Contents

List of Examples

List of Figures

List of Tables

Title and Copyright Information

Preface

• Intended Audience
• Documentation Accessibility
• Related Documents
• Conventions

1 Overview

• 1.1 What is an Enterprise Deployment?
• 1.2 Benefits of the Oracle Application Server Enterprise Deployment Configurations
• 1.2.1 Built-in Security
• 1.2.2 High Availability

2 Selecting a Deployment Architecture

• 2.1 Creating Solutions with Oracle Application Server
• 2.2 Enterprise Deployment Nomenclature
• 2.3 Understanding the Enterprise Deployment Architectures
• 2.3.1 myJ2EE
• 2.3.2 myPortal
• 2.3.3 myBIFCompany
• 2.4 Understanding Deployment Variants
• 2.4.1 Understanding Data Tier Variants
• 2.4.1.1 Using Multimaster Replication with Oracle Internet Directory
• 2.4.1.2 Using the Oracle Application Server Cold Failover Cluster (Identity Management) Solution
• 2.4.2 Understanding Identity Management Tier Variants
• 2.4.2.1 Oracle Internet Directory: Data Tier or Identity Management Tier?
• 2.4.2.2 Oracle Internet Directory: AD/iPlanet Integration
• 2.4.2.3 Oracle Application Server Single Sign-On: Using Netegrity
• 2.4.2.4 Oracle Application Server Single Sign-On: Windows Authentication
• 2.4.3 Understanding Application Tier Variants
• 2.4.3.1 J2EE Applications: File Based or Database Repository?
• 2.4.4 Understanding Web Server Tier Variants
• 2.4.4.1 Oracle Application Server Web Cache Placement, Clustering and Deployment Considerations
• 2.4.4.2 Oracle HTTP Server: Forward and Reverse Proxies
• 2.4.4.3 Oracle HTTP Server as a Standalone Web Server
• 2.5 How to Use this Guide: The Enterprise Deployment Configuration Process
• 2.5.1 Installing and Configuring myJ2EE
• 2.5.2 Installing and Configuring myPortal
• 2.5.3 Installing and Configuring myBIF
• 2.6 Selecting a Deployment Architecture

3 Before You Begin Installation

• 3.1 Best Practices for Installing and Configuring Enterprise Deployments
• 3.2 Hardware Sizing Guidelines
• 3.3 Managing Oracle Application Server Component Connections

4 Installing and Configuring the Security Infrastructure

• 4.1 Installing the Oracle Application Server Metadata Repository for the Security Infrastructure
• 4.1.1 Installing the OracleAS Metadata Repository Creation Assistant
• 4.1.2 Installing the Metadata Repository in a Database Using Raw Devices
• 4.1.3 Installing the Metadata Repository in an Oracle Cluster File System (OCFS)
• 4.1.4 Updating the sqlnet.ora File for OracleAS Portal Communication
• 4.1.5 Configuring the Time out Value in the sqlnet.ora File
• 4.2 Installing the Oracle Internet Directory Instances in the Data Tier
• 4.2.1 Installing the First Oracle Internet Directory
• 4.2.2 Installing the Second Oracle Internet Directory
• 4.3 Configuring the Virtual Server to Use the Load Balancing Router
• 4.4 Testing the Data Tier Components
• 4.5 Installing and Configuring Authentication Services for myPortalCompany.com

5 Installing and Configuring Authentication Services

• 5.1 Option 1: Using Oracle Application Server Single Sign-On
• 5.1.1 Installing the First Identity Management Configuration
• 5.1.2 Testing the Identity Management Components With Oracle Internet Directory
• 5.1.3 Installing the Second Identity Management Configuration
• 5.1.4 Testing the Identity Management Tier Components
• 5.2 Option 2: Using the Oracle Application Server Java Authentication and Authorization Service (JAAS) Provider
• 5.2.1 Adding Administrative Users and Groups to Oracle Internet Directory for the OracleAS JAAS Provider

6 Installing and Configuring the myJ2EECompany Application Infrastructure

• 6.1 Installing and Configuring the Security Infrastructure
• 6.2 Configuring the Load Balancing Router or Proxy Server
• 6.3 Installing and Configuring the Application Tier
• 6.3.1 Installing the First Application Tier Application Server Instance on APPHOST1
• 6.3.2 Installing the Second Application Tier Application Server Instance on APPHOST2
• 6.3.3 Creating OC4J Instances on the Application Tier
• 6.3.4 Deploying J2EE Applications
• 6.3.5 Creating a DCM-Managed Oracle Application Server Cluster on the Application Tier
• 6.3.5.1 Creating the DCM-Managed OracleAS Cluster
• 6.3.5.2 Joining Application Server Instances to the DCM-Managed OracleAS Cluster
• 6.3.6 Modifying the Oracle Enterprise Manager 10g Application Server Control Console Welcome Page
• 6.4 Installing and Configuring the Web Tier
• 6.4.1 Installing the Oracle HTTP Servers on WEBHOST1 and WEBHOST2
• 6.5 Configuring the Manually Managed Oracle Application Server Cluster
• 6.6 Configuring the Oracle HTTP Server with the Load Balancing Router
• 6.7 Configuring OC4J Routing
• 6.8 Configuring Application Authentication and Authorization

7 Installing and Configuring the myPortalCompany Application Infrastructure

• 7.1 Installing the Metadata Repository for the Application Infrastructure
• 7.1.1 Installing the Metadata Repository in a Database Using Raw Devices
• 7.1.2 Installing the Metadata Repository in an Oracle Cluster File System (OCFS)
• 7.2 Configuring the Load Balancing Router or Proxy Server
• 7.3 Installing the Application Tier
• 7.3.1 Installing the First Application Server on APPHOST1
• 7.3.2 Configuring Load Balancing and Monitoring
• 7.3.3 Configuring the First Application Server on APPHOST1
• 7.3.3.1 Executing the SSL Configuration Tool on APPHOST1
• 7.3.3.2 Re-Setting the Oracle Enterprise Manager 10g Link
• 7.3.3.3 Configuring the Portal Tools Providers on APPHOST1
• 7.3.3.4 Creating an Indirect Password
• 7.3.3.5 Re-registering mod_osso on APPHOST1
• 7.3.3.6 Verifying Connectivity for Invalidation Messages from the Database to the OracleAS Web Cache on APPHOST1 through the Load Balancing Router
• 7.3.3.7 Enabling Monitoring of the Load Balancing Router's OracleAS Portal Host and Port Settings
• 7.3.3.8 Testing the Configuration on APPHOST1
• 7.3.4 Installing the Second Application Server on APPHOST2
• 7.3.5 Configuring the Second Application Server on APPHOST2
• 7.3.5.1 Enabling Portal on APPHOST2
• 7.3.5.2 Configuring the Oracle HTTP Server with the Load Balancing Router on APPHOST2
• 7.3.5.3 Configuring the Parallel Page Engine Loop-Back with the Load Balancing Router on APPHOST2
• 7.3.5.4 Modifying the Portal Dependency Settings (iasconfig.xml) File on APPHOST2
• 7.3.5.5 Configuring the Portal Tools Providers on APPHOST2
• 7.3.5.6 Re-registering mod_osso on APPHOST2
• 7.3.6 Configuring OracleAS Web Cache Clusters
• 7.3.7 Configuring Load Balancing and Monitoring
• 7.3.8 Enabling Session Binding on OracleAS Web Cache Clusters
• 7.3.9 Modifying the Oracle Application Server Welcome Page
• 7.3.10 Registering Web Providers or Provider Groups Exposed over SSL (Optional)
• 7.3.11 Enabling the Federated Portal Adapter for SSL (Optional)
• 7.3.12 Registering OracleAS Portal as an Oracle Ultra Search Content Source (Optional)
• 7.3.12.1 Enabling Oracle Ultra Search Access
• 7.3.12.2 Registering OracleAS Portal as an Oracle Ultra Search Content Source
• 7.4 Testing the Application Server Tier
• 7.5 Configuring Custom Java Portal Development Kit (JPDK) Providers
• 7.5.1 Deploying Custom JPDK Providers
• 7.5.2 Configuring Manually Managed Oracle Application Server Clusters for Session State Replication in OC4J_JPDK Applications
• 7.5.2.1 Configuring State Replication in the OC4J Instances
• 7.5.2.2 Configure the J2EE Applications for Clustering
• 7.5.2.3 Configure the Oracle HTTP Server for Failover and Load Balancing
• 7.5.2.4 Disabling the JAZN Session Cache for UDDI Session Replication
• 7.6 Setting the OracleAS Single Sign-On Query Path URL for External Applications
• 7.6.1 Firewall Considerations for OracleAS Portal

8 Installing and Configuring the myBIFCompany Application Infrastructure

• 8.1 Installing the Metadata Repository for the Application Infrastructure
• 8.2 Configuring the Load Balancing Router or Proxy Server
• 8.3 Installing the Application Tier
• 8.3.1 Installing the First Application Server on APPHOST1
• 8.3.2 Configuring the First Application Server on APPHOST1
• 8.3.2.1 Configuring the Oracle HTTP Server with the Load Balancing Router on APPHOST1
• 8.3.2.2 Re-registering mod_osso on APPHOST1
• 8.3.2.3 Configuring OracleAS Reports Services Server Targets in Oracle Enterprise Manager 10g Application Server Control Console
• 8.3.2.4 Testing the Configuration on APPHOST1
• 8.3.3 Installing the Second Application Server on APPHOST2
• 8.3.4 Configuring the Second Application Server on APPHOST2
• 8.3.4.1 Configuring the Oracle HTTP Server with the Load Balancing Router on APPHOST2
• 8.3.4.2 Re-registering mod_osso on APPHOST2
• 8.3.4.3 Configuring OracleAS Reports Services Server Targets in Oracle Enterprise Manager 10g Application Server Control Console
• 8.3.5 Configuring OracleAS Web Cache Clusters
• 8.3.6 Selecting the Secure Tunneling Protocol for Oracle Business Intelligence Discoverer Plus Deployment
• 8.3.7 Completing the Configuration
• 8.3.8 Managing Connection Availability for OracleAS Reports Services
• 8.3.9 Configuring Session State Replication in OC4J Instances
• 8.3.10 Modifying the Oracle Enterprise Manager 10g Application Server Control Console Welcome Page
• 8.3.11 Updating Host and Port Entries in OC4J_BI_Forms
• 8.4 Testing the Application Server Tier
• 8.5 Configuring OracleAS Portal in Business Intelligence and Forms

9 Implementing Architecture Variants

• 9.1 Configuring a Dedicated Intranet and Internet for OracleAS Portal
• 9.1.1 Installing the Infrastructure and External Middle Tier Instances
• 9.1.2 Installing the First Internal Middle Tier on APPHOST3
• 9.1.3 Installing the Second Internal Middle Tier on APPHOST4
• 9.1.4 Configuring an OracleAS Web Cache Invalidation-only Cluster
• 9.1.4.1 Preparing the Network Environment for the OracleAS Web Cache Invalidation-only Cluster
• 9.1.4.2 Configuring the Caches
• 9.1.4.3 Disabling External to Internal Communication Through the Firewall
• 9.1.5 Configuring the First Internal Middle Tier on APPHOST3 for Load Balancing Router Access
• 9.1.6 Configuring the Second Internal Middle Tier on APPHOST4 for Load Balancing Router Access
• 9.1.7 Registering the Internal Middle Tier as a Partner Application
• 9.1.8 Updating the Default JPDK Instance URL and Seeded Provider Group URLs
• 9.1.9 Configuring OracleAS Portal Invalidation Messages
• 9.1.9.1 Verifying the OracleAS Web Cache Invalidation Messages Configuration
• 9.1.10 Configuring the OracleAS Portal Schema in the OracleAS Metadata Repository
• 9.1.11 Modifying the Oracle Text Base Search URL
• 9.1.12 Enabling Session Binding on OracleAS Web Cache
• 9.1.13 Configuring the Oracle Drive WebDAV Client
• 9.1.14 Validating the Completed Configuration
• 9.2 Configuring a Reverse Proxy for OracleAS Portal and OracleAS Single Sign-On
• 9.2.1 Install and Configure the Proxy Server
• 9.2.1.1 Configuring OracleAS Web Cache as a Reverse Proxy
• 9.2.1.2 Configuring the Oracle HTTP Server as a Reverse Proxy
• 9.2.1.3 Configuring Internet Information Services as a Reverse Proxy
• 9.2.2 Testing the OracleAS Single Sign-On Connection
• 9.2.3 Configuring OracleAS Single Sign-On to Use a Reverse Proxy
• 9.2.3.1 Ensuring that IP Checking is Off
• 9.2.3.2 Executing the ssocfg Script
• 9.2.3.3 Updating the targets.xml File
• 9.2.3.4 Updating the httpd.conf File
• 9.2.3.5 Updating Oracle Internet Directory with the Operation URL
• 9.2.3.6 Registering mod_osso to Use the Proxy Host Name
• 9.2.3.7 Updating the Single Sign-On Configuration
• 9.2.4 Validating the OracleAS Single Sign-On Configuration
• 9.2.5 Testing the OracleAS Portal Connection
• 9.2.6 Configuring OracleAS Portal for a Reverse Proxy
• 9.2.6.1 Ensuring Validity of Self-Referential URLs Rendered on OracleAS Portal Pages
• 9.2.6.2 Configuring Loopback Communication to the Internal Server
• 9.2.6.3 Specifying the OracleAS Portal Published Address and Protocol
• 9.2.6.4 Configuring the Parallel Page Engine Loop-Back with the Load Balancing Router on APPHOST1
• 9.2.6.5 Configuring OracleAS Web Cache with the Reverse Proxy Server on APPHOST1
• 9.2.6.6 Configuring Seeded Providers and Locally Hosted Web Providers
• 9.2.6.7 Registering the Domain Name
• 9.2.6.8 Re-registering mod_osso on APPHOST1
• 9.2.6.9 Augmenting the Parallel Page Engine x509certfile for Web Providers Exposed Over SSL (Optional)
• 9.2.6.10 Registering Web Providers or Provider Groups Exposed over SSL (Optional)
• 9.2.6.11 Enabling the Federated Portal Adapter for SSL (Optional)
• 9.2.6.12 Registering OracleAS Portal as an Oracle Ultra Search Content Source (Optional)
• 9.2.6.13 Using Oracle HTTP Server 1.3 as a Reverse Proxy for OracleAS Portal
• 9.2.7 Validating the OracleAS Portal Configuration
• 9.3 Configuring J2EE and Web Cache on the Web Tier
• 9.3.1 Installing and Configuring the Security Infrastructure
• 9.3.2 Installing and Configuring the Application Tier
• 9.3.2.1 A Note About Port Assignments for the Oracle Application Server File-Based Farm
• 9.3.3 Installing and Configuring the Web Tier
• 9.3.3.1 Installing the Web Tier Application Servers on WEBHOST1 and WEBHOST2

A Sample Configurations for Load Balancers

• A.1 Test Network Configuration
• A.1.1 Network Subnets in the Test Configuration
• A.1.2 Hardware in the Test Configuration
• A.1.3 Configuration of Load Balancers and Firewalls for Oracle Application Server Component High Availability
• A.1.3.1 OracleAS Portal Communication
• A.2 F5 Big IP Application Switch (Software Version 4.5 PTF.5)
• A.2.1 Subnets for the Big IP Configuration
• A.2.2 Servers/Nodes for the Big IP Configuration
• A.2.3 Pools for the Big IP Configuration
• A.2.4 Virtual Servers (VIPs) for the Big IP Configuration
• A.2.5 Load Balancing Method for the Big IP Configuration
• A.2.6 Health Monitors for the Big IP Configuration
• A.2.6.1 OracleAS Single Sign-On
• A.2.6.2 Middle Tier Components
• A.2.6.3 OracleAS Web Cache Invalidation
• A.2.6.4 Oracle Internet Directory LDAP
• A.2.6.5 SSL Configuration
• A.2.7 OracleAS Portal Configuration Notes for Big IP
• A.2.8 OracleAS Wireless Configuration Notes for Big IP
• A.2.9 OracleAS Web Cache Configuration Notes for Big IP
• A.3 Cisco CSM 3.1(2)
• A.3.1 Subnets for the CSM 3.1(2) Configuration
• A.3.2 Servers/Nodes for the Cisco CSM 3.1(2) Configuration
• A.3.3 VLANs for the Cisco CSM 3.1(2) Configuration
• A.3.4 Server Farms for the Cisco CSM 3.1(2) Configuration
• A.3.5 Virtual Servers (VIPs) for the Cisco CSM 3.1(2) Configuration
• A.3.5.1 Virtual Servers for Outside Traffic Access to Server Farms
• A.3.5.2 Sticky Configuration
• A.3.5.3 Virtual Servers for HTTP Request Forwarding From the SSL Accelerator
• A.3.5.4 Virtual Servers for Traffic from VLAN for Parallel Page Engine Requests
• A.3.6 Test Configuration: Cisco CSM 3.1(2)
• A.4 Foundry Server Iron v08.1.00cT24
• A.4.1 Subnets for the Foundry Server Iron v08.1.00cT24 Configuration
• A.4.2 Servers/Nodes for the Foundry Server Iron v08.1.00cT24 Configuration
• A.4.3 Real Servers for the Foundry Server Iron v08.1.00cT24 Configuration
• A.4.4 OracleAS Portal Configuration Notes for Foundry Server Iron v08.1.00cT24
• A.4.5 OracleAS Wireless Configuration Notes for Foundry Server Iron v08.1.00cT24
• A.4.6 Test Configuration: Foundry Server Iron v08.1.00cT24
• A.5 Nortel Alteon 2424 SSL (Software Version 20.2.2.1)
• A.5.1 Subnets for the Nortel Alteon 2424 SSL (Software Version 20.2.2.1) Configuration
• A.5.2 Servers/Nodes for the Nortel Alteon 2424 SSL (Software Version 20.2.2.1) Configuration
• A.5.3 Real Servers for the Nortel Alteon 2424 SSL (Software Version 20.2.2.1) Configuration
• A.5.4 Groups for the Nortel Alteon 2424 SSL (Software Version 20.2.2.1) Configuration
• A.5.5 Virtual IP Addresses for Nortel Alteon 2424 SSL (Software Version 20.2.2.1)
• A.5.6 Additional Server Configuration for Nortel Alteon 2424 SSL (Software Version 20.2.2.1)
• A.5.7 OracleAS Portal Configuration Notes for Nortel Alteon 2424 SSL (Software Version 20.2.2.1)
• A.5.8 OracleAS Wireless Configuration Notes for Nortel Alteon 2424 SSL (Software Version 20.2.2.1)
• A.5.9 Test Configuration: Nortel Alteon 2424 SSL (Software Version 20.2.2.1)
• A.6 Radware Web Server Director NP with SynApps 7.50.05
• A.6.1 Subnets for the Radware Web Server Director NP Configuration
• A.6.2 Servers/Nodes for the Radware Web Server Director NP Configuration
• A.6.3 Farms for the Radware Web Server Director NP Configuration
• A.6.4 Servers for the Radware Web Server Director NP Configuration
• A.6.5 Additional Server Configuration for the Radware Web Server Director NP
• A.6.6 Super Farms for the Radware Web Server Director NP Configuration
• A.6.7 Load Balancing Method for the Radware Web Server Director NP Configuration
• A.6.8 OracleAS Portal Configuration Notes for Radware Web Server Director NP
• A.6.9 OracleAS Wireless Configuration Notes for Radware Web Server Director NP
• A.6.10 Test Configuration: Radware Web Server Director NP

B Sample Files and Values

• B.1 Metadata Repository Tablespaces
• B.2 Tablespace Mapping to Raw Devices Sample File
• B.3 Using the Static Ports Feature with Oracle Universal Installer
• B.4 dads.conf File

Index