Using Single Sign On with Data Relationship Management
Single Sign On (SSO) for Oracle Data Relationship Management requires various components to be installed and configured. In a typical Web SSO environment, a Web identity management solution controls authentication and authorization for one or more independent software systems. The goal of SSO is to allow a user to gain access to the various independent systems without being prompted for a login for each system.
Data Relationship Management implements SSO by utilizing Oracle Hyperion Shared Services, a web identity management solution (such as Oracle Access Manager), and an external user directory (such as Oracle Internet Directory or Microsoft Active Directory).
Note:
A mix of SSO and non-SSO applications is not supported on a single server.
Use the following steps to install and configure SSO:
Task | Reference |
---|---|
Prerequisite |
|
Install and configure Oracle Access Manager 12c |
See Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management and Fusion Middleware Administrator's Guide for Oracle Access Management |
Data Relationship Management |
|
1. Configure Shared Services with an external user directory. |
See "Configuring OID, Active Directory, and other LDAP-based User Directories" in the Oracle Enterprise Performance Management System User Security Administration Guide . |
2. Configure Shared Services for SSO. |
See "Configuring EPM System for SSO" in the Oracle Enterprise Performance Management System Security Configuration Guide . |
3. Install Data Relationship Management. |
|
4. In the Data Relationship Management Configuration Console, configure Data Relationship Management for CSS authentication mode and enable SSO. |
|
5. Configure a Web identity management solution to protect the Data Relationship Management Web application and use the same external user directories configured in Shared Services. |
|
6. Install and configure IIS OAM Webgate |
Oracle Fusion Middleware Installing WebGates for Oracle Access Manager |
Data Relationship Management Analytics |
|
1. Ensure that the Oracle EPM Foundation Server has been configured with Oracle HTTP Server. This can be accomplished by configuring the Web Server in the EPM System Configurator. |
|
2. Manually configure the following directive in the file
|
|
3. Install 11.1.2.2 Webgate for OHS |
See "Installing Oracle HTTP Server 11g Webgate" in Oracle Fusion Middleware Installing WebGates for Oracle Access Manager |
4. Deploy and configure webgate instance using tool deployWebGate |
See "Post-Installation Steps for Oracle HTTP Server 11g Webgate" in Oracle Fusion Middleware Installing WebGates for Oracle Access Manager |
5. Register Webgate |
See "Getting started with a New Oracle HTTP Server 11g Webgate" in Oracle Fusion Middleware Installing WebGates for Oracle Access Manager |
6. Configure the OAM Identity Asserter |
See "Configuring the OAM Identity Asserter" in Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter Portal |
7. Configure external authentication provider for WebLogic domain |
See "Configuring LDAP Authentication Providers" in Oracle Fusion Middleware Securing Oracle WebLogic Server 10.3.6 |
8. Configure the default authenticator |
See "Configuring the Default Authenticator and Provider Order" in Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter Portal |
9. Restart Weblogic Admin and DRM Managed Servers |
|
10. Restart Oracle Process Manager (Oracle HTTP Server) |