Before you begin


Before the applications can be installed and configured, the system must be prepared and database must be installed.

You will need the following installers

Downloads

Component Location

OEL 5.7 (RHEL5.3+/6.1+, OEL5.3+/6.1+, SLES10.1+/11+, Win2K8SP1+, Win2K8R2+,Win7+, Solaris10.4+/11+)

x64 Only


JDK 1.6U30 (Sun1.6.0_29+/30+, JRockit6U29R28.2.0+, Sun1.7.0_02+)

x64 only

Java 6 - http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase6-419409.html Java 7 - http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase7-521261.html
Database 11.2.0.1 (Oracle 10.2.0.4+/11.1.0.7+/11.2.0.1+) http://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html
Weblogic 10.3.6 (Weblogic 10.3.6, 10.3.5(not with JDK7 and not supported with 11gR2 PS2 and later)) http://www.oracle.com/technetwork/middleware/ias/downloads/wls-main-097127.html
Oracle WebTier Utilities 11gR1 (11.1.1.7)
http://www.oracle.com/technetwork/java/webtier/downloads/index2-303202.html

Please use the Oracle Certification matrix before deciding upon the appropriate product version. The appropriate certification matrix are available at 
  1. System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.0.0) ( xls)
  2. System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.1.0) ( xls)
  3. System Requirements and Supported Platforms for Oracle Identity and Access Management 11g Release 2 (11.1.2.2.0) ( xls)
All the Fusion Middleware Certification matrix are maintained at http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html 

In case you have a valid Oracle Support in place, you should download the products from the edelivery (https://edelivery.oracle.com) website

Setting up Oracle Enterprise Linux

  1. Start the virtual box with OEL 57 DVD in the drive. Set the following values during initial steps 

    Name Value
    Language for Installation English
    Keyboard US English
    Disk

    Remove all partitions on selected drive and create default layout

    Network Devices/Hostname Active on boot/Uncheck Enable IP V6 support oiam11g
    Timezone Asia/Kolkata
    Root <password>
    Selected items for install Gnome Desktop Environment Base Legacy Software support X Windows System


  2. Post reboot, the configuration setup involves, this will reboot the system and reconfigure based on selections
    1. Accept License agreement
    2. Firewall (Disabled)
    3. SELinux Setting (Disabled)
    4. Date Time (Enable Network Time Protocol)
    5. Create User (OIAM Admin/oiamadmin)
  3. Enable the yum mechanism 

    # wget http://public-yum.oracle.com/public-yum-el5.repo 
    # cp public-yum-el5.repo /etc/yum.repos.d/el5.rep 


  4. In the el5.repo enable all the repositories that are for el5. 

    You can exclude kernel upgrades by adding "exclude=kernel*" in /etc/yum.conf


  5. Update installation by running "yum update".
  6. Install oracle-validated and one missing item 

    yum install oracle-validated
    yum install unixODBC-2.2.11
    /sbin/chkconfig sendmail off
    /sbin/chkconfig cups off  

Redhat Enterprise Linux (5.3) on Amazon Web Service

Since the RHEL and OEL are practically the same, we leverage the same repository to manage the setup

  1. Start an instance of RHEL 5.9 as available in AWS store. Ensure that instance is setup with small memory size to allow you to install database with basic SGA size of 756MB. Add a separate disk of about 50GB size for the OIAM installation.
  2. Once connected, add the following line in /etc/yum.conf 

    exclude=kernel*


  3. Upgrade the installation and install all the patches 

    yum update


  4. Fix the perl issue by adding the following to /etc/profile

    export LANGUAGE=en_US.UTF-8
    export LANG=en_US.UTF-8
    export LC_ALL=en_US.UTF-8


  5. Prepare the new disk attached to the instance by running the following process
    1. Initialize the disk using /sbin/fdisk /dev/sdb

      /sbin/fdisk /dev/sdb
      > n
      > p
      > 1
      > 1
      > 6527 (default)
      > w


    2. Create an ext3 file system 

      /sbin/mkfs -t ext3 /dev/sdb1


    3. Mount the new file system 

      mount /dev/sdb1 /opt/idm


    4. Add the following line to /etc/fstab for automatic mounting going forward 

      /dev/sdb1  /opt/idm      ext3    defaults        0 0


    5. Create an area for installers 

      cd /opt/idm/
      mkdir installers


  6. Configure the operating system 

    1. Disable SELinux  by setting the following line in /etc/selinux/config

       SELINUX=disabled


    2. Install wget 

      yum install wget


    3. Install oracle-validated by first installing the Oracle's PGP using for signing, then install unixODBC because there are some conflicts which are reported during installation of oracle-validated

      cd /opt/idm/installers
      wget http://public-yum.oracle.com/RPM-GPG-KEY-oracle-el5
      rpm --import ./RPM-GPG-KEY-oracle-el5
      yum install unixODBC
      yum localinstall oracle-validated-1.0.0-32.el5.x86_64.rpm


    4. Change the limits in /etc/security/limits.conf by adding the following lines 

      *   soft   nofile    131072
      *   hard   nofile    131072
      *   soft   nproc    131072
      *   hard   nproc    131072
      *   soft   core    unlimited
      *   hard   core    unlimited
      *   soft   memlock    50000000
      *   hard   memlock    50000000


    5. Reboot the server

    6. Install the UI environment 

      yum groupinstall "GNOME Desktop Environment"
      yum install vnc-server
      yum install firefox


    7. Stop and configure some of the standard services 

      chkconfig iptables off
      chkconfig cups off
      chkconfig ip6tables off
      chkconfig exim off


    8. Reboot
    9. set hostname to iam.demo.aps or appropriate hostname. Please note that this hostname will get embedded in the OIAM configuration for internal calls, so please choose it carefully.

      hostname iam.demo.aps


    10. Add the hostname to /etc/hosts 

      127.0.0.1               localhost.localdomain localhost iam.demo.aps iam


  7. Create a demo user that will be used for all login and sharing purpose. 

    1. Create the user 

      groupadd demo
      useradd -c "Demo" -d /home/demo -g demo -m -s /bin/bash demo


    2. Add the following to /etc/sudoers to allow easy setup and execution through demo user id 

      demo    ALL=(ALL)       NOPASSWD: ALL


    3. Configure vncserver for user 


      1. Run VNC server for the first time 

        sudo su - demo
        vncserver


      2. Kill the server 

        vncserver -kill :1


      3. Uncomment the lines where indicated in ~demo/.vnc/xstartup
      4. Start the VNC server again
    4. Provide access to installer directory 

      sudo chown -R demo:demo /opt/idm/installers
  8. Setup automatic environment setup during startup 
    1. Create file /etc/init.d/oim-setup 

      #!/bin/sh
      ### BEGIN INIT INFO
      # Provides:
      # Required-Start:    $remote_fs $syslog
      # Required-Stop:     $remote_fs $syslog
      # Default-Start:     3 4 5
      # Default-Stop:      0 1 2 6
      # chkconfig: 345 80 05
      # Short-Description: Setup OIM server
      # description:       Setup Operating system environment 
      # processname:       oim-setup
      ### END INIT INFO
      dir="/home/demo/Desktop"
      user="demo"
      cmd=""
      name=`basename $0`
      pid_file="/var/run/$name.pid"
      stdout_log="/var/log/$name.log"
      stderr_log="/var/log/$name.err"
      get_pid() {
          cat "$pid_file"
      }
      is_running() {
          [ -f "$pid_file" ] && ps `get_pid` > /dev/null 2>&1
      }
      case "$1" in
          start)
                  echo "Configuring environment with $name"
                  hostname iam.demo.aps
                  sudo -u demo /usr/bin/vncserver
                  # Add startup scripts for database, directory, weblogic, web server here #
              ;;
          stop)
                  echo "Cleaning up $name"
                  sudo -u demo /usr/bin/vncserver -kill :1
                  # Add shutdown scripts for web server, weblogic, directory, database here #
              ;;
          restart)
              $0 stop
              $0 start
              ;;
          status)
                  echo "Capability Not available"
              ;;
          *)
              echo "Usage: $0 {start|stop|restart|status}"
              exit 1
              ;;
      esac
      exit 0


    2. Install and enable the service for running on startup 

      sudo /sbin/chkconfig --add oim-setup
      sudo /sbin/chkconfig oiam on

Java

  1. cd /opt
  2. ./jdk-6u30-linux-x64.bin
  3. ln -sf jdk1.6.0_30/ java

Please check the certification matrix of corresponding product before deciding the java version that you are going to use.



Database

  1. Setup oracle id with oper group    "/usr/sbin/groupadd oper" and "/usr/sbin/usermod -g oinstall -G dba,oper 

    The default oracle-validate does not contain the oper group and so added this step. Not sure whether this is actually needed.


  2. Setup the installation directories as "root" 

    mkdir /opt/oracle
    chown oracle:oinstall /opt/oracle/
    chmod 755 /opt/oracle/


  3. Add the following to the .bash_profile of the oracle user 

    # Oracle Settings
    TMP=/opt/oracle/tmp; export TMP
    TMPDIR=$TMP; export TMPDIR
    #ORACLE_HOSTNAME=hostname.localdomain
    #export ORACLE_HOSTNAME
    ORACLE_BASE=/opt/oracle/db
    export ORACLE_BASE
    DB_HOME=$ORACLE_BASE/product/11.2.0/dbhome_1
    export DB_HOME
    ORACLE_HOME=$DB_HOME
    export ORACLE_HOME
    ORACLE_SID=OIMDB
    export ORACLE_SID
    ORACLE_TERM=xterm
    export ORACLE_TERM
    JAVA_HOME=/opt/java
    export JAVA_HOME
    BASE_PATH=/usr/sbin:$PATH
    export BASE_PATH
    PATH=$JAVA_HOME/bin:$ORACLE_HOME/bin:$BASE_PATH
    export PATH
    LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
    export LD_LIBRARY_PATH
    CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib
    export CLASSPATH
    if [ $USER = "oracle" ]; then
     if [ $SHELL = "/bin/ksh" ]; then
     ulimit -p 16384
     ulimit -n 65536
     else
     ulimit -u 16384 -n 65536
     fi
    fi
    
    


  4. Unzip the installers in one location and run installer 

    su - oracle cd /home/oracle/downloads
    unzip linux.x64_11gR2_database_1of2.zip
    unzip linux.x64_11gR2_database_2of2.zip
    cd database 
    ./runInstaller 


  5. Provide the following information 

    AttributeValue
    I wish to receive Security Update via My Oracle Supportunchecked
    Installation OptionInstall Database Only
    Grid OptionSingle Database
    Product LanguageEnglish
    Database EditionStandard Edition
    Oracle Base/opt/oracle/db
    Software location/opt/oracle/db/product/11.2.0/dbhome_1
    Inventory Location/opt/oracle/oraInventory
    Oracle Install group Nameoinstall
    OSDBA Groupdba
    OSOPER Groupoper


    The validation was failing for memory and swap size. Increased memory to 1.5 (min 1GB required) and created a swap file to pass the validation

    cd /opt

    mkdir swap

    cd swap

    dd if=/dev/zero of=/opt/swap/file bs=1M count=2048

    chmod 600 /opt/swap/file

    /sbin/mkswap /opt/swap/file

    /sbin/swapon /opt/swap/file 

    # Added new line in /etc/fstab file

    /opt/swap/file           swap                    swap    defaults        0 0


  6. During the installation process, installer will wait for execution of the following items "/opt/oracle/oraInventory/orainstRoot.sh" "/opt/oracle/db/product/11.2.0/dbhome_1/root.sh"

Listener Configuration

  1. login as oracle and execute the command  

    su - oracle
    $ORACLE_HOME/bin/netca


  2. Configure the following value 

    NameValue
    Listener NameLISTENER
    Select ProtocolTCP
    Standard Port1521


Database Configuration

  1. Start database configuration 

    su - oracle
    cd $ORACLE_HOME/bin
    ./dbca  


  2. Configure following values 

    NameValue
    Create a databaseChecked
    Database TemplateCustom Database
    Global Database Name/SIDOIMDB
    Management Options (Configure Enterprise Manager - checked)Configure Database control for local management
    Password for sys/system/dbsnmp/sysman<password>
    File System/Storage TypeUse Oracle Managed Files
    Fast Recovery AreaDefault Values
    Database ComponentsDefault Value, ensure all components are selected
    Initialization Parameter/Memory/SGA-PGA512MB (should be fine for demo/dev environment)
    Use Automatic Memory Managementchecked
    Initialization Parameter/Sizing/Process Parameter Value500
    Initialization Parameter/Character setUse Unicode
    National Character SetUTF-8
    Default LanguageAmerican
    Default TerritoryUnited States
    All Initialization Parameters/Show Advance Parameters/open_cursors800 (Override Default)
    java_pool_size134217728 (Override Default)
    session_cached_cursors100 (Override Default)
    SHARED_POOL_SIZE150994944 (Override Default)


    Installation takes very long time. Have patience


  3. After installation following information is provided 

    NameValue
    Log files/opt/oracle/db/cfgtoollogs/dbca/OIMDB
    Global Database Name/SIDOIMDB
    Server Parameters File/opt/oracle/db/product/11.2.0/dbhome_1/dbs/spfileOIMDB.ora
    Database Control Filehttps://oim11gr2.aps.dev:1158/em
    Management Encryption Key/opt/oracle/db/product/11.2.0/dbhome_1/oim11gr2.aps.dev_OIMDB/sysman/config/emkey.ora
    Locked AccountOUTLN, FLOWS_FILES, MDSYS,ORDDATA, ORDSYS, CTXSYS, ANONYMOUS, EXFSYS, WMSYS, XDB, APPQOSSYS,ORDPLUGINS, APEX_030200, SI_INFORMTN_SCHEMA, DIP, APEX_PUBLIC_USER, ORACLE_OCM


  4. Ensure that the following entry is configured as shown in the /etc/oratab to ensure that database can be started using dbstart utility 

    OIMDB:/opt/oracle/db/product/11.2.0/dbhome_1:Y


  5. Create the following dbstart.sh startup script in the /home/oracle 

    . ./bash_profile
    $ORACLE_HOME/bin/dbstart $ORACLE_HOME


    . ./bash_profile 
    bin/dbshut $ORACLE_HOME


Weblogic

  1. Setup a new user called oimuser and create directory for OIM Installation

    su -
    groupadd oimgroup
    useradd -c "OIM Install User" -d /home/oimuser -g oimgroup -m -s /bin/bash oimuser 
    passwd oimuser 
    cd /opt
    mkdir fmw
    chown oimuser:oimgroup fmw/
     
    # Add the following line to .bash_profile
    export JAVA_HOME=/opt/java
    export PATH=$JAVA_HOME/bin:$PATH
    
    su - oimuser 
    mkdir /opt/fmw/temp
    java -Djava.io.tmpdir=/opt/fmw/temp/ -jar wls_generic.jar         


  2. Install weblogic with following configuration 

    NameValue
    New Middleware Home/opt/fmw/Middleware
    Skip the security registeration
    Install TypeTypical
    JDKUse the installed
    Product Install (Weblogic)/opt/fmw/Middleware/wlserver_10.3
    Oracle Coherence/opt/fmw/Middleware/coherence_3.6

Oracle HTTP Server 

Oracle HTTP Server or other supported web servers are typically used to expose the Oracle Identity and Access Management Servers to end user. This allows you to develop a 3 tier infrastructure in line with standard infrastructure best practices. Please note that unless you have specific requirement to protect IAM Applications, the web server should be replaceable with standard load balancers like f5.

GCC Version Check

Ensure that the correct version of libgcc version is available
Operating SystemArchitectureGCC LibrariesRequired Library Version

Linux 32-bit

x86

libgcc_s.so.1

libstdc++.so.5

3.3.2

Linux 64-bit

x64

libgcc_s.so.1

libstdc++.so.6

3.4.6

Solaris 64-bit

SPARC

libgcc_s.so.1

libstdc++.so.5

3.3.2

 

Linux32 on i386 platform

Run the following commands and ensure that their output is always greater than 0:
cd /usr/lib strings -a libgcc_s.so.1 | grep -c "GCC_3.0" strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c "GCC_3.3" file libgcc_s.so.1 | grep "32-bit" | grep -c "80386" file libstdc++.so.5 | grep "32-bit" | grep -c "80386"  

Linux 64 on x86-64 platform

Run the following commands and ensure that their output is always greater than 0:
cd /usr/lib64 strings -a libgcc_s.so.1 | grep -c "GCC_3.0" strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c "GCC_3.3" strings -a libgcc_s.so.1 | grep -c "GCC_4.2.0" file libgcc_s.so.1 | grep "64-bit" | grep -c "x86-64" file -L libstdc++.so.6 | grep "64-bit" | grep -c "x86-64"

Solaris 64

Run the following commands and ensure that their output is always greater than 0:
strings -a libgcc_s.so.1 | grep -c "GCC_3.0"strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c "GCC_3.3"file libgcc_s.so.1 | grep "64-bit" | grep -c "SPARC"file libstdc++.so.5 | grep "64-bit" | grep -c "SPARC"

Installation

  1. Setup a new user called ohs and create directory for OHS Installation

    cd ~iamadmin/downloads
    mkdir webtier
    cd webtier
    unzip ../ofm_webtier_linux_11.1.1.6.0_64_disk1_1of1.zip
    su -
    groupadd ohs
    useradd -c "OHS User" -d /home/ohs -g ohs -m -s /bin/bash ohs 
    passwd ohs 
    cd /opt
    mkdir ohs
    chown ohs:ohs ohs/
    mkdir /opt/ohs/inventory 
    


  2. Create the file /opt/ohs/inventory/oraInst.loc with content  

    inventory_loc=/opt/ohs/inventory
    inst_group=ohs


  3. Run installation 

    su - ohs 
    cd ~demo/downloads/webtier/Disk1/
    ./runInstaller -invPtrLoc /opt/ohs/inventory/oraInst.loc


  4. Install with following settings 

    NameValue
    Skip Software Updateselect
    Install and Configureselect
    Middleware Home/opt/ohs/Middleware
    Oracle Home DirectoryOracle_WT1
    Skip Security update intimationSelect
    Configure ComponentsOracle HTTP Server [Not selected] Oracle Web Cache [Not selected] Associate Selected component with weblogic domain [ Not selected]


  5. The OHS is installed and configured at
    Location: /opt/ohs/Middleware/Oracle_WT1

Configuration

The following steps must be performed to configure the OHS to provide a single URL for all the various components that are part of the setup.


  1. Create a new instance of OHS web instance
    1. Start the configuration process 

      cd /opt/idm/web/Middleware/Oracle_WT1/bin
      ./config.sh


    2. Configure Components

      NameValue
      Oracle HTTP ServerChecked
      Oracle Web Cacheunchecked
      Associate selected component with weblogic domainunchecked


    3. Specify Component Details

      NameValue
      Instance Home Location/opt/idm/web/server/oam
      Instance NameoamWeb
      OHS component nameoamWeb


    4. Configure Ports : Select Auto Port Configuration
    5. In next step, which is "Specify security update", uncheck the check box to receive security update and click next
    6. Configuration process will start
    7. After the process is complete the server is running.
  2. Stop the server to change the configuration 

    cd /opt/idm/web/server/oam/bin
    ./opmnctl stopall


  3. Make the following changes to /opt/idm/web/server/oam/config/OHS/oamWeb/httpd.conf 

    1. Change the listening port to 80 

      Listen 80


      Please note that in order to run the OHS on port 80, you need to do the following

      cd /opt/idm/web/Middleware/Oracle_WT1/ohs/bin

      sudo chown root .apachectl 

      sudo chmod 6750 .apachectl

      After making the above change, the server can be started on port 80 and 443


    2. Replace the old section with this 

      <IfModule mpm_worker_module>
        ServerLimit 20
        StartServers 2
        MaxClients 1000
        MinSpareThreads 200
        MaxSpareThreads 800
        ThreadsPerChild 50
        MaxRequestsPerChild 10000
        AcceptMutex fcntl
        LockFile "${ORACLE_INSTANCE}/diagnostics/logs/${COMPONENT_TYPE}/${COMPONENT_NAME}/http_lock"
      </IfModule>


  4. Make the following change in /opt/idm/web/server/oam/config/OHS/oamWeb/ssl.conf 

    Listen 443
     
    <VirtualHost *:443>


  5. In order to allow the OHS to connect to OIAM specific weblogic servers over SSL, ensure that the wallet has been created.

    cd /opt/idm/web/server/certs
    /opt/idm/fmw/Middleware/oracle_common/bin/orapki wallet create -wallet ./default -pwd <password>
    /opt/idm/fmw/Middleware/oracle_common/bin/orapki wallet add -wallet ./default/ -trusted_cert -cert ./opam-cert.pem
    /opt/idm/fmw/Middleware/oracle_common/bin/orapki wallet create -wallet ./default -auto_login
    /opt/idm/fmw/Middleware/oracle_common/bin/orapki wallet display -wallet ./default

    Please note that opam-cert.pem is the certificate for the server in the following format 

    -----BEGIN CERTIFICATE-----
    MIIB7TCCAZcCEHmpqyVWgLECwqcjDmTr+gEwDQYJKoZIhvcNAQEEBQAweTELMAkG
    A1UEBhMCVVMxEDAOBgNVBAgTB015U3RhdGUxDzANBgNVBAcTBk15VG93bjEXMBUG
    A1UEChMOTXlPcmdhbml6YXRpb24xGTAXBgNVBAsTEEZPUiBURVNUSU5HIE9OTFkx
    EzARBgNVBAMTCkNlcnRHZW5DQUIwHhcNMTQwMjA4MDM1NjA3WhcNMjkwMjA5MDM1
    NjA3WjB7MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTXlTdGF0ZTEPMA0GA1UEBwwG
    TXlUb3duMRcwFQYDVQQKDA5NeU9yZ2FuaXphdGlvbjEZMBcGA1UECwwQRk9SIFRF
    U1RJTkcgT05MWTEVMBMGA1UEAwwMaWFtLmRlbW8uYXBzMFwwDQYJKoZIhvcNAQEB
    BQADSwAwSAJBAMHXWo2dqBy1RAHeG34w4YZvaFWEIa5kuV3yZJeyPzXnfZArFEw0
    dQbPXiN5cuHglVamDr8jHMw3EQ9yFoGUpeMCAwEAATANBgkqhkiG9w0BAQQFAANB
    AKXsizXZQJbtHp7ZaZbA9xkBFOgGZpnddt2gprWQFaQWKI4Yp7CPi3WDzktdF2hq
    WRw/5beDSLO4GsNLw9CFlSE=
    -----END CERTIFICATE-----


  6. The following values must be defined in the mod_wl_ohs.conf to support all the Identity and Access Management components 

    ###################################
    ## General Domain Configuration
    ###################################
       # Admin Server and EM
       <Location /console>
          SetHandler weblogic-handler
          WebLogicHost iam.demo.aps
          WebLogicPort 7001
       </Location>
       <Location /consolehelp>
          SetHandler weblogic-handler
          WebLogicHost iam.demo.aps
          WebLogicPort 7001
       </Location>
       <Location /em>
          SetHandler weblogic-handler
          WebLogicHost iam.demo.aps
          WebLogicPort 7001
       </Location>
    ###################################################
    ## Entries Required by Oracle Entitlements Server 
    ###################################################
       # APM
       <Location /apm>
          SetHandler weblogic-handler
          WebLogicHost iam.demo.aps
          WebLogicPort 7001
       </Location>
    ##################################################
    ## Entries Required by Oracle Unified Directory
    ##################################################
       # OUD ODSM
       <Location /odsm>
          SetHandler weblogic-handler
          WebLogicHost iam.demo.aps
          WebLogicPort 7001
       </Location>
    ##############################################
    ## Entries Required by Oracle Access Manager
    ##############################################
       # OAM Console
       <Location /oamconsole>
          SetHandler weblogic-handler
          WebLogicHost iam.demo.aps
          WebLogicPort 7001
       </Location>
    ################################################
    ## Entries Required by Oracle Identity Manager
    ################################################
       # OIM self and advanced admin webapp consoles(canonic webapp)
       <Location /oim>
         SetHandler weblogic-handler
         WLCookieName    oimjsessionid
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
        </Location>
       # OIM, xlWebApp - Legacy 9.x webapp (struts based)
       <Location /xlWebApp>
         SetHandler weblogic-handler
         WLCookieName    oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM self service console
       <Location /identity>
         SetHandler weblogic-handler
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM Nexaweb WebApp - used for workflow designer and DM
       <Location /Nexaweb>
         SetHandler weblogic-handler
         WLCookieName    oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       <Location /sysadmin>
       SetHandler weblogic-handler
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
    
       # OAM Configuration
       <Location /oam>
          SetHandler weblogic-handler
          WLProxySSL ON
          WLProxySSLPassThrough ON
          WLCookieName OAM_JSESSIONID
         WebLogicHost iam.demo.aps
         WebLogicPort 14100
       </Location>
       <Location /oamsso>
          SetHandler weblogic-handler
          WLProxySSL ON
          WLProxySSLPassThrough ON
          WLCookieName OAM_JSESSIONID
         WebLogicHost iam.demo.aps
         WebLogicPort 14100
       </Location>
       # Required if using Oracle Identity Federation
       <Location /oamfed>
          SetHandler weblogic-handler
          WLProxySSL ON
          WLProxySSLPassThrough ON
          WLCookieName OAM_JSESSIONID
         WebLogicHost iam.demo.aps
         WebLogicPort 14100
      </Location>
       # Required if using Oracle Identity Federation
       <Location /sts>
          SetHandler weblogic-handler
          WLProxySSL ON
          WLProxySSLPassThrough ON
          WLCookieName OAM_JSESSIONID
         WebLogicHost iam.demo.aps
         WebLogicPort 14100
       </Location>
    ##################################################
    ## Entries Required by Oracle Identity Manager
    ##################################################
       # OIM, xlWebApp - Legacy 9.x webapp (struts based)
       <Location /xlWebApp>
         SetHandler weblogic-handler
         WLProxySSL ON
         WLProxySSLPassThrough ON
         WLCookieName    oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM self service console
       <Location /identity>
         SetHandler weblogic-handler
         WLProxySSL ON
         WLProxySSLPassThrough ON
        WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
    #################################################
    ## Entries Required by Oracle Identity Manager 
    #################################################
       # Provide the OIM Managed Server Port
       <Location /workflowservice>
         SetHandler weblogic-handler
         WLCookieName    oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM, SOA Infra
       <Location /soa-infra>
         SetHandler weblogic-handler
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 8001
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM, Used for provisioning-callback.
       <Location /provisioning-callback>
         SetHandler weblogic-handler
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM, SOA Callback webservice for SOD - Provide the SOA Managed Server Ports
       <Location /sodcheck>
         SetHandler weblogic-handler
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 8001
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM, SOA Callback
       <Location /integration>
         SetHandler weblogic-handler
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 8001
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM, spml xsd profile
       <Location /spml-xsd>
         SetHandler weblogic-handler
          WLCookieName    oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
       # OIM, spml dsml profile
       <Location /spmlws>
         SetHandler weblogic-handler
         PathTrim /weblogic
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
         
       # OIM, role-sod profile 
       <Location /role-sod>
         SetHandler weblogic-handler
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
         
       # OIM, used for Callback service.
       <Location /callbackResponseService>
         SetHandler weblogic-handler
         WLCookieName    oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
         
       # OIM, UMS Email Support
       <Location /ucs>
         SetHandler weblogic-handler
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 8001
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
         
       <Location /reqsvc>
         SetHandler weblogic-handler
         WLCookieName oimjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14000
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oim_component.log"
       </Location>
         
         
    ################################
    #   OAAM Configuration        ##
    ################################
       
       <Location /oaam_admin>
          SetHandler weblogic-handler
         WLCookieName oaamjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14200
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oaam_component.log"
       </Location>
       <Location /oaam_offline>
         SetHandler weblogic-handler
         WLCookieName oaamjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14400
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oaam_component.log"
       </Location>
       <Location /oaam_server>
         SetHandler weblogic-handler
         WLCookieName oaamjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 14300
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/oaam_component.log"
       </Location>
    ###############################
    #    OPAM Configuration      ##
    ###############################
       <Location /oinav>
         SetHandler weblogic-handler
         WLCookieName opamjsessionid
         WebLogicHost iam.demo.aps
         WebLogicPort 18101
         WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/opam_component.log"
       </Location>
       #<Location /opam>
       #  SetHandler weblogic-handler
       #  WLCookieName opamjsessionid
       #  WebLogicHost iam.demo.aps
       #  WebLogicPort 18102
       #  WLLogFile "${ORACLE_INSTANCE}/diagnostics/logs/OHS/opam_component.log"
       #  SecureProxy On
       #  WlSSLWallet "/opt/idm/web/server/certs/default"
       #	</Location>


  7. Enable the configuration to prevent http redirect in case of https
    1. Access the WebLogic Server console
    2. Click on 'Servers' → '<SSL_Managed_Server>' → 'General' → 'Advanced'
    3. Check the 'WebLogic Plug-In Enabled' box.
    4. Click 'Save'
    5. Restart the Managed Server.

Disqus for Google Sites