This document will cover the deployment of Project OpenPTK 2.0 using the Oracle Identity Manager 11g, deployed to Weblogic.
|
|
Prerequisites
The following tasks must be completed ...
- Oracle Identity Manager 11g has successfully been installed.
- This document uses a server with the following hostname: oim11g
- This document uses a login on the server of: oracle
- Download the entire Project OpenPTK source distribution from http://java.net/projects/openptk
- Create a "staging" directory on the server running Weblogic. This document uses the following staging directory:
Each installation of Oracle Identity Manager 11g will have a specific oimclient.jar file depending on the which update and/or patch set is install.
You MUST obtain the oimclient.jar file from the deployment that will be configured to work with the Project OpenPTK deployment.
Warning |
- If the oimclient.jar file is not properly install (see below), you will get "Class Not Found" errors.
- If you have the WRONG oimclient.jar file, you may be seeing "Incompatible Class" errors.
|
The jar file is located here: <IDM_HOME>/server/client/oimclient.jar
Build and Distribute
After the OpenPTK Project has been "checked out" the following steps need to be completed:
From the directory containing the build_oim11g.xml file:
- run the ant command:
- ant -f build_oim11g.xml clean all -Dopenptkconfig=openptk-oim11g.xml
- Copy the war file to the server running Weblogic
- scp dist/Server/openptk-server-2.0.0.war oracle@oim11g:/home/oracle/openptk
|
% cd trunk/openptk
% ant -f build_oim11g.xml clean all -Dopenptkconfig=openptk-oim11g.xml
BUILD SUCCESSFUL
Total time: 1 minute 28 seconds
% scp dist/Server/openptk-server-2.0.0.war oracle@oim11g:/home/oracle/openptk
|
Configure
Log into the server where the war file has been copied to:
- Expand the war file
- edit the configuration files
- Copy the oimclient.war file
- ssh into the server
- Change to the directory containing the war file
- make a sub-directory called openptk-server
- Change to the sub-directory
- Expand the war file
|
% ssh oracle@oim11g
% cd /home/oracle/openptk
% mkdir openptk-server
% cd openptk-server
% jar xvf ../openptk-server-2.0.0.war
|
- ssh into the server
- Change to the directory containing the war file
- Change to the sub-directory WEB-INF/lib
- Copy oimclient.jar to this directory
|
% ssh oracle@oim11g
% cd /home/oracle/openptk/openptk-server
% cd WEB-INF/lib
% cp <IDM_HOME>/server/client/oimclient.jar .
% cp /u01/app/oracle/Oracle/Middleware/Oracle_IDM1/server/client/oimclient.jar .
|
Clear Text Password
|
This procedure stores the password for the Admin user in OIM 11g in clear text. This technique should only be used for testing. Follow the Encrypting Password procedure for a production deployment.
|
Editing the openptk.xml file
- Change to the directory WEB-INF/classes
- Locate the Property Elements related to oim11g and update the value to match your OIM 11g deployment.
- oim11g.url
- oim11g.user.name
- oim11g.user.password
- Locate the <Contexts> Element. Find the <Property> Element that related to context.default and update the value to:
- Ensure that the <Context> is enabled.
- Locate the <Context id="User-Oracle-OIMClient">
- The enabled Argument must be set to true
- Set the default Context for the server Client
- Locate the <Client id="sever"> Element, in the <Clients> section
- Set the sub-Element <Contexts ...> default value to: User-Oracle-OIMClient
- Ensure that User-Oracle-OIMClient is one of the <Context ...> elements of <Contexts>
- Set the default Context for the uml Client
- Locate the <Client id="uml"> Element, in the <Clients> section
- Set the sub-Element <Contexts ...> default value to: User-Oracle-OIMClient
- Ensure that User-Oracle-OIMClient is one of the <Context ...> elements of <Contexts>
Warning
If the openptk_client.properties is not correct, the interface can not connect to the server. Logins will fail
Editing the openptk_client.properties file
- Locate the openptk.connection.uri property ... this file is under the WEB-INF/classes folder/directory
|
% cd WEB-INF/classes
% vi openptk.xml
<Property name= "oim11g.url" value= "t3://oim11g:7002" />
<Property name= "oim11g.user.name" value= "xelsysadm" />
<Property name= "oim11g.user.password" value= "Passw0rd" />
<Contexts>
<Properties>
<Property name= "context.default" value= "User-Oracle-OIMClient" />
<Context id= "User-Oracle-OIMClient" enabled= "true" ... >
<Client id= "openptkserver" >
<Authenticators>
<Authenticator id= "Employees-IdPass-LDAP" />
<Authenticator id= "Employees-IdPass-JDBC" />
<Authenticator id= "Employees-IdPass-Oracle" />
<Authenticator id= "OpenPTK-config" />
</Authenticators>
<Contexts default= "User-Oracle-OIMClient" >
<Context id= "Employees-Oracle-JDBC" />
<Context id= "Employees-MySQL-JDBC" />
<Context id= "Employees-OpenDS-JNDI" />
<Context id= "User-Oracle-OIMClient" />
</Contexts>
</Client>
<Client id= "uml" secret= "WeacAymEnZqP34gDQuNfDsHE" >
<Authenticators>
<Authenticator id= "Employees-IdPass-LDAP" />
<Authenticator id= "Employees-IdPass-JDBC" />
<Authenticator id= "Employees-IdPass-Oracle" />
<Authenticator id= "Anonymous" />
</Authenticators>
<Contexts default= "User-Oracle-OIMClient" >
<Context id= "Employees-Oracle-JDBC" />
<Context id= "Employees-MySQL-JDBC" />
<Context id= "Employees-OpenDS-JNDI" />
<Context id= "User-Oracle-OIMClient" />
</Contexts>
</Client>
% vi openptk_client.properties
openptk.connection.uri=http: //localhost:7001/openptk-server
|
Deploy Server
Log into the Weblogic Admin Interface and deploy the OpenPTK Server from the expanded directory.
- Select Deployments from the left-menu
- Click the Install button (you may have to select Lock and Edit first, if Production Mode)
- Navigate to the /home/oracle/openptk directory
- Select the Radio-Button for the (open directory)
- Click Next
|
|
- Select the Radio-Button Install this deployment as an application
- Click Next
|
|
- From the list of Servers
- Click Next
|
|
- In the Security section
- Make sure DD Only is selected
- In the Source accessibility section:
- Make sure I will make deployment accessible from the following location is selected
- The Location field need to be set to /home/oracle/openptk/openptk-server
- Click Next
|
|
- In the Additional configuration section
- Select the Yes ... Radio button
- Click Finish
|
|
- Click Save
- If Weblogic is in production mode, you will need to:
- Click the Activate Changes Button on the left
|
|
- Select Deployments from the left-menu
- Locate the OpenPTK-Server row in the table (may have click next)
- The State column should say Prepared
- Check the box in front of the name OpenPTK-Server
- Select the Drop-Down Menu Start
- Select the Menu Item Servicing all requests
|
|
- Select Deployments from the left-menu
- Locate the OpenPTK-Server row in the table (may have click next)
- The State column should say Active
|
|
Test
Log into the the Server User Interface ... must be a SYSTEM user.
Open browser, goto OpenPTK: http://oim11g:7001/openptk-sever
- Login using openptkserver / password
|
|
- Select the Context Tab
- Select the User-Oracle-OIMClient Context
|
|
- Select the subjects URI link
|
|
The first ten (10) users are returned from the SEARCH operation
Click on one of the Subject URI links to READ the individual entry
|
|
|