Oracle provides both a short and extended registration request template for use with the remote agent registration tool: oamreg.sh (Linux) or oamreg.bat (Windows).
This topic focuses on OAM Agent templates (WebGates and Access Clients). Regardless of the template you choose (short or extended), only a few differences exist between 11g and 10g OAM Agent templates, listed in Table 15-9 and stored in $OAM_REG_HOME/input/
.
Table 15-9 Remote Registration Request Templates for OAM Agents
Template Type | Template Name in $OAM_REG_HOME/input/ |
---|---|
Abbreviated (Short) Form |
|
Extended (Full) Form |
|
Other Templates Update Agent Create Policies, Update Policies Out-of-band Response |
For a look at these specialized tasks and templates, see: |
Note:
Despite being nearly identical for both 10g and 11g WebGates, be sure to copy and use the appropriate request for your release.
Element names in request templates might differ slightly from counterparts in the Oracle Access Management Console. Unless explicitly stated, all information applies equally to requests for both 10g and 11g WebGates/Access Clients.
Table 15-10 describes elements specific to OAM Agent remote registration requests. Protected, public, and excluded resource lists are included in both the short and extended request templates for OAM Agents.
Note:
Descriptions of elements in Table 15-10 are in Table 15-3.
Table 15-10 Elements in Extended OAM Agent Remote Registration Requests
Element | Example |
---|---|
<serverAddress> <agentName> <hostIdentifier> <agentBaseUrl> <autoCreatePolicy> <applicationDomain> <virtualhost> <allowCredentialCollectorOperations> <allowMasterTokenRetrieval> |
See Table 15-8. |
<hostPortVariationsList> |
<hostPortVariationsList> <host>host1</host> <port>7777</port> </hostPortVariations> <host>host2</host> <port>7778</port> </hostPortVariations> </hostPortVariationsList> |
<protectedResourcesList> |
<protectedResourcesList> <resource>/</resource> </protectedResourcesList> |
<publicResourcesList> |
<publicResourcesList> <resource>/public/index.html </resource> </publicResourcesList> |
<excludedresourcesList> |
<excludedresourcesList> <resource>/excluded/index.html </resource> </excludedresourcesList> |
<primaryCookieDomain> 10g Request Only In OAMRequest.xml (10g WebGates) <hostIdentifier> is also used as preferred HTTP host |
<primaryCookieDomain>{client_domain} </primaryCookieDomain> |
<maxCacheElems> |
<maxCacheElems>100000 </maxCacheElems> |
<cacheTimeout> |
<cacheTimeout>1800</cacheTimeout> |
<tokenValidityPeriod> 11g Request Only |
<tokenValidityPeriod>3600 </tokenValidityPeriod> |
<cookieSessionTime> 10g WebGate only, Registering and Managing 10g WebGates with Access Manager 11g |
<cookieSessionTime>3600 </cookieSessionTime> |
<maxConnections> |
<maxConnections>1</maxConnections> |
<maxSessionTime> |
<maxSessionTime>24</maxSessionTime> |
<idleSessionTimeout> 10g WebGate only, Registering and Managing 10g WebGates with Access Manager 11g |
<idleSessionTimeout>3600> </idleSessionTimeout |
<failoverThreshold> |
<failoverThreshold>1 </failoverThreshold> |
<aaaTimeoutThreshold>- |
<aaaTimeoutThreshold>-1 </aaaTimeoutThreshold> |
<sleepFor> |
<sleepFor>60</sleepFor> |
<debug> |
<debug>false</debug> |
<security> |
<security>open</security |
<denyOnNotProtected> |
<denyOnNotProtected>1 </denyOnNotProtected> |
<allowManagementOperations> |
<allowManagementOperations>false/<allowManagementOperations> |
<cachePragmaHeader> <cacheControlHeader> |
<cachePragmaHeader>no-cache </cachePragmaHeader> <cacheControlHeader>no-cache </cacheControlHeader |
<ipValidation> |
<ipValidation>0</ipValidation> |
<ipValidationExceptions> |
<ipValidationExceptions> <ipAddress>10,11,11,11</ipAddress> <ipAddress>10,11,11,12</ipAddress> <ipAddress>10,11,11,13</ipAddress> </ipValidationExceptions> |
<logOutUrls> |
<logOutUrls> <url>/logout1.html</url> <url>/logout2.html</url> </logOutUrls> |
<logoutCallbackUrl> 11g Request Only |
<logoutCallbackUrl>/oam_logout_success </logoutCallbackUrl> |
<logoutTargetUrlParamName> 11g Request Only |
<logoutTargetUrlParamName>end_url </logoutTargetUrlParamName> |
User-Defined Parameter Names |
Examples <userDefinedParameters> <userDefinedParam> <name>...</name> <value>...</value> </userDefinedParam> |
MaxPostDataLength |
<userDefinedParameters> <userDefinedParam> <name>MaxPostDataLength</name> <value>750000</value> </userDefinedParam> |
maxSessionTimeUnits |
<userDefinedParameters> <name>maxSessionTimeUnits</name> <value>hours</value> </userDefinedParam> |
useIISBuiltinAuthentication |
<userDefinedParameters> <name>useIISBuiltinAuthentication </name> <value>false</value> </userDefinedParam> |
idleSessionTimeoutLogic 10g WebGates only |
<userDefinedParameters> <name>idleSessionTimeoutLogic </name> <value>leastComponentIdleTimeout </value> </userDefinedParam> |
URLInUTF8Format |
<userDefinedParameters> <name>URLInUTF8Format</name> <value>true</value> </userDefinedParam> |
inactiveReconfigPeriod Shared secret applies to only 10g WebGate Configuration applies to only 11g WebGate. |
<userDefinedParameters> <name>inactiveReconfigPeriod</name> <value>10</value> </userDefinedParam> |
WaitForFailover |
<userDefinedParameters> <name>WaitForFailover</name> <value>-1</value> </userDefinedParam> |
proxySSLHeaderVar |
<userDefinedParameters> <name>proxySSLHeaderVar</name> <value>IS_SSL</value> </userDefinedParam> |
client_request_retry_attempts |
<userDefinedParameters> <name>client_request_retry_attempts </name> <value>1</value> </userDefinedParam> |
ContentLengthFor401Response |
<userDefinedParameters> <name>ContentLengthFor401Response </name> <value>0</value> </userDefinedParam> |
SUN61HttpProtocolVersion |
<userDefinedParameters> <name>SUN61HttpProtocolVersion </name> <value>1.0</value> </userDefinedParam> |
impersonationCredentials |
<userDefinedParameters>
<name>username:password
</name>
<value>cred</value>
</userDefinedParam>
|
UseWebGateExtForPassthrough |
<userDefinedParameters> <name>UseWebGateExtForPassthrough </name> <value>false</value> </userDefinedParam> |
syncOperationMode |
<userDefinedParameters> <name>syncOperationMode</name> <value>false</value> </userDefinedParam> |
filterOAMAuthnCookie 11g Request only. |
<userDefinedParameters> <name>filterOAMAuthnCookie</name> <value>true</value> </userDefinedParam> |