Go to primary content
Oracle Agile Engineering Data Management Security Guide
Release e6.2.1.0
E69102-01
Next
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Overview of Agile e6 System
1.1
Agile e6 System Services
1.2
Agile e6 System Components
1.2.1
Server Side Components
1.2.2
Client Side Components
1.3
Security Objectives of Agile e6 System
1.4
System-wide Advice
2
Secure Environment - HTTP(S) Support
2.1
Prerequisites
2.2
Secure External Communication
2.2.1
Setup of Secure EIP
2.2.2
Setup Apache HTTPD as SSL Reverse Proxy
2.2.2.1
Tokens in the Configuration Files
2.2.2.2
Check Your Configuration
2.2.3
Setup HTTPS on the Oracle WebLogic Servers
2.2.4
Setup Administration Client
2.2.5
Setup the Java Client
2.2.5.1
Java Client with Proxy
2.2.6
Setup Web Fileservice
2.2.7
Secure File Transfer in Batch Client
2.2.8
Setup AutoVue
2.2.9
Setup Web Client
2.2.9.1
Setting up WPS to use HTTPS
2.2.9.2
Deactivate Web Client
2.2.10
Change Lightweight Report URL
2.2.11
Setup Workflow Mailing
3
Wallets
3.1
Overview Wallet Infrastructure
3.2
Manual Creation of Wallets
3.2.1
Admin Client
3.2.2
Batch Client
3.2.2.1
Use the batchkey tool to create the Oracle Wallet
3.2.3
FMS
3.2.4
Server
3.2.5
SSO
3.2.6
WebService SSO
3.2.7
Upgrade Tool
3.2.8
EIP
4
Encryption
4.1
Encrypt Passwords
4.2
Secured Components
4.3
Agile e6 Encryption
4.3.1
EDM Server
4.3.2
File Server
4.3.3
WebLogic
4.3.4
Batch Clients
5
Authentication
5.1
LDAP Support
5.1.1
Prerequisites
5.1.2
User Authentication via LDAP
5.1.3
Setup an LDAP User
5.1.4
Configuration Parameter
5.1.5
Secure LDAP Connection
5.1.5.1
Support Oracle Wallet to store the LDAP Server Certificate
5.1.5.2
Import LDAP Server Certificate on Windows
5.1.5.3
Verify LDAP Environment
5.1.5.4
Support Backup LDAP Server for Fail Over
5.2
Java Client Single Sign-On (SSO)
5.2.1
Kerberos Prerequisites
5.2.1.1
Kerberos Infrastructure
5.2.1.2
Request Basic Information About Your Kerberos Environment
5.2.1.3
Java Kerberos Configuration File
5.2.1.4
Store the Java Kerberos Configuration File
5.2.1.5
Service Principals
5.2.1.6
Define Installation Environment
5.2.1.7
Determine the Servers for Kerberos Principals
5.2.1.8
Required Service Principal Names for the Examples
5.2.1.9
Request Kerberos Service Principals for Your Servers
5.2.1.10
Get the keyTab Files From Your Kerberos Administrator
5.2.1.11
Create keyTab for Service Principal
5.2.1.12
Store the keyTab Files
5.2.2
EDM Server Configuration
5.2.3
Agile e6 J2EE Components Configuration
5.2.3.1
Create Secured Directory
5.2.3.2
Install Java Kerberos Configuration File
5.2.3.3
Install keyTab File(s)
5.2.3.4
Configure Your Service Principal Name(s)
5.2.3.5
Populate Kerberos Configuration to WebLogic Server
5.2.3.6
Troubleshooting
5.2.3.7
Tracing
5.2.3.8
Common reasons for an error
5.3
Web Service SSO
5.3.1
WebLogic SAML Configuration
6
Agile e6 Users and Permissions
6.1
Predefined Agile e6 User
6.2
Windows Users
6.3
UNIX Users
6.4
Default Installation Permissions
6.4.1
Windows
6.4.2
UNIX
6.5
Detailed Access Permissions
6.5.1
Installation User
6.5.2
Runtime User
6.5.3
File Server User
6.6
Example How to Use Strict Access Permissions
6.6.1
Windows
6.6.2
UNIX
7
Securing Ports
7.1
Range of Ports
7.1.1
Well Known Port Numbers
7.1.2
Registered Port Numbers
7.1.3
Dynamic and/or Private Ports
7.2
Range of Values and Dependencies
8
Securing the Database
8.1
DB Role AGILE_E_ROLE
8.2
Advanced Setup
9
Secure Setup of the Enterprise Integration Platform (EIP)
9.1
Database Connection
9.2
Message Queue
9.3
Notification Service
9.4
Tomcat
9.5
EIP Wallet
9.6
Connectors
9.6.1
File Connectors
9.6.2
Network Connectors
9.6.3
Application Connector
9.6.4
JDBC Connector
10
Additional Security Relevant Information
10.1
Access Rights for User
10.2
URL Linking Support
10.3
Whitelist Mechanism for Masks
10.4
Number Variant configuration for ECI Web Service Access
10.5
Apache Tomcat Security
10.6
WebLogic Security