7 OCECAS Post-Installation Tasks

This chapter provides instructions for Oracle Communications Evolved Communications Application Server (OCECAS) post-installation tasks.

Before continuing, complete the tasks in the following chapters:

• Installing OCECAS

• Creating and Configuring OCECAS Domains

Overview of OCECAS Post-Installation Tasks

After installing OCECAS and creating your domains, perform the following tasks:

1. Set up your OCECAS system for subscriber data. See "Setting up OCECAS for Subscriber Data".

2. Perform post-configuration tasks for your OCECAS domains:

   • Management domain. See "Post-Configuration Tasks for Your Management Domain".

   • Runtime domains. See "Post-Configuration Tasks for Your Runtime Domains".

   • UDR domains. See "Post-Configuration Tasks for Your UDR Domains".

3. Start your WebLogic Server administration and managed servers. See "Starting WebLogic Server Administration and Managed Servers".

4. Create users for the Session Design Center (SDC) GUI. See "Creating Users for the SDC GUI".

5. Configure authentication. See "Configuring Authentication".

6. Configure SSL host name verification. See "Configuring SSL Hostname Verification".

7. Configure the Coherence security framework. See "Configuring the Coherence Security Framework".

Setting up OCECAS for Subscriber Data

OCECAS can retrieve subscriber data from an ECAS subscriber server (ESS), a local NoSQL database often used in combination with a home subscriber server (HSS). Both can serve as subscriber data stores, and you may also use both and federate the data between them.

The instructions in this section apply whether you are using the UDR domain, or just adding the NoSQL database to a runtime domain.

These tasks are required to obtain data from the ESS NoSQL database:

• To install an OCECAS ESS by creating the NoSQL database in each runtime domain, see "Creating an ESS NoSQL Database".

• To install the NoSQL client driver in each domain, see "Installing the ESS NoSQL Client Driver".

For more information about:

• Using, changing, and provisioning the OCECAS data stores, see ”Working with User Data Repositories” in Evolved Communications Application Server Services Guide.

• The NoSQL database software, see the Oracle NoSQL Database 12c Release1 web site:

  http://docs.oracle.com/cd/NOSQL/html/index.html

• Securing your NoSQL database, see ”Securing the NoSQL Database” in Evolved Communications Application Server Security Guide.

• NoSQL databases, see Oracle NoSQL Database Administrator's Guide 12c.

Creating an ESS NoSQL Database

To store subscriber data in an ESS, create a NoSQL database on each machine that hosts an OCECAS runtime domain.

To see the list of supported NoSQL database software versions, see "Database Software".

To create a NoSQL database:

1. Log in to the target machine as the ocecas user. See "Creating a UNIX User for Installing OCECAS".

2. Download the Oracle NoSQL Database, Community Edition software from the Oracle Technology Network web site:

   http://www.oracle.com/technetwork/database/database-technologies/nosqldb/downloads/nosql-downloads-1876643.html

3. Go to the directory where you downloaded the software, and unpack the archive file by entering the following command:

   tar xfz kv-ce-3.0.14.gz
   

   The kv-3.0.14 subdirectory is created.

4. Verify the installation by going to the kv-3.0.14 directory and entering the following command:

   java -Xmx256m -Xms256m -jar lib/kvclient.jar
   

   If installation was successful, you see something similar to the following:

   12cR1.3.0.14 2013-11-11 12:09:35 UTC Build id: 912c25300b5e
   

5. For each runtime domain on your machine, copy the kvclient.jar file from the kv-3.0.14/lib directory to the Domain_home/lib directory:

   cp kv-3.0.14/lib/kvclient.jar Domain_home/lib
   

6. Create your NoSQL database by running kvstore.jar. For example, to create and run a NoSQL database for testing purposes, enter the following command:

   nohup java -jar kv-3.0.14/lib/kvstore.jar kvlite -host Hostname -store spr.data > nosql.log 2>&1 &
   

   where Hostname is the name of the machine that is hosting your NoSQL database.

   For more information, see "Installing Oracle NoSQL Database" in Oracle NoSQL Database Administrator's Guide.

Installing the ESS NoSQL Client Driver

To obtain subscriber data from your ESS, you must install the NoSQL Client driver on each machine that hosts an OCECAS runtime domain, and modify the UDR view to query data directly from your HSS.

For details about the default view that OCECAS uses to configure subscriber data, see "Understanding How OCECAS Stores Subscriber Data" in Enhanced Communications Application Services Service Guide.

To see the list of supported NoSQL software versions, see "Database Software".

To install a NoSQL client driver:

1. Log in to the target machine as the ocecas user. See "Creating a UNIX User for Installing OCECAS".

2. Download the Oracle NoSQL Client Driver software from the Oracle Help Center website:

   http://www.oracle.com/technetwork/database/database-technologies/nosqldb/downloads/index.html

3. Go to the directory where you downloaded the software, and unpack the archive file by entering the following command:

   tar xfz kv-client-3.0.14.gz
   

   The kv-3.0.14 subdirectory is created.

4. Verify the installation by going to the kv-3.0.14 directory and entering the following command:

   java -Xmx256m -Xms256m -jar lib/kvclient.jar
   

   If installation was successful, you see something similar to the following:

   12cR1.3.0.14 2013-11-11 12:09:35 UTC Build id: 912c25300b5e
   

5. For each domain on your machine, copy the kvclient.jar file from the kv-3.0.14/lib directory to the Domain_home/lib directory:

   cp kv-3.0.14/lib/kvclient.jar Domain_home/lib
   

6. Modify the view to query data directly from your ESS NoSQL database.

Post-Configuration Tasks for Your Management Domain

You must perform post-configuration tasks on the machine that hosts your management domain, such as running the setDomainEnv.sh and disableBasicAuth.py scripts. These scripts automatically:

• Set your environment

• Disable basic authentication

• Create the EvolvedCommunicationUsers group. All user accounts that you create for the SDC GUI must belong to this group.

To configure your management domain:

1. Log in to the machine that hosts the management domain.

2. Go to the Domain_home directory.

3. Enter the following command:

   . bin/setDomainEnv.sh
   

4. Enter one of the following commands:

   • For t3s connections:

     java -Dweblogic.security.TrustKeyStore=DemoTrust
     -Dweblogic.security.SSL.protocolVersion=TLS1 weblogic.WLST
     bin/disableBasicAuth.py admin_username 'admin_password'
     t3s://hostname:admin_SSL_port domain_name
     

   • For t3 connections:

     java weblogic.WLST bin/disableBasicAuth.py admin_username 
     'admin_password' t3://hostname:admin_listen_port domain_name
     

   where:

   • hostname specifies the host name or IP address of the machine that hosts the management domain.

   • admin_listen_port references the Administration Server plain listen port.

   • admin_SSL_port specifies the number for the Administration Server SSL listen port. You configured the SSL port number in the "Administrator Account Screen".

   • domain_name specifies the name of your management domain. You specified the domain name in the "Configuration Type Screen" of the Domain Configuration Wizard.

Post-Configuration Tasks for Your Runtime Domains

You must perform the following configuration tasks on the machine that hosts your testing, staging, and production domains:

• Configure your runtime domains to communicate with the UDR

• Configure the JMS Store-and-Forward system

Configuring Communication Between Your Runtime Domains and the UDR

These instructions explain how to configure communication between a runtime domain and the default NoSQL database as an ESS.

To configure communication between a runtime domain and the default NoSQL ESS:

1. Log in to the target machine.

2. Go to the Domain_home/lib directory.

3. Create a link to the NoSQL kvclient jar file. For example:

   ln -s NoSQL_home/lib/kvclient.jar ./kvclient.jar
   

   where NoSQL_home is the directory in which you installed the NoSQL client driver or installed the NoSQL database software. See "Setting up OCECAS for Subscriber Data" for more information.

4. Go to the Domain_home/config/custom directory.

5. Open the csp.xml file in a text editor.

6. Configure an <adapter> element to specify the ESS NoSQL database. The default database name is nosql1, and is of type NoSQLProvicerFactory. You can use these default values or change them for your implementation.

   • <name> is set to a name for the database.

   • <helper-host> is set to the host IP address and port number for your NoSQL database.

   • <store-name> is set to spr.data.

   <adapters>
       <no-sql-adapter>
         <name>nosql1</name>
         <helper-host>IP_address:port_no</helper-host>
         <store-name>spr.data</store-name>
       </no-sql-adapter>
     </adapters>
   

7. Save and close the file.

8. Restart this domain to make your changes take effect.

Note:

Your ESS requires more configuration to work. For details, see "Advanced Configuration of Your ESS Subscriber Data Store" in Enhanced Communications Application Server Operator's Guide.

Configuring the JMS Store-and-Forward System on Your Runtime Domains

You must configure a JMS Store-and-Forward (SAF) system for each runtime domain, which includes creating the following:

• A Store-and-Forward (SAF) agent

• A persistent store for each SCF engine in your domain

• A JMS module, which includes:

  • A connection factory resource

  • An SAF remote context

  • An SAF imported destination

  • A subdeployment

The following instructions assume that your OCECAS system contains two SCF engines (engine1 and engine2) and that your management domain's SDC server is listening on SSL port 6002.

To configure the JMS SAF system:

1. Start your OCECAS servers if they are not already running. See "Starting WebLogic Server Administration and Managed Servers" for more information.

2. Navigate to the Administration Console and log in with your administrator user name and password:

   http://hostname:port/console
   

   where hostname is the name of your OCECAS server and port is the Administration Console access port number.

3. Create the persistent stores by performing the following steps:

   1. In the Domain Structure pane on the left side, expand Services and then click Persistent Stores.

      The Summary of Persistent Stores page appears.

   2. In the Persistent Stores table, click New and then click Create FileStore.

      The Create a New File Store page appears.

   3. In the Name field, enter scfEdrSafPersistentStore-Engine1.

   4. From the Target list, select engine1.

   5. In the Directory field, enter Domain_home/saf_edr/engine1/jmsStore.

   6. Click OK.

   7. In the Persistent Stores table, click New and then click Create FileStore.

      The Create a New File Store page appears.

   8. In the Name field, enter scfEdrSafPersistentStore-Engine2.

   9. From the Target list, select engine2.

   10. In the Directory field, enter Domain_home/saf_edr/engine2/jmsStore.

   11. Click OK.

4. Create the JMS module by performing the following steps:

   1. In the Domain Structure pane on the left side, expand Services, then expand Messaging, and then click JMS Modules.

      The Summary of JMS Modules page appears.

   2. Click New.

      The Create JMS System Module page appears.

   3. In the Name field, enter scfEdrGeneration.

   4. In the Descriptor File Name field, enter /jms/scfedrgeneration-jms.xml.

   5. Click Next.

   6. Select the BEA_ENGINE_TIER_CLUST check box.

   7. Select the All servers in the cluster option.

   8. Click Next.

   9. Select the Would you like to add resources to this JMS system module? check box.

   10. Click Finish.

       You are returned to the Settings for scfEdrGeneration page.

5. Create the Connection Factory by performing the following steps:

   1. In the Summary of Resources table, click New.

      The Create a New JMS System Module Resource page appears.

   2. Select the Connection Factory option, and then click Next.

   3. In the Name field, enter scfEdrGeneration_CFactory.

   4. In the JNDI field, enter /scf/jms/edr/qcon/edr_cf.

   5. Click Next.

   6. Select the BEA_ENGINE_TIER_CLUST check box.

   7. Select the All servers in the cluster option.

   8. Click Finish.

      You are returned to the Settings for scfEdrGeneration page.

6. Create the SAF remote context:

   1. In the Summary of Resources table, click New.

      The Create a New JMS System Module Resource page appears.

   2. Select the Remote SAF Context option, and then click Next.

   3. In the Name field, enter /scfEdrSafRemoteContext.

   4. In the URL field, enter t3s://hostname:6002.

   5. In the User Name field, enter the user name used to log in to the remote resource.

   6. In the Password field, enter the password used to log in to the remote resource.

   7. Click OK.

      You are returned to the Settings for scfEdrGeneration page.

7. Create the SAF imported destination:

   1. In the Summary of Resources table, click New.

      The Create a New JMS System Module Resource page appears.

   2. Select the SAF Imported Destinations option, and then click Next.

   3. In the Name field, enter scfEdrSafRemoteImportedDestination.

   4. In the JNDI Prefix field, enter /scf/jms/saf/importedDestination.

   5. In the Remote SAF Context field, enter scfEdrSafRemoteContext.

   6. Click Next.

   7. Select the BEA_ENGINE_TIER_CLUST check box.

   8. Select the All servers in the cluster option.

   9. Click Finish.

      You are returned to the Settings for scfEdrGeneration page.

   10. In the Summary of Resources table, click scfEdrSafRemoteImportedDestination.

       The Settings for scfEdrSafRemoteImportedDestination page appears.

   11. Click the Configuration tab, and then click the Queues subtab.

   12. Click New.

       The Create a New SAF Queue page appears.

   13. In the Name field, enter scfEdrGenerationSAF_Q.

   14. In the Remote JNDI Name field, enter /jms/edr/edr_q/Local.

   15. Click OK.

       You are returned to the Settings for scfEdrGenerationSAF_Q page.

   16. In the SAF Queues table, click scfEdrGenerationSAF_Q.

   17. In the Local JNDI Name field, enter /Local.

   18. Click Save.

       You are returned to the Settings for scfEdrGenerationSAF_Q page.

8. Create the SAF agents by performing the following steps:

   1. In the Domain Structure pane on the left side, expand Services, then expand Messaging, and then click Store-and-Forward Agents.

      The Summary of Store-and-Forward Agents page appears.

   2. Click New.

      The Create a New Store-and-Forward Agents page appears.

   3. In the Name field, enter scfEdrSafAgent-Engine1.

   4. From the Persistent Store list, select scfEdrSafPersistentStore-Engine1.

   5. From the Agent Type list, select sending-only.

   6. Click Next.

   7. From the Target list, select engine1.

   8. Click Finish.

      You are returned to the Summary of Store-and-Forward Agents page.

   9. In the Name field, enter scfEdrSafAgent-Engine2.

   10. From the Persistent Store list, select scfEdrSafPersistentStore-Engine2.

   11. From the Agent Type list, select sending-only.

   12. Click Next.

   13. From the Target list, select engine2.

   14. Click Finish.

9. Create a subdeployment by performing the following steps:

   1. In the Domain Structure pane on the left side, expand Services, then expand Messaging, and then click JMS Modules.

      The Summary of JMS Modules page appears.

   2. In the JMS Modules table, click scfEdrGeneration.

      The Settings for sdcEdrGeneration page appears.

   3. Click the Subdeployments tab.

   4. Click New.

      The Create a New Subdeployment page appears.

   5. In the Subdeployment Name field, enter scfEdrGeneration_SD.

   6. Click Next.

   7. Select the scfEdrSafAgent-Engine1 and scfEdrSafAgent-Engine2 check boxes.

   8. Click Finish.

Post-Configuration Tasks for Your UDR Domains

You must perform the following configuration tasks on the machine that hosts your UDR domains:

• Disable basic authentication

• Configure your UDR domains to communicate with the UDR

• Configure the JMS Store-and-Forward system

Disabling Basic Authentication

You must run the setDomainEnv.sh and disableBasicAuth.py scripts, which automatically:

• Disable basic authentication

• Create the EvolvedCommunicationUsers group. All user accounts that you create for the SDC GUI must belong to this group.

To disable basic authentication and create the EvolvedCommunicationUsers group:

1. Log in to the machine that hosts the UDR domain.

2. Go to the Domain_home directory.

3. Enter the following command:

   . bin/setDomainEnv.sh
   

4. Enter one of the following commands:

   • For t3s connections:

     java -Dweblogic.security.TrustKeyStore=DemoTrust
     -Dweblogic.security.SSL.protocolVersion=TLS1 weblogic.WLST
     bin/disableBasicAuth.py admin_username 'admin_password'
     t3s://hostname:admin_SSL_port domain_name
     

   • For t3 connections:

     java weblogic.WLST bin/disableBasicAuth.py admin_username 
     'admin_password' t3://hostname:admin_listen_port domain_name
     

   where:

   • hostname specifies the host name or IP address of the machine that hosts the UDR domain.

   • admin_listen_port references the Administration Server plain listen port.

   • admin_SSL_port specifies the number for the Administration Server SSL listen port. You configured the SSL port number in the "Administrator Account Screen".

   • domain_name specifies the name of your UDR domain. You specified the domain name in the "Configuration Type Screen" of the Domain Configuration Wizard.

Configuring Communication Between Your UDR Domain and the UDR

To configure communication:

1. Log in to the target machine.

2. Go to the Domain_home/lib directory.

3. Create a link to the NoSQL kvclient jar file. For example:

   ln -s NoSQL_home/lib/kvclient.jar ./kvclient.jar
   

   where NoSQL_home is the directory in which you installed the NoSQL client driver or installed the NoSQL database software. See "Setting up OCECAS for Subscriber Data" for more information.

4. Go to the Domain_home/config/custom directory.

5. Open the csp.xml file in a text editor.

6. Ensure that the following elements are set correctly:

   • name is set to the correct name.

   • helper-host is set to the correct host IP address and port number for your NoSQL database.

   • store-name is set to spr.data.

   <adapters>
       <no-sql-adapter>
         <name>nosql1</name>
         <helper-host>IP_address:port_no</helper-host>
         <store-name>spr.data</store-name>
       </no-sql-adapter>
     </adapters>
   

7. Save and close the file.

Configuring the JMS Store-and-Forward System on Your UDR Domains

You must configure a JMS SAF system for each UDR domain, which includes creating the following:

• An SAF agent

• A persistent store for each SCF engine in your domain

• A JMS module, which includes:

  • A connection factory resource

  • An SAF remote context

  • An SAF imported destination

  • A subdeployment

The following instructions assume that your OCECAS system only contains the default UDR (udr1)) and that your management domain's SDC server is listening on SSL port 6002.

To configure the JMS SAF system:

1. Start your OCECAS servers if they are not already running. See "Starting WebLogic Server Administration and Managed Servers" for more information.

2. Navigate to the Administration Console and log in with your administrator user name and password:

   http://hostname:port/console
   

   where hostname is the name of your OCECAS server and port is the Administration Console access port number.

3. Create the persistent stores by performing the following steps:

   1. In the Domain Structure pane on the left side, expand Services and then click Persistent Stores.

      The Summary of Persistent Stores page appears.

   2. In the Persistent Stores table, click New and then click Create FileStore.

      The Create a New File Store page appears.

   3. In the Name field, enter udrEdrSafPersistentStore-udr1.

   4. From the Target list, select udr1.

   5. In the Directory field, enter Domain_home/saf_edr/udr1/jmsStore.

   6. Click OK.

4. Create the JMS module by performing the following steps:

   1. In the Domain Structure pane on the left side, expand Services, then expand Messaging, and then click JMS Modules.

      The Summary of JMS Modules page appears.

   2. Click New.

      The Create JMS System Module page appears.

   3. In the Name field, enter udrEdrGeneration.

   4. In the Descriptor File Name field, enter /jms/udredrgeneration-jms.xml.

   5. Click Next.

   6. Select the BEA_UDR_TIER_CLUST check box.

   7. Select the All servers in the cluster option.

   8. Click Next.

   9. Select the Would you like to add resources to this JMS system module? check box.

   10. Click Finish.

       You are returned to the Settings for udrEdrGeneration page.

5. Create the Connection Factory by performing the following steps:

   1. In the Summary of Resources table, click New.

      The Create a New JMS System Module Resource page appears.

   2. Select the Connection Factory option, and then click Next.

   3. In the Name field, enter udrEdrGeneration_CFactory.

   4. In the JNDI field, enter /jms/edr/qcon/edr_cf.

   5. Click Next.

   6. Select the BEA_ENGINE_TIER_CLUST check box.

   7. Select the All servers in the cluster option.

   8. Click Finish.

      You are returned to the Settings for udrEdrGeneration page.

6. Create the SAF remote context:

   1. In the Summary of Resources table, click New.

      The Create a New JMS System Module Resource page appears.

   2. Select the Remote SAF Context option, and then click Next.

   3. In the Name field, enter udrEdrSafRemoteContext.

   4. In the URL field, enter t3s://hostname:6002.

   5. In the User Name field, enter the user name used to log in to the remote resource.

   6. In the Password field, enter the password used to log in to the remote resource.

   7. Click OK.

      You are returned to the Settings for udrEdrGeneration page.

7. Create the SAF imported destination:

   1. In the Summary of Resources table, click New.

      The Create a New JMS System Module Resource page appears.

   2. Select the SAF Imported Destinations option, and then click Next.

   3. In the Name field, enter udrEdrSafRemoteImportedDestination.

   4. In the JNDI Prefix field, enter /jms/edr/edr_q/Local.

   5. In the Remote SAF Context field, enter udrEdrSafRemoteContext.

   6. Click Next.

   7. Select the BEA_ENGINE_TIER_CLUST check box.

   8. Select the All servers in the cluster option.

   9. Click Finish.

      You are returned to the Settings for udrEdrGeneration page.

   10. In the Summary of Resources table, click udrEdrSafRemoteImportedDestination.

       The Settings for udrEdrSafRemoteImportedDestination page appears.

   11. Click the Configuration tab, and then click the Queues subtab.

   12. Click New.

       The Create a New SAF Queue page appears.

   13. In the Name field, enter udrEdrGenerationSAF_Q.

   14. In the Remote JNDI Name field, enter /jms/edr/edr_q/Local.

   15. Click OK.

8. Create the SAF agents by performing the following steps:

   1. In the Domain Structure pane on the left side, expand Services, then expand Messaging, and then click Store-and-Forward Agents.

      The Summary of Store-and-Forward Agents page appears.

   2. Click New.

      The Create a New Store-and-Forward Agents page appears.

   3. In the Name field, enter scfEdrSafAgent-Engine1.

   4. From the Persistent Store list, select udrEdrSafPersistentStore-udr1.

   5. From the Agent Type list, select sending-only.

   6. Click Next.

   7. From the Target list, select udr1.

   8. Click Finish.

9. Create a subdeployment by performing the following steps:

   1. In the Domain Structure pane on the left side, expand Services, then expand Messaging, and then click JMS Modules.

      The Summary of JMS Modules page appears.

   2. In the JMS Modules table, click scfEdrGeneration.

      The Settings for sdcEdrGeneration page appears.

   3. Click the Subdeployments tab.

   4. Click New.

      The Create a New Subdeployment page appears.

   5. In the Subdeployment Name field, enter scfEdrGeneration_SD.

   6. Click Next.

   7. Select the scfEdrSafAgent-Engine1 and scfEdrSafAgent-Engine2 check boxes.

   8. Click Finish.

Starting WebLogic Server Administration and Managed Servers

After installing and configuring the domains, start the necessary servers on each domain:

• Starting the Administration Server

• Starting Node Manager

• Starting Your Managed Servers

Starting the Administration Server

To start the Administration Server:

1. Log in to the target system.

2. Go to the Domain_home/bin directory.

3. Enter the following command:

   ./startWebLogic.sh
   

4. If your domain uses a production startup mode, you are prompted for the login credentials of the Administrator user.

   You can create a boot identity file to bypass the need to provide a user name and password when starting the Administration Server in production mode. For more information, see "Creating a Boot Identity File for an Administration Server" in Oracle Fusion Middleware Administering Server Startup and Shutdown for Oracle WebLogic Server.

For more information about starting the Administration Server, see "Starting and Stopping Administration Server" in Oracle Fusion Middleware Administering Oracle Fusion Middleware.

Starting Node Manager

To start Node Manager:

1. Log in to the target system.

2. Go to the Domain_home/bin directory.

3. Enter the following command:

   nohup ./startNodeManager.sh > nm.out&
   

Oracle recommends that you install Node Manager to run as a startup service, which allows Node Manager to start up automatically each time the system restarts. For more information about installing a per domain Node Manager service, see "Running Node Manager as a Startup Service" in Oracle Fusion Middleware Administering Node Manager for Oracle WebLogic Server.

Starting Your Managed Servers

Before starting a managed server for the first time, copy the Domain_home/security/SerializedSystemIni.dat file from the Administration Server to the same directory on each managed server.

To start a managed server:

1. Log in to the target system.

2. Go to the Domain_home/bin directory.

3. Enter the following command:

   ./startManagedWebLogic.sh managed_server_name admin_server_url
   

   where:

   • managed_server_name is the name of the managed server that you want to start.

   • admin_server_url is the full URL of the Administration Server, as provided on the Configuration Success screen.

For more information about starting managed servers, see "Starting and Stopping Managed Servers" in Administering Oracle Fusion Middleware.

Creating Users for the SDC GUI

You must create at least one user for logging in to the SDC GUI, but you can create more users to meet system requirements.

For more information about the SDC GUI, see "About the Session Design Center" in Evolved Communication Application Server Concepts.

To create a user for the SDC GUI:

1. Log in to the machine that hosts the management domain.

2. Ensure that your Administration Server has been started.

3. Navigate to the Administration Console and log in with your administrator user name and password:

   http://hostname:port/console
   

   where hostname is the IP address or name of the machine that hosts your management domain and port is the Administration Console access port number for your management domain.

4. In the Domain Structure pane on the left side, click Security Realms.

   The Summary of Security Realms page appears.

5. In the Realms table, click myRealm.

   The Settings for myrealm page appears.

6. Click the Users and Groups tab, and then click the Users subtab.

7. Click New.

   The Create a New User page appears.

8. In the Name field, enter the user name for accessing the SDC GUI.

9. In the Password and Confirm Password fields, enter the password for the SDC GUI user.

10. Click OK.

11. In the Users table, click the SDC GUI user name that you created in step 8.

    The Settings for UserName page appears.

12. Click the Groups tab.

13. In the Available pane, select EvolvedCommunicationUsers.

14. Click the right arrow button to move EvolvedCommunicationUsers to the Chosen pane.

15. Click Save.

16. Restart the Administration Server to make your changes take effect.

Configuring Authentication

Configure OCECAS to provide authentication through an LDAP server or Oracle Identity Manager (OIM). For more information, see "Managing User Entities" in Evolved Communications Application Server System Administrator's Guide.

Configuring SSL Hostname Verification

If your installation is configured to use Secure Socket Layer (SSL) support, set the host name verification to None by using the WebLogic Server Administration Console.

To configure SSL host name verification:

1. Start your OCECAS Administration Server if it is not already running.

2. Navigate to the WebLogic Server Administration Console, and log in with your administrator user name and password:

   http://hostname:port/console
   

   where hostname is the name of your OCECAS server and port is the Administration Console access port number.

3. In the Domain Structure pane, expand Environment, and then click Servers.

4. In the Summary of Servers pane, click the Configuration tab.

5. For each of your servers in the Servers table, do the following:

   1. Click the server name in the table, for example, AdminServer.

   2. In the Settings for ServerName pane, click the SSL tab.

   3. Expand the Advanced settings at the bottom of the pane.

   4. From the Hostname Verification list, select None.

   5. Click Save.

No restart is required after making this change.

Configuring the Coherence Security Framework

If you created a clustered domain, enable the Coherence Security Framework. For instructions, see "Enabling the Oracle Coherence Security Framework" in Securing Oracle Coherence.

Next Steps

If you encountered any configuration issues, see "Troubleshooting an OCECAS Installation".