1 Quick Start Wizards Help
The Quick Start Wizard helps you build a process definition from scratch using a process definition template. The Quick Start Wizard creates a new type for your process, prompting you for the minimum required information.
The following topic is covered:
1.1 SSO Agent Registration
Agent Type
Select the agent type to register and click Next. The following table describes the elements in the Agent Type section of the SSO Agent Registration page:
| Element | Description |
|---|---|
|
Agent Type |
Choose the agent type from the drop-down menu:
|
|
Cancel |
Click Cancel to cancel the changes made to the page. |
|
Next |
Click Next to continue to register and configure the agent. |
Configure Webgate
Configure Webgate describes SSO Agent registration parameters of agent type Webgate. The following table describes the elements on the Configure Webgate page:
| Element | Description |
|---|---|
|
Name |
The unique identifying name for this Agent registration. This is often the name of the computer that is hosting the Web server used by the WebGate. A unique identifying name for each Agent registration is preferred, However:
|
|
Description |
Type a short meaningful description for this Agent registration. |
|
Base URL |
The host and port of the computer on which the Web server for the WebGate is installed. For example: http://example_host:port or https://example_host:port, the port number is optional. Note:A particular Base URL can be registered once only. There is a one-to-one mapping from this Base URL to the Web server domain on which the WebGate is installed (as specified with the Host identifier element). However, one domain can have multiple Base URLs. |
|
Access Client Password |
Unique password for this WebGate, which can be assigned during this registration process. This field is optional. When a registered WebGate connects to an OAM Server, the password is used for authentication to prevent unauthorized WebGates from connecting to OAM Servers and obtaining policy information. |
|
Host Identifier |
This identifier represents the Web server host. This is automatically seeded with the value in the agent name field. Note: You can register multiple OAM WebGates (or Access Clients) under a single host identifier with the same Application Domain and policies, as follows:
|
|
User Defined Parameters |
Parameters you can enter to enable specific WebGate behaviors. |
|
Security |
Level of communication transport security between the Agent and the OAM Server (this must match the level specified for the OAM Server), choose any of the following:
|
|
Agent Key Password |
The private key file (aaa_key.pem) is encrypted using DES algorithm. The Agent Key Password is saved in obfuscated format in password.xml and is required by the server to generate password.xml. However, this password is not retained by the server. Note: When editing an webGate registration, password.xml is updated only when the mode is changed from Open to Cert or Simple to Cert. In Cert mode, once generated, password.xml cannot be updated. Editing the Agent Key Password does not result in creation of a new password.xml. |
|
Virtual host |
Check the box if you have installed a WebGate on a Web server that contains multiple Web site and domain names. The WebGate must reside in a location that enables it to protect all of the Web sites on that server. |
|
Auto Create Policies |
During agent registration, you can have authentication and authorization policies created automatically. This option is checked (enabled) by default. Shared Registration and Policies: Multiple WebGates (or Access Clients) installed on different Web servers can share a single registration and policies to protect the same resources. This is useful in a high - availability fail over environment. To do this:
After registering the second agent, both WebGates use the same host identifier and policies. |
|
IP Validation |
Check the box to ensure a client's IP address is as the IP address stored in the ObSSOCookie generated for single sign-on. Selecting this option displays a field where you can enter the IP Validation Exceptions. |
|
IP Validation Exceptions |
Enter any IP addresses to be excluded from validation using standard notation for the addresses. For Example: 10.20.30.123. The IP address stored in the ObSSOCookie must match the client's IP address. Otherwise, the cookie is rejected and the user must re-authenticate. |
|
Back |
Click Back to move backwards in the Agent Registration wizard. |
|
Finish |
Click Finish to complete the registration. |
|
Cancel |
Click Cancel to cancel the changes made to the page. |
Resource Lists
The following table describes the elements in the Resource Lists section of the Configure Webgate page:
| Element | Description |
|---|---|
|
Protected Resource List |
URIs for the protected application, For Example: /myapp/login. Each URI for the protected application should be specified in a new row of the table for the Protected Resource List. Default URI: /** The default matches any sequence of characters within zero or more intermediate levels spanning multiple directories. |
|
Public Resource List |
Each public application should be specified in a new row of the table for the Public Resource List. |
|
Add |
Add Protected Resources—Click Add button to add a resource to the Protected Resource list. Each URI should be specified in a new row of the table. For Example: If you add
Add Public Resources— Click Add button to add a resource to the Public Resource List. For Example: If you add
|
|
Delete |
Select a row and click Delete to remove the row. |
|
|
Click to sort the items in the column in ascending order. |
|
|
Click to sort the items in the column in descending order. |
Related Topics
Introduction to Agents and Registration in Administrator's Guide for Oracle Access Management