Configuring the OHTTP Server (OHS)
After installing OHTTP Server (Oracle HTTP Server), or OHS, configure as follows:
- Modify the $ORACLE_INSTANCE/ config/ OHS/ ohs1/httpd.conf file as follows:
- Change the default listen port from 7777 to 80.
Note: Before making the above change, disable or turn-off any other application that is using port 80 (such as IIS or Windows).
- Add settings after DocumentRoot as follows:
DocumentRoot <Unifier_Home>/apps/ROOT
- Add parameters between <Directory ></Directory> so it appears as follows:
<Directory "<Unifier_Home>/apps/ROOT">
Options Includes FollowSymLinks
AllowOverride None
Require all granted
DirectoryIndex index.html
</Directory>
<Directory "<Unifier_Home>/apps/ROOT/WEB-INF">
Require all denied
</Directory>
#Support Http method GET/POST only
RewriteEngine On
RewriteCond %{REQUEST_METHOD} !^(GET|POST)
RewriteRule .* - [F]
Header set Content-Security-Policy "default-src 'self'; frame-src *; child-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://elocation.oracle.com https://elocation.oracle.com *.oracle.com; style-src 'self' 'unsafe-inline';img-src 'self' data: http://elocation.oracle.com https://elocation.oracle.com *.oracle.com"
<Location /bp/sys/dm/jvue/viewer>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/dm/project_documents>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/sys/dm/bp/attachment/viewer>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/dm/unpublished_documents/log>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/studio/share/open_attachments>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/share/editGCWithoutWorkFlow>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/share/draftGC/new>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/share/draftGC/edit>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/share/commentGC/new>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/share/commentGC/edit>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/share/editGC>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/share/commentGC/copyFrom>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/share/draftGC/copyFrom>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/studio/bp/document/copylineitem>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
<Location /bp/studio/bp/document/itemopen>
Header set Content-Security-Policy "connect-src 'self' http://localhost:2345 http://localhost:7575 http://localhost:8888 http://localhost:9999 https://localhost:2345 https://localhost:7575 https://localhost:8888 https://localhost:9999"
</Location>
Notes:
<Unifier_Home>
is the unifier installation directory.- The session about Supporting Http method GET/POST only can be (or may be) added at the end of http.conf file.
- Change the default listen port from 7777 to 80.
- Add the following to the $ORACLE_INSTANCE/ config/ OHS/ ohs1/mod_wl_ohs.conf file:
<LocationMatch /(bp|bluedoor|g|pub|m|portal|unifier|viewbp|ws|VueServlet|VueJNLPServlet|jvueDMS|xdespellchecker)($|/)>
SetHandler weblogic-handler
WebLogicHost localhost
WebLogicPort 7001
</LocationMatch>
<LocationMatch /(dojo|gs|studio|unifier_js|webant|x)($|/)>
ExpiresActive on
ExpiresDefault "access plus 6 month"
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
</LocationMatch>
LoadModule deflate_module "${ORACLE_HOME}/ohs/modules/mod_deflate.so"
<LocationMatch /(bp|bluedoor|g|pub|portal|unifier|viewbp)($|/)>
SetOutputFilter DEFLATE
</LocationMatch>
DeflateBufferSize 20000
Note: Modify the enteries (#2) under <Location /> as necessary:
- WebLogicHost: Weblogic server hostname or IP address.
- For WebLogicPort: Weblogic server port number.
- The "deflate_module" must be loaded before "<LocationMatch /(bp|bluedoor|g|pub|portal|unifier|viewbp)($|/)>".
- If the browser displays the error message, "...js MIME type ('text/plain') is not executable, and strict MIME type checking is enabled," then add "text/javascript js" to this file: <OHS Installation path>/instances/instance1/config/OHS/ohs1/mime.types
3. Modify the $ORACLE_INSTANCE/ config/ OHS/ ohs1/ssl.conf file as follows:
For OHTTP, or OHS, version:
Note: For the full list of system requirements, applications, and application version levels, refer to Primavera Unifier Tested Configurations in the Primavera Unifier Documentation Library.
Replace: SSLProtocol nzos_Version_1_0 nzos_Version_3_0
With: SSLProtocol -all +TLSv1.2
Replace: SSLCipherSuite
SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SH
A,SSL_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_C BC_SHA
With: SSLCipherSuite HIGH
Note: Oracle recommends the SSLv3 protocol for OHS 11g version and the TLSv1.2 for OHS 12c version.
4. On Windows:
Run startNodeManager.cmd
and startComponent.cmd ohs1
On Linux: Run ./startNodeManager.sh
and ./startCOmponent.sh ohs1
Note: If OAM is used to set up Unifier, log into OAMconsole, navigate to resources tab and add 3 resources in it: /jVue/**, /VueServlet/** and /jvueDMS/**. The Protection level should be excluded for the newly created resources. If any other SSO server is used then perform the similar steps in this server.
Related Topics
Installing SSL Certificate (Optional)
Configuring the Oracle Database Server
Configuring WebLogic for Unifier on Windows
Installing Oracle WebCenter Content (Optional)
Configuring Unifier Using the Configurator
Last Published Tuesday, February 20, 2024