Oracle® Application Server Administrator's Guide
10g Release 2 (10.1.2) B13995-06 |
|
Previous |
Next |
When you installed Oracle Application Server, you chose an installation type and the components you wanted to configure. For J2EE and Web Cache installations, you could choose if you wanted to use Infrastructure Services. After installation, you may want to add or delete components, or even change the installation type. Or, you may want to start using Infrastructure Services with your J2EE and Web Cache installation. This chapter describes how to make these types of changes.
It contains the following topics:
If you have disabled anonymous binds in Oracle Internet Directory, you must enable them before you make configuration changes. See Section 7.6, "Disabling and Enabling Anonymous Binds" for more information.
There are three types of middle-tier installations. The types are ordered in that each contains all of the components in the previous installation type, plus additional components. The installation types, in order from lowest to highest, are:
J2EE and Web Cache
Portal and Wireless (includes all components in J2EE and Web Cache)
Business Intelligence and Forms (includes all components in J2EE and Web Cache, Portal and Wireless)
When you installed Oracle Application Server, you chose an installation type based on the components you required at the time. You may decide later that you want to use additional components that are available in a higher installation type. For example, you may have installed a J2EE and Web Cache, and then decide later that you want to use OracleAS Portal.
To accomplish this, you can expand your application server installation by installing a higher installation type in the same Oracle home using Oracle Universal Installer. Options for expanding a middle-tier installation are shown in Table 7-1.
Table 7-1 Options for Expanding a Middle-Tier Installation
You can expand this type of installation: | To this type of installation: | Result: |
---|---|---|
J2EE and Web Cache |
Portal and Wireless |
You are given the option of configuring Portal and Wireless. |
Portal and Wireless |
Business Intelligence and Forms |
You are given the option of configuring Discoverer, Forms, Reports, and Personalization. |
When you expand an installation:
All of your current configured components are maintained.
The disk files for the additional components in the higher installation type are installed in your Oracle home.
You are given the option of configuring any of the additional components in the higher installation type.
Note the following:
You must configure OracleAS Web Cache before you expand a J2EE and Web Cache instance. If you did not configure OracleAS Web Cache during installation, see Section 7.2.1, "Configuring OracleAS Web Cache After Installation" for instructions.
You cannot reduce an installation by installing a lower installation type in the same Oracle home. For example, you cannot install a J2EE and Web Cache installation in an Oracle home that contains a Portal and Wireless installation. If you want to exclude certain components from your installation, you can disable them. See Section 3.4, "Enabling and Disabling Components" for more information.
You can only expand middle-tier installations; you cannot expand an Infrastructure installation.
See Also: Oracle Application Server Installation Guide for complete instructions on expanding a middle-tier installation |
When you installed Oracle Application Server, you were allowed to select the components you wanted to configure. You may decide later you want to configure one of the components you did not select during installation. For example, if you installed J2EE and Web Cache and did not choose to configure OracleAS Web Cache, you can configure OracleAS Web Cache after installation.
You can configure components after installation using the Select Component page in the Application Server Control Console. From the Home page, click Configure Component. The Select Component page is displayed, as shown in Figure 7-1.
Figure 7-1 Configuring Components with Application Server Control Console
Table 7-2 lists which components can be configured after installation and provides pointers to instructions for using Application Server Control Console to configure and verify each component.
Table 7-2 Components That Can Be Configured After Installation
To configure this component: | In these Installation types: | For instructions, refer to: |
---|---|---|
Web Cache |
J2EE and Web Cache |
|
Portal |
Portal and Wireless Business Intelligence and Forms |
|
Wireless |
Portal and Wireless Business Intelligence and Forms |
|
Discoverer |
Business Intelligence and Forms |
|
Forms |
Business Intelligence and Forms |
|
Reports Services |
Business Intelligence and Forms |
|
Personalization |
Business Intelligence and Forms |
|
Single Sign-On |
Infrastructure |
|
Delegated Administration Service |
Infrastructure |
|
Directory Integration and Provisioning |
Infrastructure |
|
This section describes how to configure OracleAS Web Cache after installation.
During installation, port numbers were reserved for OracleAS Web Cache services. You can find the port numbers in the following file:
(UNIX) ORACLE_HOME/install/portlist.ini (Windows) ORACLE_HOME\install\portlist.ini
The port numbers are listed as:
Web Cache HTTP Listen port = port_number Web Cache HTTP Listen (SSL) port = port_number Web Cache Administration port = port_number Web Cache Invalidation port = port_number Web Cache Statistics port = port_number
These port numbers will be used when you configure OracleAS Web Cache. If you want to use different port numbers, you can change them after you configure OracleAS Web Cache.
To configure OracleAS Web Cache, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Web Cache.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Web Cache from the menu. Click Continue.
On the Login page, in the Administration Password field, enter the ias_admin
password. Click Finish.
When the configuration is finished, take the following steps:
In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
Verify that Web Cache is listed in the System Components section. It will have a status of Down. Select the check box next to Web Cache and click Start.
When the operation completes, verify that Web Cache shows a status of Up. Then, click Web Cache and verify that the Web Cache Home page is displayed.
On the Web Cache Home page, click Administration to set up OracleAS Web Cache.
See Also: Oracle Application Server Web Cache Administrator's Guide for basic setup and configuration tasks |
This section describes how to configure OracleAS Portal after installation.
Note that you must configure OracleAS Web Cache before you expand a J2EE and Web Cache instance. If you did not configure OracleAS Web Cache during installation, see Section 7.2.1 for instructions. If you expand the instance before configuring OracleAS Web Cache, see Section 7.2.2.4.
Before you configure OracleAS Portal, make sure that the sqlnet.ora
file contains the following line, and that LDAP is listed in the line:
NAMES.DIRECTORY_PATH= (TNSNAMES, LDAP, ONAMES, HOSTNAME)
The sqlnet.ora file is located in the following directory:
(UNIX) Oracle_Home/network/admin (Windows) Oracle_Home\network\admin
To configure OracleAS Portal, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Portal.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Portal from the menu. Click Continue.
On the Login page, in the Administration Password field, enter the ias_admin
password. Click Finish.
When the configuration is finished, take the following steps:
In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
Verify that OC4J_Portal and Portal:portal are listed in the System Components section.
Restart Oracle HTTP Server and start OC4J_Portal:
In the System Components table, select HTTP_Server, and click Restart.
Select OC4J_Portal, and then click Start.
The home OC4J instance will be Down after configuring OracleAS Portal through Application Server Control Console. If you wish to start this service, click the home component in the System Components section, then click Start.
Verify that OC4J_Portal and Portal:portal both have a status of Up:
Click OC4J_Portal and verify that the OC4J_Portal page is displayed.
Click Portal:portal and verify that the Portal page is displayed.
Initially, the Portal:portal status may be displayed as Down. This is normal. The status should be updated approximately five minutes after configuration.
If this is the first instance of OracleAS Portal to use this OracleAS Metadata Repository, run the following command in the middle-tier Oracle home (make sure the ORACLE_HOME environment variable is set before you run this command):
On UNIX:
ORACLE_HOME/portal/conf/ptlconfig -dad portal [-pw PORTAL_schema_password]
On Windows:
ORACLE_HOME\portal\conf\ptlconfig -dad portal [-pw PORTAL_schema_password]
This script writes OracleAS Portal configuration entries into the OracleAS Metadata Repository. Do not run this script if there are other OracleAS Portal instances using the OracleAS Metadata Repository, because this script will overwrite any existing OracleAS Portal configuration entries in the OracleAS Metadata Repository.
Note: The PORTAL schema password is stored in the Oracle Internet Directory and the entry may be viewed by an administrator using theoidadmin utility with the following path under Entry Management:
OrclResourceName=PORTAL,orclReferenceName=iasdb.myhost.mycompany.com, cn=IAS Infrastructure Databases,cn=IAS,cn=Products,cn=OracleContext
|
Verify that you can access OracleAS Portal at the following URL:
http://hostname.domain:port/pls/portal
In the URL, hostname.domain
is the OracleAS Portal host and port
is the OracleAS Web Cache HTTP Listen port for the OracleAS Portal instance. For example:
http://myhost.mycompany:7777/pls/portal
You can log in to OracleAS Portal as the user portal
.
If this is the first OracleAS Portal instance to use the OracleAS Metadata Repository, the password is the original ias_admin
password you supplied for this middle tier during installation. The original ias_admin
password is required, even if you changed the ias_admin
password after installation.
If this is not the first OracleAS Portal instance to use the OracleAS Metadata Repository, the password is either:
The original ias_admin
password for the first middle tier associated with the OracleAS Metadata Repository
The current portal
password, if the administrator changed the portal
user password after the first OracleAS Portal instance was installed
See Also: Oracle Application Server Portal Configuration Guide for more information on configuring OracleAS Portal |
Note: When OracleAS Portal is configured using Oracle Enterprise Manager, the Oracle Ultra Search instance is not configured automatically and therefore the Ultra Search Administration link in OracleAS Portal will not work. For instructions on how to create an Oracle Ultra Search instance, see Oracle Ultra Search Administrator's Guide. |
If you expanded the instance before you configured OracleAS Web Cache, you must take the following steps to correct the situation:
Configure OracleAS Web Cache, as described in Section 7.2.1.
Edit iasconfig.xml
and change the port that OracleAS Portal is listening on to match that of OracleAS Web Cache. The file is located in:
(UNIX) ORACLE_HOME/portal/conf] (Windows) ORACLE_HOME\portal\conf ]
Run the following command to make Oracle Application Server aware of the change:
On UNIX:
ORACLE_HOME/portal/conf/ptlconfig update ptlconfig -dad portal [-pw PORTAL_schema_password]
On Windows:
ORACLE_HOME\portal\conf\ptlconfig update ptlconfig -dad portal [-pw PORTAL_schema_password]
This section describes how to configure OracleAS Wireless after installation.
To configure OracleAS Wireless, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Wireless.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Wireless. Click Continue.
On the Login page:
User Name: Enter cn=orcladmin
, or the distinguished name of a user in the iASAdmins
group.
Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.
When the configuration is finished, take the following steps:
In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
Verify that OC4J_Wireless and Wireless are listed in the System Components section. OC4J_Wireless and Wireless will have a status of Down. Select the check boxes next to OC4J_Wireless and Wireless, and click Start.
When the operation completes, verify that OC4J_Wireless and Wireless have a status of Up. Click OC4J_Wireless and verify that the OC4J_Wireless page is displayed. Click Wireless and verify that the Wireless page is displayed.
Select the check boxes next to HTTP_Server and Web Cache, and click Restart.
Verify that you can access OracleAS Wireless at the following URL:
http://hostname.domain:port/webtool/login.uix
In the URL, hostname.domain
is the OracleAS Wireless host and port
is the OracleAS Web Cache HTTP listen port number for the instance.
You can log in as the user orcladmin
with the orcladmin
password.
See Also: Oracle Application Server Wireless Administrator's Guide for more information on configuring OracleAS Wireless |
This section describes how to configure OracleBI Discoverer after installation.
To configure OracleBI Discoverer, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleBI Discoverer.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Discoverer. Click Continue.
On the Login page, in the Administration Password field, enter the ias_admin
password. Click Finish.
When the configuration is finished, take the following steps:
In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_BI_Forms instance before, you will have one now. The OC4J_BI_Forms instance will have a status of Down. You will also have a Discoverer instance with a status of Down. Select the check boxes next to OC4J_BI_Forms and Discoverer, and click Start.
When the operation completes, verify that OC4J_BI_Forms and Discoverer have a status of Up. Click OC4J_BI_Forms and verify that the OC4J_BI_Forms page is displayed. Click Discoverer and verify that the Discoverer page is displayed.
Select the check box next to HTTP_Server, and click Restart.
Check that OracleBI Discoverer services are started.
For all of these URLs, hostname.domain
is the host on which Discoverer is installed and port
is the Web Cache HTTP listen port number.
Discoverer Viewer:
http://hostname.domain:port/discoverer/viewer
Discoverer Plus:
http://hostname.domain:port/discoverer/plus
Discoverer Portlet Provider:
http://hostname.domain:port/discoverer/portletprovider
See Also: Oracle Business Intelligence Discoverer Configuration Guide for additional steps for configuring OracleBI Discoverer, including installing OracleBI Discoverer workbooks and End User Layer (EUL) into each database that contains data to be analyzed |
This section describes how to configure OracleAS Forms Services after installation.
To configure OracleAS Forms Services, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Forms Services.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Forms. Click Continue.
On the Login page:
User Name: Enter cn=orcladmin
, or the distinguished name of a user in the iASAdmins
group.
Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.
When the configuration is finished, take the following steps:
In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_BI_Forms instance before, you will have one now. The OC4J_BI_Forms instance will have a status of Down. You will also have a Forms instance with a status of Down. Select the check box next to OC4J_BI_Forms and click Start.
When the operation completes, verify that OC4J_BI_Forms and Forms have a status of Up. Click OC4J_BI_Forms and verify that the OC4J_BI_Forms page is displayed. Click Forms and verify that the Forms page is displayed.
Verify that you can access OracleAS Forms Services at the following URL:
http://hostname.domain:port/forms/frmservlet
In the URL, hostname.domain
is the OracleAS Forms Services host and port
is the OracleAS Web Cache HTTP listen port number.
If you do not have Oracle JInitiator installed on your system, you are prompted to install and run it. Click Yes, then follow the directions in the wizard.
When the page is displayed, try to access the links on this page to verify that the Forms servlet is available.
Refer to the OracleAS Forms Services online help for more information on configuring OracleAS Forms Services. Specifically, note that if you want to manage OracleAS Forms Services runtime processes through the Application Server Control Console, the entry em_mode
in the default section of the Forms Web Configuration must be set to the value 1
(the default is 0
). Also, to view OracleAS Forms Services trace output, the entry for allow_debug
in that section should be set to true
.
This section describes how to configure OracleAS Reports Services after installation.
During installation, port numbers were reserved for OracleAS Reports Services. You can find the port numbers in the following file:
(UNIX) ORACLE_HOME/install/portlist.ini (Windows) ORACLE_HOME\install\portlist.ini
The port numbers are listed as:
Reports Services bridge port = 14011 Reports Services discoveryService port = 14021
These port numbers will be used when you configure OracleAS Reports Services. If you want to use different port numbers, you can change them after you configure OracleAS Reports Services.
To configure OracleAS Reports Services, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the instance in which you want to configure OracleAS Reports Services.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Reports Server. Click Continue.
On the Login page:
User Name: Enter cn=orcladmin
, or the distinguished name of a user in the iASAdmins
group.
Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.
When the configuration is finished, take the following steps:
In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_BI_Forms instance before, you will have one now and it will have a status of Down. You will also have a Reports Server:rep_server instance with a status of Down. Select the check boxes next to OC4J_BI_Forms and Reports Server: rep_server and click Start.
When the operation completes, verify that OC4J_BI_Forms and Reports Server: rep_server have a status of Up. Click OC4J_BI_Forms and verify that the OC4J_BI_Forms page is displayed. Click Reports Server: rep_server and verify that the Reports page is displayed.
Specify your outgoing mail server.
Edit the following file:
On UNIX systems:
ORACLE_HOME/reports/conf/rep_server_name.conf
On Windows systems:
ORACLE_HOME\reports\conf\rep_server_name.conf
Uncomment the pluginParam name="mailServer"
element and update it with the outgoing mail server name. For example, change the following line:
<!--pluginParam name="mailServer">%MAILSERVER_NAME%</pluginParam-->
To:
<pluginParam name="mailServer">smtpserver.myco.com</pluginParam>
Save and close the file.
Verify that OracleAS Reports Services is started, by using the following URL:
http://hostname.domain:port/reports/rwservlet/getserverinfo
In the URL, hostname.domain
is the OracleAS Reports Services host and port
is the OracleAS Web Cache HTTP listen port number.
You can log in as orcladmin
with the orcladmin
password.
See Also: Oracle Application Server Reports Services Publishing Reports to the Web for more information on configuring and using Reports |
To configure OracleAS Personalization. run the OracleAS Personalization Schema Creation Wizard, which creates the required schemas in the Oracle database.
This section describes how to configure OracleAS Single Sign-On after installation.
To configure OracleAS Single Sign-On, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the Infrastructure instance in which you want to configure OracleAS Single Sign-On.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Single Sign-On Server. Click Continue.
On the Login page:
User Name: Enter cn=orcladmin
, or the distinguished name of a user in the iASAdmins
group.
Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.
When the configuration is finished, take the following steps:
In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_SECURITY instance before, you will have one now. The OC4J_SECURITY instance will have a status of Down. You will also have a Single Sign-On:orasso instance with a status of Down. Select the check box next to OC4J_SECURITY and click Start.
Note: You cannot start the Single Sign-On:orasso instance. This feature is started and stopped when you start and stop HTTP_Server and OC4J_SECURITY.
When the operation completes, verify that OC4J_SECURITY has a status of Up.
Note: The Single Sign-On:orasso status may be displayed as Down. This is normal. The status should be updated approximately five minutes after configuration.
Select HTTP_Server and click Restart.
Verify that you can access OracleAS Single Sign-On at the following URL:
http://hostname.domain:port/pls/orasso
In the URL, hostname.domain
is the host on which OracleAS Single Sign-On is installed and port
is the Infrastructure HTTP Server port.
You can log in as orcladmin
with the orcladmin
password.
See Also: Oracle Application Server Single Sign-On Administrator's Guide for more information on configuring OracleAS Single Sign-On |
This section describes how to configure Oracle Delegated Administration Services after installation.
When you configure Oracle Delegated Administration Services after installation, you will see the following results:
The URL for Oracle Delegated Administration Services is set up.
The appropriate privileges are created.
Oracle Delegated Administration Services are deployed in the OC4J_SECURITY instance.
Before you configure Oracle Delegated Administration Services, you must make sure mod_osso
is configured, as follows:
Check if mod_osso
is configured in the Oracle home where you want to configure Oracle Delegated Administration Services. Examine the following file:
On UNIX systems:
ORACLE_HOME/Apache/Apache/conf/httpd.conf
Look for the following line in the file:
include "ORACLE_HOME/Apache/Apache/conf/mod_osso.conf"
On Windows systems:
ORACLE_HOME\Apache\Apache\conf\httpd.conf
Look for the following line in the file:
include "ORACLE_HOME\Apache\Apache\conf\mod_osso.conf"
ORACLE_HOME refers to the directory where you want to configure Oracle Delegated Administration Services.
If the line starts with #
, then it is commented out and mod_osso
is not configured in this installation. Perform step 2 to configure mod_osso
.
If the line is not commented out, mod_osso
is already configured. You can proceed and configure Oracle Delegated Administration Services using Application Server Control, as described in Section 7.2.9.3, "Configuring Delegated Administration Service".
To configure mod_osso
manually, perform these steps:
Set the ORACLE_HOME environment variable to the full path of the directory where you want to configure Oracle Delegated Administration Services.
On UNIX systems, set the LD_LIBRARY_PATH, LD_LIBRARY_PATH_64, LIB_PATH, or SHLIB_PATH environment variables to the proper values, as shown in Table 1-1. The actual environment variables and values that you have to set depend on the type of your UNIX operating system.
On Windows systems, set the PATH environment variable to contain %ORACLE_HOME%\lib
.
Run the following command (all on one line). Note: for the -classpath
parameter, do not type any space characters after the colon (:) and semicolon (;) characters, as indicated by <no spaces>
.
On UNIX:
$ORACLE_HOME/jdk/bin/java -classpath .:$ORACLE_HOME/sso/lib/ossoreg.jar:<no spaces> $ORACLE_HOME/jlib/ojmisc.jar:<no spaces> $ORACLE_HOME/jlib/repository.jar:<no spaces> $ORACLE_HOME/j2ee/home/jazn.jar:$ORACLE_HOME/jdk/lib/dt.jar:<no spaces> $ORACLE_HOME/jdk/lib/tools.jar:$ORACLE_HOME/jlib/infratool.jar oracle.ias.configtool.UseInfrastructure i -f $ORACLE_HOME/config/infratool_mod_osso.properties -h OIDhost -p OIDport -u OIDadminName -w OIDclearTextPassword -o ORACLE_HOME -m ASinstanceName -infra infraGlobalDBName -mh host -sso true -sslp sslPort -sslf false
On Windows:
%ORACLE_HOME%\jdk\bin\java -classpath .;%ORACLE_HOME%\sso\lib\ossoreg.jar;<no spaces> %ORACLE_HOME%\jlib\ojmisc.jar;<no spaces> %ORACLE_HOME%\jlib\repository.jar;<no spaces> %ORACLE_HOME%\j2ee\home\jazn.jar;<no spaces> %ORACLE_HOME%\jdk\lib\dt.jar;<no spaces> %ORACLE_HOME%\jdk\lib\tools.jar;%ORACLE_HOME%\jlib\infratool.jar oracle.ias.configtool.UseInfrastructure i -f %ORACLE_HOME%\config\infratool_mod_osso.properties -h OIDhost -p OIDport -u OIDadminName -w OIDclearTextPassword -o ORACLE_HOME -m ASinstanceName -infra infraGlobalDBName -mh host -sso true -sslp sslPort -sslf false
Table 7-3 describes the parameters that require values.
Table 7-3 Parameters for Configuring mod_osso
Parameter | DescriptionFoot 1 |
---|---|
|
Specifies the name of the computer where Oracle Internet Directory is running. You can determine this value from the |
Specifies the port number on which Oracle Internet Directory is listening. You can determine this value from the |
|
|
Specifies the login name for Oracle Internet Directory. Use the superuser: |
|
Specifies the password for the Oracle Internet Directory user. |
|
Specifies the full path to the directory where you installed OracleAS Infrastructure 10g. |
|
Specifies the name of the OracleAS Infrastructure 10g instance where you want to configure mod_osso. You can determine this value from the |
|
Specifies the name of the OracleAS Metadata Repository database. You can determine this value from the |
|
Specifies the full hostname (including the domain name) of the computer where you want to configure Oracle Delegated Administration Services. |
Specifies the SSL port for Oracle Internet Directory. You can determine this value from the |
If you needed to perform the previous step, restart OC4J and Oracle HTTP Server, using the opmnctl
command:
On UNIX systems:
ORACLE_HOME/opmn/bin/opmnctl restartproc ias-component=OC4J ORACLE_HOME/opmn/bin/opmnctl restartproc ias-component=HTTP_Server
On Windows systems:
ORACLE_HOME\opmn\bin\opmnctl restartproc ias-component=OC4J ORACLE_HOME\opmn\bin\opmnctl restartproc ias-component=HTTP_Server
To configure Oracle Delegated Administration Services, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the Infrastructure instance in which you want to configure Oracle Delegated Administration Services.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Delegated Administration Service. Click Continue.
On the Login page:
User Name: Enter cn=orcladmin
.
Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.
When the configuration is finished, take the following steps:
In the Application Server Control Console Confirmation page, click OK. The Application Server Home page appears.
If you did not have an OC4J_SECURITY instance before, you will have one now. The OC4J_SECURITY instance will have a status of Down. Select the check box next to OC4J_SECURITY and click Start.
Select HTTP_Server and click Restart. Stop and restart all components, using the opmnctl
command:
On UNIX systems:
ORACLE_HOME/opmn/bin/opmnctl stopall ORACLE_HOME/opmn/bin/opmnctl startall
On Windows systems:
ORACLE_HOME\opmn\bin\opmnctl stopall ORACLE_HOME\opmn\bin\opmnctl startall
Verify that Oracle Delegated Administration Services is started by navigating to the following URL:
http://hostname.domain:port/oiddas
In the URL, hostname.domain
is the host on which Oracle Delegated Administration Services is installed and port
is the Infrastructure HTTP Server port.
See Also: Oracle Internet Directory Administrator's Guide for more information on configuring Oracle Delegated Administration Services |
To configure Directory Integration and Provisioning after installation, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the Infrastructure instance in which you want to configure Directory Integration and Provisioning.
On the Application Server Home page, in the System Components section, click Configure Component.
On the Select Component page, select Directory Integration and Provisioning. Click Continue.
On the Login page:
User Name: Enter cn=orcladmin
.
Password: Enter the password for the user.
The SSL Only check box is grayed out because you cannot change this feature in this operation.
Click Finish.
When the configuration is finished, click OK. The Application Server Home page appears.
See Also: Oracle Internet Directory Administrator's Guide for more information on configuring Directory Integration and Provisioning |
You can configure components at the following times:
During installation, by selecting the component on the Select Configuration Options screen on Oracle Universal Installer
After installation, using the Configure Component page of the Application Server Control Console
When expanding an installation, by selecting the component on the Select Configuration Options screen in Oracle Universal Installer
After you have configured a component, you cannot deconfigure it. An alternative is to disable the component, which prevents it from starting when you start your application server instance. It also removes the component from the System Components list in the Application Server Control Console, and from the opmnctl status
output. Section 3.4, "Enabling and Disabling Components" describes how to disable a component.
Guidelines for deleting OC4J instances are as follows:
You cannot delete OC4J instances that were created by Oracle Application Server during installation.
These include home
, OC4J_BI_FORMS
, OC4J_Portal
, OC4J_Wireless
, and OC4J_SECURITY
. An alternative is to disable an OC4J instance, which prevents it from starting when you start your application server instance. It also removes the component from the System Components list on the Application Server Control Console, and from the opmnctl status
output.
You can delete OC4J instances that were created by a user after installation.
Deleting these instances removes all applications deployed to the instance. You can delete an OC4J instance using dcmctl
or the Application Server Control Console.
To delete an OC4J instance using dcmctl:
(UNIX) ORACLE_HOME/dcm/bin/dcmctl removeComponent -co OC4J_instance_name (Windows) ORACLE_HOME\dcm\bin\dcmctl removeComponent -co OC4J_instance_name
For example, on UNIX:
ORACLE_HOME/dcm/bin/dcmctl removeComponent -co OC4J_myapps
To delete an OC4J instance using the Application Server Control Console:
Navigate to the Application Server Home page for the instance that contains the OC4J instance.
In the System Components section, select the check box for the OC4J instance and click Delete OC4J Instance.
When you install a J2EE and Web Cache instance, you have the option of using the following Infrastructure Services:
This enables the J2EE and Web Cache instance to use Single Sign-On services.
OracleAS Farm Repository Management
This adds the J2EE and Web Cache instance to the farm of a specified repository, thus enabling it to join an OracleAS Cluster.
If you did not choose these options during installation, you can configure them after installation using the Infrastructure page on the Application Server Control Console, shown in Figure 7-2.
Figure 7-2 Application Server Control Console Infrastructure Page
This section contains the following procedures for configuring a J2EE and Web Cache instance to use Infrastructure services:
To configure a J2EE and Web Cache instance to use Oracle Identity Management, refer to Section 7.5.1.
To configure a J2EE and Web Cache instance to use OracleAS Metadata Repository, refer to Section 7.5.2. Note that the instance must already use Oracle Identity Management.
To configure a J2EE and Web Cache instance to use an Existing Database (an OracleAS Metadata Repository that is not registered with Oracle Internet Directory used by this instance), refer to Section 7.5.3. Note that the instance may or may not use Oracle Identity Management.
If you have Oracle Identity Management and OracleAS Metadata Repository, and want to configure a J2EE and Web Cache instance to use OracleAS Metadata Repository only, you can follow the instructions in Section 7.5.4. In this scenario, OracleAS Metadata Repository is registered with Oracle Internet Directory.
Note that Oracle strongly recommends that you do not do this, but instead configure the instance to use Oracle Identity Management and then configure the instance to use the OracleAS Metadata Repository using the instructions in Section 7.5.2.
To configure a J2EE and Web Cache instance to use an existing file-based repository, refer to Section 7.5.5.
To configure a J2EE and Web Cache instance to use a new file-based repository, refer to Section 7.5.6.
This section describes how to configure a J2EE and Web Cache instance to use Oracle Identity Management, as shown in Figure 7-3.
Figure 7-3 J2EE and Web Cache Using Identity Management
Before you start, make sure that:
The Oracle Identity Management instance is started (status is Up).
You know the Oracle Internet Directory host and port numbers.
You know the password for cn=orcladmin
, or another user who is a member of the iASAdmins
group.
Then, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the Identity Management section, click Configure.
On the Internet Directory page:
Host: Enter the fully-qualified name of the Oracle Internet Directory host.
Port: If you do not check Use only SSL connections with Internet Directory, enter the non-SSL Oracle Internet Directory port number. Otherwise, enter the SSL Oracle Internet Directory port number.
Use only SSL connections with Internet Directory: By default, some middle-tier components connect to Oracle Internet Directory using non-SSL connections. If you want components to connect only to Oracle Internet Directory using SSL, check this box and make sure you entered the SSL Oracle Internet Directory port number in the Port field.
Note: If you enter an SSL port number and inadvertently do not select Use only SSL connections with Internet Directory, the SSL port number takes precedence and connections to the Oracle Internet Directory are limited to secure connections only.If this is not the behavior you intended, you can return to the Identity Management Wizard, enter a non-SSL port in the Port field, and make sure that Use only SSL connections with Internet Directory is cleared. |
Click Next.
On the Login page:
User Name: Enter cn=orcladmin
, or the distinguished name of a user in the iASAdmins
group.
Password: Enter the password for the user.
Click Next.
On the Validation page, you receive informational messages regarding the validation of this operation and a warning that all of the components in the instance will be stopped. If you receive any error message, follow the instructions for investigating them. Otherwise, if the operation is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
Click Home to navigate to the Home page for the middle-tier instance.
Click Start All.
Your J2EE and Web Cache instance is now configured to use Oracle Identity Management services.
This section describes how to configure a J2EE and Web Cache instance to use OracleAS Metadata Repository. This procedure requires that the J2EE and Web Cache instance is already using Oracle Identity Management, and OracleAS Metadata Repository is registered with that Oracle Identity Management, as shown in Figure 7-4.
Figure 7-4 J2EE and Web Cache (with Identity Management) Using OracleAS Metadata Repository
Before you start, make sure that:
OracleAS Metadata Repository is started (status is Up).
The Oracle Identity Management instance is started (status is Up).
You know the password for cn=orcladmin
, or another user who is a member of the iASAdmins
group.
Then, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose OracleAS Metadata Repository. Then, click Next.
On the Internet Directory page:
User Name: Enter cn=orcladmin
or the distinguished name of a user in the iASAdmins
group.
Password: Enter the password for the user.
Notice that Use Only SSL connections with Internet Directory is grayed out. This is because you cannot specify this option in this operation.
Click Next.
On the Location page, select the OracleAS Metadata Repository you want to use from the Repository list. The Default Schema is always DCM. Then, click Next.
On the Validation page, you receive informational messages regarding the validation of this operation and a warning that components will be stopped. If you receive any error message, follow the instructions for investigating them. Otherwise, if the repository you specified is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
Click Home to navigate to the Home page for the middle-tier instance.
Click Start All.
Your J2EE and Web Cache instance is now in the OracleAS Metadata Repository's farm and can join an OracleAS Cluster in that farm.
See Also: Oracle Application Server High Availability Guide for information on creating and using OracleAS Clusters |
This section describes how to configure a J2EE and Web Cache instance to use an Existing Database (an OracleAS Metadata Repository that is not registered with Oracle Internet Directory) as the metadata repository. The J2EE and Web Cache instance may use Oracle Identity Management, as shown in Figure 7-5, or it may not, as shown in Figure 7-6.
Figure 7-5 J2EE and Web Cache (with Identity Management) Using an Existing Database
Figure 7-6 shows the J2EE and Web Cache instance using an existing database as a metadata repository, but not using Oracle Identity Management.
Figure 7-6 J2EE and Web Cache (Without Identity Management) Using an Existing Database
Before you start, make sure that:
The Existing Database is started (status is Up).
You know the Net listener port and the service name for the Existing Database. These are listed in the entry for the Existing Database in the following file:
On UNIX systems:
EXISTING_DB_ORACLE_HOME/network/admin/tnsnames.ora
On Windows systems:
EXISTING_DB_ORACLE_HOME\network\admin\tnsnames.ora
You know the password for the DCM schema in the database.
If you have just installed the Existing Database and have not used the DCM schema yet, note that the password is generated randomly during installation. To change the random password to a known value, use the ALTER USER command in SQL*Plus, as shown in the following example (be sure to set the ORACLE_HOME and ORACLE_SID environment variables first):
sqlplus "SYS/sys_password as SYSDBA" SQL> ALTER USER dcm IDENTIFIED BY new_password;
If the schema is already in use, use the current password. To find the current password, use the following command:
SELECT password FROM dba_users WHERE username='DCM';
Then, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose Existing Database. (Note: If the OracleAS Metadata Repository option is grayed out, it is because the J2EE and Web Cache instance is not using Oracle Identity Management). Then, click Next.
On the Login page, fill in the following fields:
User Name: DCM
.
Password: Enter the DCM schema password.
Hostname and Port: Enter the hostname and Net listener port for the Existing Database. For example: myhost:1521
.
Service Name: Enter the service name for the Existing Database. For example, orcl.myco.com
.
Click Next.
On the Validation page, you receive informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the operation is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
Click Home to navigate to the Home page for the instance.
Click Start All.
Your J2EE and Web Cache instance is now in the Existing Database's farm and can join an OracleAS Cluster in that farm.
This section describes how to configure a J2EE and Web Cache instance to use OracleAS Metadata Repository for its metadata. This procedure assumes that OracleAS Metadata Repository is registered with Oracle Internet Directory and that the J2EE and Web Cache instance is not using Oracle Identity Management.
Caution: This configuration is not recommended. Instead, Oracle recommends that you register the J2EE and Web Cache with Oracle Identity Management (see Section 7.5.1) and then configure it to use OracleAS Metadata Repository (see Section 7.5.2). |
This configuration is shown in Figure 7-7.
Figure 7-7 J2EE and Web Cache (Without Identity Management) Using OracleAS Metadata Repository
Before you start, make sure that:
OracleAS Metadata Repository is started (status is Up)
You know the password for the DCM schema in the database
If you have just installed the Existing Database and have not used the DCM schema yet, note that the password is generated randomly during installation. To change the random password to a known value, use the ALTER USER command in SQL*Plus, as shown in the following example (be sure to set the ORACLE_HOME and ORACLE_SID environment variables first):
sqlplus "SYS/sys_password as SYSDBA" SQL> ALTER USER dcm IDENTIFIED BY new_password;
If the schema is already in use, use the current password. To find the current password, use the following command:
SELECT password FROM dba_users WHERE username='DCM';
The Oracle Identity Management instance to which OracleAS Metadata Repository is registered is started (status is Up)
You know the password for cn=orcladmin
, or another user who is a member of the iASAdmins
group
Then, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose Existing Database. (Note: The OracleAS Metadata Repository option is grayed out because the J2EE and Web Cache instance is not using Oracle Identity Management). Then, click Next.
On the Login page, fill in the following fields:
User Name: Enter DCM
.
Password: Enter the DCM schema password.
Hostname and Port: Enter the hostname and Net listener port for the Existing Database. For example: myhost:1521
.
Service Name: Enter the service name for OracleAS Metadata Repository. For example, orcl.myco.com
.
Click Next.
On the Validation page, you receive informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the operation is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
Click Home to navigate to the Home page for the instance.
Click Start All.
Your J2EE and Web Cache instance is now in the OracleAS Metadata Repository's farm and can join an OracleAS Cluster in that farm.
This section describes how to configure a J2EE and Web Cache instance to use an existing file-based repository. The instance does not use Oracle Identity Management or OracleAS Metadata Repository.
Before you start, make sure that:
The instance that contains the file-based repository is started (status is Up).
You know the File-Based Repository ID for the farm. The ID can be found on the Infrastructure page of an instance already in the farm.
Then, take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose Existing file-based repository. Then, click Next.
In the Location page, enter the File-Based Repository ID for the farm. The ID can be found on the Infrastructure page of an instance already in the farm. Then, click Next.
The Validation page displays informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the repository you specified is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
Click Home to navigate to the Home page for the instance.
Click Start All.
This section describes how to configure a J2EE and Web Cache instance to create and use a new file-based repository. The instance does not use Oracle Identity Management or OracleAS Metadata Repository.
Take the following steps:
Using the Application Server Control Console, navigate to the Application Server Home page for the J2EE and Web Cache instance.
Click Infrastructure.
On the Infrastructure page, in the OracleAS Farm Repository Management section, click Configure.
On the Source page, choose New file-based repository. Then, click Next.
The Validation page displays informational messages regarding the validation of this operation. If you receive any error message, follow the instructions for investigating them. Otherwise, if the repository you specified is valid, click Finish.
When the operation is finished, you must restart the components in the J2EE and Web Cache instance.
Click Home to navigate to the Home page for the instance.
Click Start All.
Beginning with Release 2 (10.1.2.0.2), you can enable and disable anonymous binds (anonymous authentication) in Oracle Internet Directory. By default, anonymous binds are enabled.
Although disabling anonymous binds is useful in many runtime environments, most configuration changes, such as the following, require that anonymous binds are enabled:
Installing new components with Oracle Universal Installer
Configuring components with Application Server Control Console
Changing the host name, domain name, or IP address of a host on which you have installed Oracle Application Server
Cloning
To disable anonymous binds, take the following steps:
Shut down all middle tiers that are connected to the OracleAS Infrastructure, as described in Section 3.2.6, "Stopping a Middle-Tier Instance".
Shut down OracleAS Infrastructure, in all Infrastructure Oracle homes:
(UNIX) ORACLE_HOME/opmn/bin/opmnctl stopall (Windows) ORACLE_HOME\opmn\bin\opmnctl stopall
Start Oracle Internet Directory, because it must be started while you perform the procedure:
(UNIX) ORACLE_HOME/bin/oidmon connect=db_connect_string start (Windows) ORACLE_HOME\bin\oidmon connect=db_connect_string start
Edit the ias.properties
file for each middle tier connected to the OracleAS Infrastructure and for the Infrastructure Oracle home that contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The ias.properties
file is located in the following directory:
(UNIX) ORACLE_HOME/config (Windows) ORACLE_HOME\config
In the ias.properties
file, add the OIDAnonymousDisabled
property to the file and set it to true
:
OIDAnonymousDisabled=true
Edit the dads.conf
file for each middle tier connected to the OracleAS Infrastructure and for the Infrastructure Oracle home that contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The dads.conf
file is located in the following directory:
(UNIX) ORACLE_HOME/Apache/modplsql/conf (Windows) ORACLE_HOME\Apache\modplsql\conf
By default, the PlsqlDatabaseConnectString parameter contains a value that uses the LDAP name resolution format, for example:
PlsqlDatabaseConnectString cn=orcl, cn=oraclecontext NetServiceNameFormat
Comment out this line. (Do not delete it because you will need to revert to it if you want to enable anonymous binds in the future.)
Add the following line, which changes the value of the PlsqlDatabaseConnectString parameter to use the host:port:service
format instead of LDAP name resolution:
PlsqlDatabaseConnectString db_host:db_hostdb_listener_port:db_service_name
In the example, db_host is the name of the host on which the OracleAS Metadata Repository for OracleAS Single Sign-On is installed, db_listener_port is the listener port for that OracleAS Metadata Repository, and db_service_name is the service name for the OracleAS Metadata Repository.
Use the ldapmodify
command to disable anonymous binds. Use the command on the Oracle home that contains Oracle Internet Directory.
Take the following steps:
Create a text file with the following lines:
dn: changetype: modify replace: orclanonymousbindsflag orclanonymousbindsflag: 0
Use the ldapmodify
command, calling the text file created in the previous step as input. In the following example, the text file is named anon_off.ldif
:
(Unix) ORACLE_HOME/bin/ldapmodify -h host -p port -D cn=orcladmin -w password -v -f anon_off.ldif (Windows) ORACLE_HOME\bin\ldapmodify -h host -p port -D cn=orcladmin -w password -v -f anon_off.ldif
Stop Oracle Internet Directory:
(UNIX) ORACLE_HOME/bin/oidmon connect=db_connect_string stop (Windows) ORACLE_HOME\bin\oidmon connect=db_connect_string stop
Start OracleAS Infrastructure, including Oracle Internet Directory, in the Oracle Internet Directory Oracle home, then in any other OracleAS Infrastructure Oracle homes:
(UNIX) ORACLE_HOME/opmn/bin/opmnctl startall (Windows) ORACLE_HOME\opmn\bin\opmnctl startall
Start all middle tiers that are connected to the Infrastructure, as described in Section 3.2.5, "Starting a Middle-Tier Instance".
If you have disabled anonymous binds, you must take the following steps to enable anonymous binds before you can make configuration changes to Oracle Application Server middle tiers or OracleAS Infrastructure:
Shut down all middle tiers that are connected to the OracleAS Infrastructure, as described in Section 3.2.6, "Stopping a Middle-Tier Instance".
Shut down OracleAS Infrastructure, in all Infrastructure Oracle homes:
(UNIX) ORACLE_HOME/opmn/bin/opmnctl stopall (Windows) ORACLE_HOME\opmn\bin\opmnctl stopall
Start Oracle Internet Directory, because it must be started while you perform the procedure:
(UNIX) ORACLE_HOME/bin/oidmon connect=db_connect_string start (Windows) ORACLE_HOME\bin\oidmon connect=db_connect_string start
Edit the ias.properties
file for each middle tier connected to the OracleAS Infrastructure and for the Infrastructure Oracle home that contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The ias.properties
file is located in the following directory:
(UNIX) ORACLE_HOME/config (Windows) ORACLE_HOME\config
In the ias.properties
file, set the OIDAnonymousDisabled
property to false
:
OIDAnonymousDisabled=false
If the property does not exist in the file, or if it is set to false
, anonymous binds are enabled.
Edit the dads.conf
file for each middle tier connected to the OracleAS Infrastructure and for the Infrastructure Oracle home that contains OracleAS Single Sign-On and Oracle Delegated Administration Services. The dads.conf
file is located in the following directory:
(UNIX) ORACLE_HOME/Apache/modplsql/conf (Windows) ORACLE_HOME\Apache\modplsql\conf
If you previously commented out the line that contains the PlsqlDatabaseConnectString parameter with a value that uses the LDAP name resolution format, uncomment out that line. If you deleted the line, add a line using the following format:
PlsqlDatabaseConnectString cn=orcl, cn=oraclecontext NetServiceNameFormat
If you previously added a line similar to the following, which contains the PlsqlDatabaseConnectString parameter with a value that use host:port:service
format, comment out the line:
PlsqlDatabaseConnectString db_host:db_hostdb_listener_port:db_service_name
Use the ldapmodify
command to enable anonymous binds. Use the command on the Oracle home that contains Oracle Internet Directory.
Take the following steps:
Create a text file with the following lines:
dn: changetype: modify replace: orclanonymousbindsflag orclanonymousbindsflag: 1
Use the ldapmodify
command, calling the text file created in the previous step as input. In the following example, the text file is named anon_on.ldif
:
(Unix) ORACLE_HOME/bin/ldapmodify -h host -p port -D cn=orcladmin -w password -v -f anon_on.ldif (Windows) ORACLE_HOME\bin\ldapmodify -h host -p port -D cn=orcladmin -w password -v -f anon_on.ldif
Stop Oracle Internet Directory:
(UNIX) ORACLE_HOME/bin/oidmon connect=db_connect_string stop (Windows) ORACLE_HOME\bin\oidmon connect=db_connect_string stop
Start OracleAS Infrastructure, including Oracle Internet Directory, in the Oracle Internet Directory Oracle home, then in any other OracleAS Infrastructure Oracle homes:
(UNIX) ORACLE_HOME/opmn/bin/opmnctl startall (Windows) ORACLE_HOME\opmn\bin\opmnctl startall
Start all middle tiers that are connected to the Infrastructure, as described in Section 3.2.5, "Starting a Middle-Tier Instance".