Implementing Oracle Access Manager as the PeopleSoft Single Signon Solution
PeopleSoft applications support Oracle Access Manager as the single signon solution.
To implement Oracle Access Management Access Manager (Oracle Access Manager) as the PeopleSoft single signon solution:
Install and configure Oracle Access Manager.
See the Oracle Access Manager installation documentation.
See https://docs.oracle.com/en/middleware/idm/access-manager/12.2.1.4/index.html
In the PeopleSoft application, create OAMPSFT as a new user profile and associate a low security role such as PeopleSoft User.
In the user profile, access the ID page and select NONE as the ID type.
Save the user profile.
Access the web profile and enter OAMPSFTas the public access user ID.
Using PeopleSoft Application Designer, open the FUNCLIB_LDAP record.
Right-click the LDAPAUTH field and select View PeopleCode.
Find the
getWWWAuthConfig()
function and replace the value that is assigned to the&defaultUserId
with OAMPSFT.This example illustrates the getWWWAuthConfig() Function showing modified user ID.
Save the record definition.
Access the Signon PeopleCode page (PeopleTools, Security, Security Objects, Signon PeopleCode) and enable the OAMSSO_AUTHENTICATION function—the Signon PeopleCode for Oracle Access Manager single signon.
This example illustrates the Signon PeopleCode page with the OAMSSO_AUTHENTICATION function enabled.
Save the page.
WebLogic users must disable basic authentication.
Access <PS_CFG_HOME>\webserv\<domain_name>\config and modify the config.xml file by adding this tag:
<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
For Example:
<security-configuration xmlns:xacml="http://www.bea.com/ns/weblogic/90/security/xacml"> <name>peoplesoft</name> <realm>myrealm</realm> ....... <credential-encrypted>{3DES}dOa1fqoTbXxxxxxxxxxxxxxxxx</credential-encrypted> <enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials> </security-configuration>
Be sure the logout page and expire page are configured correctly to work with the Oracle Access Manager logout mechanism.
See the Oracle Access Manager documentation.
Stop and restart the application server, web server, and HTTP server.