Implementing Oracle Access Manager as the PeopleSoft Single Signon Solution

PeopleSoft applications support Oracle Access Manager as the single signon solution.

To implement Oracle Access Manager as the PeopleSoft single signon solution:

  1. Install and configure Oracle Access Manager.

    See Oracle Access Manager Installation Guide

  2. In the PeopleSoft application, create OAMPSFT as a new user profile and associate a low security role such as PeopleSoft User.

    See Creating a New User Profile.

  3. In the user profile, access the ID page and select NONE as the ID type.

    See Defining User Profile Types.

  4. Save the user profile.

  5. Access the web profile and enter OAMPSFTas the public access user ID.

    See Configuring Web Profiles.

  6. Using PeopleSoft Application Designer, open the FUNCLIB_LDAP record.

  7. Right-click the LDAPAUTH field and select View PeopleCode.

  8. Find the getWWWAuthConfig() function and replace the value that is assigned to the &defaultUserId with OAMPSFT.

    Image: getWWWAuthConfig() Function showing modified user ID

    This example illustrates the getWWWAuthConfig() Function showing modified user ID.

    getWWWAuthConfig() Function showing modified user ID

  9. Save the record definition.

  10. Access the Signon PeopleCode page (PeopleTools, Security, Security Objects, Signon PeopleCode) and enable the OAMSSO_AUTHENTICATION function—the Signon PeopleCode for Oracle Access Manager single signon.

    Image: Signon PeopleCode page showing OAMSSO_AUTHENTICATION function enabled

    This example illustrates the Signon PeopleCode page with the OAMSSO_AUTHENTICATION function enabled.

    Signon PeopleCode page showing OAMSSO_AUTHENTICATION function enabled

  11. Save the page.

  12. WebLogic users must disable basic authentication.

    Access <PIA_HOME>\webserv\peoplesoft\config> and modify the config.xml file by adding this tag: <enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>

    For Example:

    <security-configuration xmlns:xacml="http://www.bea.com/ns/weblogic/90/security/xacml">
    <name>peoplesoft</name>
    <realm>myrealm</realm>
	
.......

    <credential-encrypted>{3DES}dOa1fqoTbX1GUq7RQPhDNDgkWkIZhzWVlEXkmSMbt9Uuf1FfVZIrJC</credential-encrypted>
    <enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>

  </security-configuration>

  13. Stop and restart the application server, web server, and HTTP server.