The procedure to configure the Reporter system for Oracle SSO user authentication is described in the Oracle Real User Experience Insight User's Guide. Note that RUEI must be fully installed before it can be configured for Oracle SSO user authentication.
The Oracle SSO server uses its own web server in order to prevent conflicts with the currently installed web server. Therefore, the currently installed web server needs to be turned off by running the following commands:
/sbin/service httpd stop /sbin/chkconfig --del httpd
Note:
It is recommended that you do not un-install the default Linux Apache web server because this would also un-install the PHP module.
The procedure described in this section should only be followed if you are installing and configuring the oracle HTTP server for a Reporter that does not have a local database. Otherwise, the procedure described in Reporter System With Local Database should be followed.
This section is only relevant for RUEI installations configured to use a remote database. In this case, the oracle user does not yet exist, and so must be created by running the following commands:
/usr/sbin/groupadd oinstall oinstall /usr/sbin/useradd -g oinstall oracle
The procedure described in this section should only be followed if you are installing and configuring the oracle HTTP server for a Reporter that is configured with a local database. Otherwise, the procedure described in Reporter System Without Local Database should be followed.
Increase the number of open files limit. Edit the following line in the /etc/security/limits.conf file:
oracle soft nofile 16384
To install the Oracle HTTP Server, do the following:
Log in to the Reporter server as the oracle user, and unzip the Oracle HTTP server zip file. Ensure that your X Window environment is properly set up. In addition, when logging on remotely with SSH, ensure X forwarding is enabled. The installation of Oracle HTTP server needs to be performed as the oracle user (only certain parts of this chapter require root privileges). Run the following commands:
unzip ofm_webtier_linux_11.1.1.9.0_64_disk1_1of1.zip cd webtier/Disk1 export ORACLE_BASE=/u01/app/oracle ./runInstaller
As the installation script runs, you should accept all default values, except for step 5. Here, you must uncheck the two check boxes Oracle Web Cache and Associate selected components with weblogic domain shown in Figure 5-1.
After exiting the installation script, set the following environment variables:
export ORACLE_HOME=$ORACLE_BASE/middleware/oracle_WT1 export ORACLE_INSTANCE=$ORACLE_HOME/instances/instance1
Stop the Oracle HTTP server and Oracle Process Manager Notification (OPMN) running the following command:
$ORACLE_INSTANCE/bin/opmnctl stopall
Edit the $ORACLE_INSTANCE/config/OPMN/opmn/opmn.xml file to use the httpd.prefork in order so that the PHP module can be loaded. Ensure that the following variables are set in the /etc/ruei.conf configuration file:
<environment>
      <variable id="TEMP" value="/tmp"/>
      <variable id="TMP" value="/tmp"/>
      <variable id="OHSMPM" value="prefork"/>
</environment>
Where, timezone is the value of time zone you set in the /etc/ruei.conf file.
Log in as the root user, and change the permissions for the .apachectl file so that the Oracle HTTP server can run as the Apache user. Run the following commands:
chown root $ORACLE_HOME/ohs/bin/.apachectl chmod 6750 $ORACLE_HOME/ohs/bin/.apachectl
Add apache to the oinstall group running the following command:
usermod -aG oinstall apache
Log in as the oracle user and edit the $ORACLE_INSTANCE/config/OHS/ohs1/httpd.conf file for the Oracle HTTP server to run as the Apache user. Edit the following lines:
User apache Group apache
Create the $ORACLE_INSTANCE/config/OHS/ohs1/moduleconf/php5.conf file, and edit it to contain the following:
LoadModule php5_module "/usr/lib64/httpd/modules/libphp5.so" AddHandler php5-script php AddType text/html php
Copy the /etc/httpd/conf.d/uxinsight.conf file, and make it available to the Oracle HTTP server running the following command:
cp /etc/httpd/conf.d/uxinsight.conf $ORACLE_INSTANCE/config/OHS/ohs1/moduleconf
Start Oracle Process Manager Notification (OPMN) and the Oracle HTTP server running the following command:
$ORACLE_INSTANCE/bin/opmnctl startall
Stop the HTTP server running the following command:
$ORACLE_INSTANCE/bin/opmnctl stopproc ias-component=ohs1
In order to have RUEI running on the default HTTPS port, edit the $ORACLE_INSTANCE/config/OHS/ohs1/ssl.conf file, and change the line with the Listen directive to the following:
Listen 443
In addition, edit the VirtualHost definition as follows:
<VirtualHost *:443>
Comment out the LoadModule settings in the config/OHS/ohs1/moduleconf/plsql.conf and config/OHS/ohs1/mod_wl_ohs.conf files.
Create the $ORACLE_INSTANCE/config/OHS/ohs1/moduleconf/mod_osso.conf file:
LoadModule osso_module "${ORACLE_HOME}/ohs/modules/mod_osso.so"
<IfModule osso_module>
   OssoConfigFile /u01/app/oracle/product/11.1.1/as_1/instances/instance1/config/OHS/ohs1/osso.conf
   OssoIpCheck off
   OssoIdleTimeout off
</IfModule>
Copy the osso.conf file that you received after registering RUEI with the Oracle SSO server to the $ORACLE_INSTANCE/config/OHS/ohs1 directory. This is described in Registering RUEI with the Oracle SSO Server.
Start the Oracle HTTP server running the following command:
$ORACLE_INSTANCE/bin/opmnctl startproc ias-component=ohs1
In order to create the required osso.conf file, you need to register RUEI with the Oracle SSO server. The procedure to do this differs depending on whether you are using Oracle SSO version 10.1.4 or 11.1.
Use the 10.1.4 Oracle Identity Manager registration tool ssoreg.sh to update the registration record in the osso.conf file. Do the following:
Go to the Oracle Identity Manager directory:
ORACLE_HOME/sso/bin/ssoreg
Run the ssoreg.sh tool with the following parameters and values:
./ssoreg.sh -site_name hostname:4443 \ -config_mod_osso TRUE \ -mod_osso_url hostname:4443 \ -config_file location
Where,
hosthame specifies the full URL of the RUEI Reporter system (for example, https://ruei.us.myshop.com).
location specifies the location to which the osso.conf file will be written (for example, tmp/osso.conf).
Copy the created osso.conf file to the $ORACLE_INSTANCE/config/OHS/ohs1 directory on the RUEI Reporter system.
For more information, see http://docs.oracle.com/cd/E14571_01/core.1111/e10043/osso.htm#autoId89.
To register RUEI as a partner application within Oracle SSO version 11.1, do the following:
On Oracle Access Manager console, click the Policy Configuration tab. The screen shown in Figure 5-2 appears.
Figure 5-2 OAM Policy Configuration Screen.
Click the New OSSO Agent item. The screen shown in Figure 5-3 appears.
Enter the required parameters and click Apply. The screen shown in Figure 5-4 appears.
Figure 5-4 OSSO Agent Creation Confirmation.
Copy the osso.conf file from the indicated location to the $ORACLE_INSTANCE/config/OHS/ohs1 directory on the RUEI Reporter system.
You can test the Oracle HTTP server for integration with RUEI by directing your browser to https://Reporter/ruei. When you select System, then User management, the Configure SSO connection option should be enabled.
For information about enabling Oracle SSO user authentication within RUEI, see the Oracle Real User Experience Insight User's Guide.