Using Single Sign On with Data Relationship Management

Single Sign On (SSO) for Oracle Data Relationship Management requires various components to be installed and configured. In a typical Web SSO environment, a Web identity management solution controls authentication and authorization for one or more independent software systems. The goal of SSO is to allow a user to gain access to the various independent systems without being prompted for a login for each system.

Data Relationship Management implements SSO by utilizing Oracle Hyperion Shared Services, a web identity management solution (such as Oracle Access Manager), and an external user directory (such as Oracle Internet Directory or Microsoft Active Directory).

Note:

A mix of SSO and non-SSO applications is not supported on a single server.

Use the following steps to install and configure SSO:

Task	Reference
Prerequisite
Install and configure Oracle Access Manager 12c	See Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management and Fusion Middleware Administrator's Guide for Oracle Access Management
Data Relationship Management
1. Configure Shared Services with an external user directory.	See "Configuring OID, Active Directory, and other LDAP-based User Directories" in the Oracle Enterprise Performance Management System User Security Administration Guide .
2. Configure Shared Services for SSO.	See "Configuring EPM System for SSO" in the Oracle Enterprise Performance Management System Security Configuration Guide .
3. Install Data Relationship Management.	See Installing Data Relationship Management.
4. In the Data Relationship Management Configuration Console, configure Data Relationship Management for CSS authentication mode and enable SSO.	See Configuring Host Computers.
5. Configure a Web identity management solution to protect the Data Relationship Management Web application and use the same external user directories configured in Shared Services.	See Web Access Management.
6. Install and configure IIS OAM Webgate	Oracle Fusion Middleware Installing WebGates for Oracle Access Manager
Data Relationship Management Analytics
1. Ensure that the Oracle EPM Foundation Server has been configured with Oracle HTTP Server. This can be accomplished by configuring the Web Server in the EPM System Configurator.
2. Manually configure the following directive in the file `mod_wl_ohs.conf` (assuming default port of 9800 for the DRMServer managed server and replacing HOST with the host name). File can be found at : `<MW_HOME>\user_projects\epmsystem1\httpConfig\ohs\config\OHS\ohs_component` `<LocationMatch^/oracle-epm-drm-analytics>` `SetHandler weblogic-handler WeblogicHost HOST WeblogicPort 9800 WLIOTimeoutSecs 6000 Idempotent OFF WLSocketTimeoutSecs 600` `</LocationMatch>`
3. Install 11.1.2.2 Webgate for OHS	See "Installing Oracle HTTP Server 11g Webgate" in Oracle Fusion Middleware Installing WebGates for Oracle Access Manager
4. Deploy and configure webgate instance using tool deployWebGate	See "Post-Installation Steps for Oracle HTTP Server 11g Webgate" in Oracle Fusion Middleware Installing WebGates for Oracle Access Manager
5. Register Webgate	See "Getting started with a New Oracle HTTP Server 11g Webgate" in Oracle Fusion Middleware Installing WebGates for Oracle Access Manager
6. Configure the OAM Identity Asserter	See "Configuring the OAM Identity Asserter" in Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter Portal
7. Configure external authentication provider for WebLogic domain	See "Configuring LDAP Authentication Providers" in Oracle Fusion Middleware Securing Oracle WebLogic Server 10.3.6
8. Configure the default authenticator	See "Configuring the Default Authenticator and Provider Order" in Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter Portal
9. Restart Weblogic Admin and DRM Managed Servers
10. Restart Oracle Process Manager (Oracle HTTP Server)