Oracle Fusion Middleware (Forms and Reports) 11G for Zamil Project
Presented By: egabi
Technical Consultant: Osama Abdel azeem
Creation Date: Friday, April 28, 2023
Last Updated: Friday, April 28, 2023
INTRODUCTION....................................................................................................................................................3ENVIRONMENT SPECIFICATION...........................................................................................................................5ORACLE IDENTITY AND ACCESS MANAGEMENT SETUP....................................................................................6
First Node Configuration..............................................................................................................................7Second Node Installation..........................................................................................................................42Verify Oracle Forms and Reports Installation........................................................................................50
MIGRATING OID...............................................................................................................................................51ORACLE FORMS AND REPORTS SETUP...........................................................................................................55
FIRST NODE CONFIGURATION......................................................................................................................55Second Node Installation..........................................................................................................................63Verify Oracle Forms and Reports Installation........................................................................................69
INTEGRATING ORACLE FORMS WITH ORACLE ACCESS MANAGER USING WEBGATE...................................70Install Oracle Webtier 11.1.1.2.................................................................................................................70Install Oracle Webtier 11.1.1.3.................................................................................................................76Configure Oracle Webtier 11g..................................................................................................................79Install Webgate 11.1.6...............................................................................................................................85Configure OAM Agent................................................................................................................................89
APPENDIX.......................................................................................................................................................94Application URLs and access information..............................................................................................94Starting and stopping Oracle services....................................................................................................95
egabi Page 2 of 95
Introduction
The Oracle Identity Management products enable you to configure and manage the identities of users, devices, and services across diverse servers, to delegate administration of these identities, and to provide end users with self-service privileges. These products also enable you to configure single sign-on across applications and to process users' credentials to ensure that only users with valid credentials can log into and access online resources.
OAM 11G In Cluster High Availability Mode
Weblogic Platform is a unified, simplified, and extensible platform for building, extending, integrating, deploying, and managing applications. Weblogic Platform includes a rich development and deployment framework for integrating valuable resources and tools into your environment: third-party application packages, custom applications, messaging systems, Web services, trading partners, and more.
This feature Provides the ability to
Reliability Recover from a system failure with no noticeable interruption in service, and to protect session state. When session state is protected, any failures that occur can be fully masked from the user and the application.
Scalability Scale up to meet demand seamlessly and dynamically.
Security Provide a single, unified security framework for all deployments—including portal applications, integration applications, and custom J2EE applications—that integrates best-of-breed security tools into a flexible, unified system.
* Oracle Access Manager 11g provides a full range of Web perimeter security functions that include Web single sign-on; authentication and authorization; policy administration; auditing, and more.
* Single sign-on (SSO) enables users, and groups of users, to access multiple applications after authentication. SSO eliminates multiple sign-on requests. Oracle Access Manager 11g is the Oracle Fusion Middleware 11g single sign-on solution. Oracle Access Manager 11g operates independently as described in this book and also operates with the Oracle Access Manager Authentication Provider .
egabi Page 3 of 95
* Oracle Access Manager 11g is a Java Platform, Enterprise Edition (Java EE)-based enterprise-level security application that provides restricted access to confidential information and centralized authentication and authorization services. All existing access technologies in the Oracle Identity Management stack converge in Oracle Access Manager 11g.
egabi Page 4 of 95
Environment Specification
The Test environment premise consists of two servers with configuration as below:
Primary Server and backup Server and Test server
Description 1ST-Node 2nd -NodeMemory 64G 64GLinux Type 64-bit 64-bitFirmware Version Red hat Linux 64bit Red hat Linux 64bit
Network Information
Description PrimaryPublic dmmziapp1.ziic.net 172.16.4.7
dmmziapp2.ziic.net 172.16.4.8
egabi Page 5 of 95
Oracle Identity and Access Management Setup
Each Server in Zamil is running on Red Hat Linux 64 bit
Oracle JRockit-jdk software Release2 (1.6.2) – 64 bit.
Oracle Weblogic Server11g software Release 1 (10.3.5.0)
Install Oracle Access Manager 11.1.1.5
Install Oracle Internet Directory 11.1.1.6
Create schemas using Repository Creation Utility
OID configuration
OAM configuration
egabi Page 6 of 95
First Node Configuration
INSTALL ORACLE JROCKIT 11G R-2
egabi Page 7 of 95
egabi Page 8 of 95
egabi Page 9 of 95
WEBLOGIC INSTALLATION
egabi Page 10 of 95
egabi Page 11 of 95
egabi Page 12 of 95
egabi Page 13 of 95
egabi Page 14 of 95
egabi Page 15 of 95
ORACLE ACCESS MANAGER INSTALLATION
egabi Page 16 of 95
egabi Page 17 of 95
egabi Page 18 of 95
egabi Page 19 of 95
ORACLE INTERNET DIRECTORY INSTALLATION
egabi Page 20 of 95
egabi Page 21 of 95
egabi Page 22 of 95
egabi Page 23 of 95
egabi Page 24 of 95
egabi Page 25 of 95
egabi Page 26 of 95
egabi Page 27 of 95
CREATE SCHEMAS USING REPOSITORY CREATION UTILITY
egabi Page 28 of 95
egabi Page 29 of 95
egabi Page 30 of 95
egabi Page 31 of 95
egabi Page 32 of 95
egabi Page 33 of 95
egabi Page 34 of 95
ORACLE ACCESS MANAGER CONFIGURATION
egabi Page 35 of 95
egabi Page 36 of 95
egabi Page 37 of 95
egabi Page 38 of 95
egabi Page 39 of 95
egabi Page 40 of 95
egabi Page 41 of 95
Second Node InstallationThese Steps are done for 1ST Node and and must performed also for 2nd Node
Oracle JRockit-jdk software Release2 (1.6.2) – 64 bit .
Oracle Weblogic Server11g software Release 1 (10.3.5.0)
Install Oracle Access Manager 11.1.1.5
INSTALL ORACLE INTERNET DIRECTORY 11.1.1.6
egabi Page 42 of 95
egabi Page 43 of 95
egabi Page 44 of 95
egabi Page 45 of 95
egabi Page 46 of 95
egabi Page 47 of 95
egabi Page 48 of 95
egabi Page 49 of 95
EXTENDING OAM DOMAIN TO SECOND NODE
We can configure OAM for second node by following the below steps :
Backup weblogic Domain from first server
MW_HOME/oracle_common/common/bin directory.
pack.sh -domain=$MW_HOME/user_projects/domains/ZiTT_Domain \ -template=/tmp/idm_domain.jar -template_name="ZiTT_Domain" -managed=true
Migrate the weblogic domain on the second server
unpack.sh -domain=$MW_HOME/user_projects/domains/ZiTT_Domain\ -template=/tmp/ZiTT_Domain.jar
Verify Oracle Forms and Reports InstallationLogin to Weblogic console server installed on new Forms middleware home to check and verify the setup of forms and reports in clustered mode.
egabi Page 50 of 95
MIGRATING OID
In this phase, we have migrated all OID entries from current production environment to the new environment. There are three tools you will need. The first is ldapsearch, and the second is ldapadd, and the third is bulkload. These are described in the Oracle Internet.
export LDAP users form the old System
ldapsearch -h zitprodapps.ziic.net -p 389 -D "cn=orcladmin" -w <orcladmin_pwd> -L -b "cn=subschemasubentry" -s base "objectclass=*" objectclasses attributetypes > objattr.ldif
This would pull all objectclasses and all attributes.
delete any non-custom objects from the resultant file before you load it into your new OID
ldapsearch -h zitprodapps.ziic.net -p 389 -D "cn=orcladmin" -w <orcladmin_pwd> -L - b "dc=ziic,dc=net" -s sub "cn=*" > users.ldif
This would pull all entries with a value for cn (presumably this describes your user entries) below dc=ziic,dc=net
The generated LDIF File should be look like the following figure:
Third ,
Using ldapadd to load the objectclasses and attributetypes, so that when you add your
egabi Page 51 of 95
users, their objects already exist
ldapadd -h dmmziapp1.ziic.net -p 3060 -D "cn=orcladmin" -w Oracle11g -f users.ldif
Finally, once these are loaded successfully, then bulkload the user entries, in the file where you have already cleaned out the system operational attributes.
Sample bulkload commands:
bulkload.sh –connect=”dmmzidbts2.ziic.net:1570/fmtest” -check users.ldif bulkload.sh -connect =”dmmzidbts2.ziic.net:1570/fmtest” -generate -load users.ldif
egabi Page 52 of 95
egabi Page 53 of 95
egabi Page 54 of 95
Oracle Forms and Reports Setup
This section describe the configuration and setup details for Oracle forms and reports 11.1.2 against Linux Redhat environment running in clustered mode with Single Sign on configuration.
FIRST NODE CONFIGURATION
We must ensure that Oracle Forms has Its own Middleware Home for High Performance TASK PREREQUISITES
INSTALL JROCKIT SOFTWARE INSTALL WEBLOGIC 11G R1 10.3.3.5
egabi Page 55 of 95
egabi Page 56 of 95
egabi Page 57 of 95
egabi Page 58 of 95
egabi Page 59 of 95
egabi Page 60 of 95
egabi Page 61 of 95
egabi Page 62 of 95
Second Node Installation
egabi Page 63 of 95
egabi Page 64 of 95
egabi Page 65 of 95
egabi Page 66 of 95
egabi Page 67 of 95
egabi Page 68 of 95
Verify Oracle Forms and Reports InstallationLogin to Weblogic console server installed on new Forms middleware home to check and verify the setup of forms and reports in clustered mode.
egabi Page 69 of 95
Integrating Oracle Forms with Oracle Access manager using Webgate
The authentication schema of forms and reports application will utilize Oracle access manager using Oracle webgate authentication module as explained in below diagram:
Install Oracle Webtier 11.1.1.2
egabi Page 70 of 95
egabi Page 71 of 95
egabi Page 72 of 95
egabi Page 73 of 95
egabi Page 74 of 95
egabi Page 75 of 95
Install Oracle Webtier 11.1.1.3
egabi Page 76 of 95
egabi Page 77 of 95
egabi Page 78 of 95
Configure Oracle Webtier 11g
Running configuration script from bin directory below Oracle_Webtier home
$config.sh
egabi Page 79 of 95
egabi Page 80 of 95
egabi Page 81 of 95
egabi Page 82 of 95
egabi Page 83 of 95
egabi Page 84 of 95
Install Webgate 11.1.6
egabi Page 85 of 95
egabi Page 86 of 95
egabi Page 87 of 95
egabi Page 88 of 95
Configure OAM Agent
To Integrate Oracle Forms with Oracle Access Manager using Webgate , we must create OAM Agent by the following Steps :
1. BY defining Webgate Instance Directory to the HTTP server which runs the Forms application "/u02/app/Oracle/FMR_Middle/asinst_1/config/OHS/ohs1/"
2. Deploy Webgate
cd /u02/app/Oracle/Middlewarre/Oracle_OAMWebGate1/webgate/ohs/tools/deployWebGate
./deployWebGateInstance.sh -w /u02/app/Oracle/FMR_Middle/asinst_1/config/OHS/ohs1/ -oh /u02/app/Oracle/Middlewarre/Oracle_OAMWebGate1
Copying files from WebGate Oracle Home to WebGate Instancedir
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/u02/app/Oracle//Middlewarre/Oracle_WT1
3. EditHttConf
cd /u02/app/Oracle/Middlewarre/Oracle_OAMWebGate1/webgate/ohs/tools/setup/InstallTools
./EditHttpConf -w /u02/app/Oracle/FMR_Middle/asinst_1/config/OHS/ohs1/ -oh /u02/app/Oracle/Middlewarre/Oracle_OAMWebGate1
The web server configuration file was successfully updated
/u02/app/Oracle/FMR_Middle/asinst_1/config/OHS/ohs1/httpd.conf has been backed up as /u02/app/Oracle/FMR_Middle/asinst_1/config/OHS/ohs1/httpd.conf.ORIG
4. Register OAM Agent
update Agent base URL in OAM11GRequest.xml to the forms server hostname and port number (9001)
cd /u02/app/Oracle/Middlewarre/Oracle_OAM/oam/server/rreg/client/rreg/bin
./oamreg.sh inband /u02/app/Oracle/Middlewarre/Oracle_OAM/oam/server/rreg/client/rreg/input/OAM11GRequest.xml
cp -Rf /u02/app/Oracle/Middlewarre/Oracle_OAM/oam/server/rreg/client/rreg/output/dmmziappt1/* /u02/app/Oracle/FMR_Middle/asinst_1/config/OHS/ohs1/webgate/config/
5. Test and verify Webgate Configuration Login to Forms Webserver URL : http://172.16.4.7:8888 -where port 8888 is the listen port of forms server-
It will redirect you to OAM but no credentials is working. Please try to create a simple HTML on the Apache directory of forms and test again
egabi Page 89 of 95
http://172.16.4.7:9001/forms/frmservlet?form=test.fmx is not redirecting to OAM,
Integrate Oacle Forms with Oracle Access Manager completed successfully and also we deployed a sample Application Form for testing
egabi Page 90 of 95
egabi Page 91 of 95
egabi Page 92 of 95
egabi Page 93 of 95
APPENDIX
Application URLs and access informationAdmin Server (default port 7001) for OAM
a) WebLogic Console - http://dmmziapp1.ziic.net:7001/consoleb) Fusion Middleware Control - http dmmziapp1.ziic.net:7001:7001/em
OAM Console Application Running on Admin Server
http://dmmziapp1.ziic.net:7001/oamconsole
OAM Instances (oam_server1,oam_server2)
a) http://dmmziapp1.ziic.net:14100/oam b) http:// dmmziapp2.ziic.net:14100/oam
OID Instances Running with default port 7005
a) http://dmmziapp1.ziic.net:7005/odsm b) http://dmmziapp2.ziic.net:7005/odsm
Admin Server for Forms&Reports with Port 7002
a) WebLogic Console - http://dmmziapp1.ziic.net:7002/console b) Fusion Middleware Control - http dmmziapp1.ziic.net:7001:7002/em
Forms&Reports instances (default port 8888)
a) http://dmmziapp1.ziic.net:9001 b)http:// dmmziapp2.ziic.net:9001 c)http:// dmmziapp1.ziic.net:9002 d) http:// dmmziapp2.ziic.net:9002
For Example :
http://172.16.4.7:8888/forms/frmservlet? http://172.16.4.7:8888/reports/rwservlet ?
egabi Page 94 of 95
Starting and stopping Oracle services
To start Weblogic server and its instances
/../…/domain/ZiTT_Domain/bin ./startWeblogic ./startManagedServer instance_name
Start instances ./opmnctl startall
Start nodemanager /../../wlserver10.3/server/bin ./startNodeManager
Stop the services:
./stopWeblogic
./stopManagedServer instance_name
Stop instances
./opmnctl stopall
Stop nodemanager
ps –ef | grep nodemanager kill -9 pid
egabi Page 95 of 95