Oracle HTTP Server (Web proxy), then HTTP to Oracle WebLogic Server.
Follow instructions in one of the following sections:
Section 4.6.1, "Enabling SSL Between a Browser and Oracle HTTP Server Using a Certificate Authority"
Section 4.6.2, "Enabling SSL Between a Browser and Oracle HTTP Server With Self Signing"—This may be useful if you want to set up HTTPS with a demo certificate for internal testing purposes.
The following basic steps are required:
Section 4.6.1.1, "Creating an Oracle Wallet and Generating a Certificate Request"
Section 4.6.1.2, "Obtain Trusted Certificate and User Certificate from Certificate Authority"
Section 4.6.1.3, "Importing the User Certificate and Trusted Certificate to OWM"
Section 4.6.1.4, "Edit the Oracle HTTP Server Configuration File"
Oracle HTTP Server uses a utility called Oracle Wallet Manager (OWM) to manage certificates on the server. An Oracle Wallet is a container that stores your credentials, such as certificates, trusted certificates, certificate requests, and private keys.
The TMS Installer automatically enables traffic from Oracle HTTP Server to Oracle WebLogic Server.
Note:
Do all steps in this section with the same user account you have used in the previous steps in this chapter. You must have administrator privileges on the machine.Note:
If you have not set the Oracle Instance variable as instructed in Section 4.5.3, "Create ORACLE_INSTANCE Environment Variable", do so now.To create an Oracle Wallet:
Log in to Oracle HTTP Server as the user that installed Oracle Application Server.
Start Oracle Wallet Manager. From the Start menu, navigate to Oracle Classic 11g, then Integrated Management Tools, then Wallet Manager.
In Oracle Wallet Manager, from the Wallet menu, click New.
A dialog asks if you want to create a default directory.
Click No. Your account probably does not have privileges to do this. For TMS the Wallet will be in the directory where the Installer created the default certificate and Wallet.
Enter and confirm a password that conforms to the rules listed in the dialog. This password will be required every time you open the Wallet.
Leave the Wallet Type set to Standard and click OK.
A new dialog opens, asking if you want to create a certificate request. Click Yes.
In the Create Certificate Request dialog, enter values in the following fields:
Common Name: Enter host.your_company_domain.
Note:
The Common Name must match the Server Name directory that is specified in the primary configuration file (httpd.conf), which is created during Oracle HTTP Server installation in C:\app\oracle\middleware\asinst_1\config\OHS\ohs1.The rest of the fields do not affect SSL functionality.
Organizational Unit: Your unit within your company.
Organization: Your company.
Locality or City, State or Province, and Country
Key Size: 2048 (bits)
Note:
Most providers encourage 2048-bit keys on all certificates.DN: OHS generates this value from the values you entered.
Click OK. The system displays a confirmation that a certificate request has been created. Click OK.
Go to the directory where the Wallet has been created:
oracle_instance_home\config\OHS\ohs1\keystores\default
In the keystores directory, create a new directory with a meaningful name such as your organizational unit:
oracle_instance_home\config\OHS\ohs1\key_stores\your_unit
In the navigation tree on the left, select Certificate: [Requested] and then select Export Certificate Request from the Operations menu.
Navigate to the new directory you created and enter a name for a file to be created; for example, server_name.csr. Click Save.
Select Save As from the Wallet menu, navigate to the new directory, and click OK. The wallet file is always named ewallet.p12.
The system displays a confirmation message along the bottom of the screen that a certificate request has been exported successfully.
The new directory now contains the certificate request file as well as the wallet file.
Obtain the certificates from the Certificate Authority as described in Section 4.1.2, "Getting a CA Certificate for HTTPS". Depending on the Certificate Authority, you will need to send either the certificate request file generated in the previous section or you will need to copy and paste the text in that file.
After you have received the User Certificate and Trusted Certificate from a CA vendor:
Log in to Oracle HTTP Server as the admin user that owns OHS processes.
Start Oracle Wallet Manager. From the Start menu, navigate to Oracle Classic 11g, then Integrated Management Tools, then Wallet Manager.
In Oracle Wallet Manager, select Open from the Wallet menu.
A dialog asks if you want to create a default directory.
Click Yes.
Navigate to the directory where you saved the Wallet file and click OK.
Enter the Wallet password that you created.
From the Operations menu, select Import Trusted Certificate.
In the dialog, select the option Select a file that contains the certificate and click OK.
Navigate to the trusted certificate and click OK.
The system displays a confirmation message along the bottom of the screen that the trusted certificate has been imported successfully.
In the navigation tree on the left, select Certificate: [Requested] and then select Import User Certificate from the Operations menu.
Navigate to the signed certificate and click OK.
The system displays a confirmation message along the bottom of the screen that a certificate has been imported successfully.
In the Wallet menu, select Auto Login, then Exit.
Make the following two changes in the OHS configuration file, ssl.conf.
WebLogic Server installation creates a default, unsigned SSL wallet file for OHS. Its location is specified in the configuration file (ssl.conf) loaded at startup from the oracle_instance_home\config\OHS\ohs1 directory.
Make a backup copy of ssl.conf, which is located at:
oracle_instance_home\config\OHS\ohs1
Open ssl.conf in a text editor.
Find the string #Path to the wallet
and comment out the default location that follows it.
Add the path to the directory you created:
oracle_instance_home\config\OHS\ohs1\your_unit
By default, the port for SSL is 8890, which means allURLs need to include :8890
. You can change the value to 443
in which case the URLs do not need to include any port. To change the port to 443, change the following lines:
Listen 8890 <VirtualHost *:8890>
to:
Listen 443 <VirtualHost *:443>
Stop and start Oracle HTTP Server using Oracle Process Manager Notification Server (OPMN) to load the configuration change:
oracle_instance_home>\bin\opmnctl restartproc process-type=OHS
The OPMN opmnctl executable for the instance is located in ORACLE INSTANCE\bin directory.
Test that you can connect from a browser to your virtual host in HTTPS URL:
https://host.your_company_domain:port
While you have the ssl.conf file open, make the following additional change to make the application compatible with Internet Explorer 9 and 10.
OHS always returns HTTP 1.0 to Internet Explorer (IE) user-agents which causes RDC Onsite Data Entry windows to fail to open in an IE 9 or 10 browser. It appears this configuration is outdated and should be commented out to work properly in IE 9 and 10.
Comment out or remove the following lines:
BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0
While you have the ssl.conf file open, make the following additional change to avoid weak ciphers and protocols for SSL (HTPS):
Add the following lines:
SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!NULL:RC4+RSA:+HIGH:+MEDIUM:!SSLv2:!EXPORT
If you want to set up HTTPS with a demo certificate for internal testing purposes then follow this section.
Log in to Oracle HTTP Server as the user that installed Oracle Application Server.
Start Oracle Wallet Manager. From the Start menu, navigate to Oracle Classic 11g, then Integrated Management Tools, then Wallet Manager.
In Oracle Wallet Manager, from the Wallet menu, click New.
A dialog asks if you want to create a default directory.
Click No. Your account probably does not have privileges to do this. For TMS the Wallet will be in the directory where the Installer created the default certificate and Wallet.
Enter and confirm a password that conforms to the rules listed in the dialog. This password will be required every time you open the Wallet.
Leave the Wallet Type set to Standard and click OK.
A new dialog opens, asking if you want to create a certificate request. Click No.
Do Save As to save the empty password-protected Wallet to a meaningful location like: oracle_instance_home\config\OHS\ohs1\keystores\oc .
Open a DOS window.
Navigate to: C:\Oracle\Middleware\oracle_common\bin .
Create and set the JAVA_HOME environment variable; for example:
set JAVA_HOME=c:\app\java\jdk16065
Run following orapki command for the Wallet created above:
c:\Oracle\Middleware\oracle_common\bin>orapki wallet add -wallet full-path_to_the_location_of_the_Wallet_after_step_7 -dn "CN=hostname.domain, OU=Department, O=Company, L=City, ST=State/Province, C=Country" -keysize 2048 -self_signed -validity 2190 -pwd password
Note:
Double quotes where specified above are required.Validity is hardcoded above to 2190 days, which is six years. You can change this value as required.
Start Oracle Wallet Manager. From the Start menu, navigate to Oracle Classic 11g, then Integrated Management Tools, then Wallet Manager.
In the Wallet Manager, open the TMS Wallet. The self-signed certificate should be displayed with a status of READY.
In the Wallet menu, select Auto Login.
Save and exit.
To complete the setup, follow these instructions:
Section 4.6.1.4, "Edit the Oracle HTTP Server Configuration File"
Section 4.6.1.4.2, "Make OHS Compatible with Internet Explorer 9 and 10"
Note:
Since this is a demo certificate and is not from a recognized certificate authority, the browser will display a certificate warning. To prevent this, you can import the certificate into the browser and store it as a trusted publisher and trusted root CA, then restart the browser.For more information, see How To Generate A Wallet Containing A Self Signed Certificate Using ORAPKI in Oracle Application Server and Fusion Middleware on My Oracle Support (Article ID 560982.1).
Install Oracle Application Developer Framework (ADF, also known as Oracle Application Developer) and apply required patches.
Install Oracle Application Developer 11g R1 (11.1.1.6), also known as ADF, which is included in the media pack.
Additional information is included in the Oracle® Fusion Middleware Installation Guide for Application Developer 11g Release 1 (11.1.1.6.0), which you can find on the media pack or at http://docs.oracle.com/cd/E23943_01/doc.1111/e14827/toc.htm
.
In the staging area where you downloaded the media pack (see Section 1.4, "Downloading and Extracting the Software") locate the directory where you extracted the ADF .zip file from the Oracle Application Development Runtime 11g Patch Set 5 (11.1.1.6.0) disk.
Log in as the user you selected in Section 4.1.1, "Identify a Single Account to Perform All Application Tier Installation Tasks".
In a DOS cmd window, navigate to the above directory.
Execute the following command:
setup -jreLoc drive:\location_where_you_installed_jdk1.6.0_65
for example:
setup -jreLoc C:\Java\jdk1.6.0_65
However, if you installed JDK in the default location, C:\Program Files\Java\jdk1.6.0_65, this command may not work because of the space between "Program" and "Files." The following command works for the same location:
setup -jreLoc C:\Progra~1\Java\jdk1.6.0_65
Tip:
ADF's setup.exe file does not run if you double-click it. You must use the above command.Upgrade ADF to the latest patch set that is certified with Oracle Thesaurus Management System. See Oracle Thesaurus Management System Patches (Doc ID 132626.1), for the latest information.
To upgrade ADF, apply two patches, a JDeveloper patch and a WebCenter Composer patch, and enter an upgrade command. For ADF 11.1.2.4 the patch numbers are:
16546129—JDeveloper patch
16546157—WebCenter Composer patch
Note:
Oracle supports only English OS language settings for the application tier.Additional information is in the patch readme files. However, because there are no WebCenter components explicitly installed, you cannot follow the patch readme instructions completely.
Restart the server.
Locate the patch files in the staging area where you downloaded them in Section 1.4, "Downloading and Extracting the Software."
Go to the Windows Control Panel, then Services, then stop all Oracle services (Oracle Process Manager, Oracle Node Manager).
Set the Oracle Home and path:
set ORACLE_HOME=
your_ORACLE_COMMON
_home
set path=%oracle_home%
\bin;%oracle_home%;%oracle_home%\opatch;%path%
Note:
The readme for the WebCenter patch directs you to set ORACLE_HOME to Oracle_WC1—the WebCenter install directory. However, if there are no WebCenter components explicitly installed, set ORACLE_HOME to oracle_common as above.Navigate to one patch directory. For example, for ADF 11.1.2.4:
cd c:\downloads\p16546129_111160_Generic\16546129
Enter
opatch apply
Navigate to the other patch directory. For example, for ADF 11.1.2.4:
cd c:\downloads\p16546157_111160_Generic\16546157
Enter
opatch apply
If you have started any WebLogic services, including the Administration and Managed Servers, close them now:
If any DOS windows are open that are running the node manager, close them.
Go to the Windows Control Panel, then Services, and turn off the Oracle WebLogic Node Manager service.
From the DOS command line, navigate to middleware_home\oracle_common\common\bin and execute the following commands:
setWlstEnv.cmd wlst.cmd
Then, in the WebLogic Server Scripting Tool shell, enter the following commands:
upgradeADF('middleware_home/user_projects/domains/frdomain')
exit()
Note:
Be sure to use forward slashes (/) in the path.In the WLS Scripting Tool shell you can type help()
to get information on available commands.
The tnsnames.ora file must have an entry for each database that matches the database's Oracle SID. There is a tnsnames.ora file in at least two locations in the installation. Oracle recommends maintaining a master file and copying it to each location whenever you add a database.
The tnsnames.ora locations on each application server are:
On each database server at: oracle_home\network\admin
On each application server at: middleware_home\asinst_1\config
For Forms-based TMS to work properly, the TMS database must be able to communicate with the application servers. Establish that SQL*Net connections can be created to connect the application server to all databases.
For TMS and RDC applications to work properly, the TMS Database must be able to communicate with the application servers.
To ensure that you can connect to the database from each application server:
Open a Microsoft DOS command window.
Use SQL*Plus to verify that you can connect to the database:
sqlplus system/
password
@dbname
If the system returns a connection error, you must resolve this problem before continuing with the installation of TMS.
Possible causes of errors include:
The computer is not physically connected to the network.
One of the databases does not exist.
The network protocol software is not loaded on the computer. Try a remote login to check.
The database or SQL*Net listener process is not started on the server.
An incorrect connect string, user ID, or password was entered.
The tnsnames.ora file is not present in the correct directory or does not contain the correct entries.
To ensure that all configuration changes for the Oracle Application Server are initialized, restart the computer before you continue with the next task in the installation process.