30.5 Registering a 10g WebGate with Access Manager 11g Remotely

Whether you have a legacy 10g WebGate installed, or you are installing a fresh 10g WebGate instance to use with Access Manager 11g, you must register WebGate to use Access Manager 11g authentication and authorization services. You can use either the Oracle Access Management Console or the remote registration tool to perform this task. The remote registration tool enables you to specify all WebGate parameters before registration using a template.

The following procedure walks through provisioning using the remote registration tool, in-band mode. In this example, OAMRequest_short.xml is used as a template to create an agent named my-10g-agent1, protecting /.../*, and declaring a public resource, /public/index.html. Your values will be different. You can use a full registration template to specify public, private, and excluded resources.

See Performing Remote Registration for OAM Agents.

To use remote registration with a 10g WebGate for Access Manager 11g:

  1. Acquire the remote registration tool and set up the script for your environment. For example:

    1. Locate RREG.tar.gz file in the following path:

    2. Untar RREG.tar.gz file to any suitable location. For example: rreg/bin/oamreg.

    3. In the oamreg script (oamreg.bat or oamreg.sh), set the following environment variables based on your situation (client side or server side) and information.

      See Table 15-5.

      • OAM_REG_HOME = exploded_dir_for_RREG.tar/rreg
      • JAVA_HOME = Java_location_on_the_computer
  2. Create the registration request:

    1. Locate OAMRequest_short.xml and copy it to a new file. For example:


      Copy: OAMRequest_short.xml

      To: my-10g-agent1.xml

    2. Edit my-10g-agent1.xml to include details for your environment. For example:

                        <protectedResourcesList>         <resource>/myapp/</resource>         <resource>/myapp/.../*</resource>                   </protectedResourcesList>                 <publicResourcesList>         <resource>/public/index.html</resource>                 </publicResourcesList>                    <excludedResourcesList>         <resource>/excluded/index.html</resource>                     </excludedResourcesList> 

      See Creating Your Remote Registration Request

  3. Register the agent.

    For example:

    1. Locate the remote registration script.

      • Linux: rreg/bin/oamreg.sh

      Windows: rreg\bin\oamreg.bat

    2. From the directory containing the script, execute the script using inband mode.

      For example:

      $ ./bin/oamreg.sh inband input/my-10g-agent1.xml

      Welcome to OAM Remote Registration Tool!
      Parameters passed to the registration tool are:
      Mode: inband
      Filename: ...
    3. When prompted, enter the following information using values for your environment:

      Enter your agent username: userame
         Username:  userame
      Enter agent password: ********
      Do you want to enter a WebGate password?(y/n)
      iv.     Do you want to import an URIs file?(y/n)
    4. Review the final message to confirm that this was a successful registration:

      Inband registration process completed successfully! Output artifacts are 
      created in the output folder"
  4. Ignore the ObAccessClient.xml file created during registration for now.

  5. Log in to the Oracle Access Management Console and add resources for the new registration to the Application Domain.

    See Table 25-1.

    1. Under Application Security, click the following links to reveal Search controls:

      • Access Manager
      • Application Domains
    2. Use the Search controls to locate the Application Domain in which your WebGate registration page is created, then click the name in the Results table to display the page.

    3. Click the Resources tab and then Create.

    4. OAM Proxy Port—Under Configurations, double click Server Instances and search for the server to get the OAM Proxy port details.

      See Table 6-3.

  6. Proceed as needed for your environment: