Application configuration for OAM Integration

Posted inOAM, Webcenter Portal

When you use the Oracle Access Manager Identity Asserter, all web.xml files in the application EAR file must specify CLIENT-CERT in the element auth-method for the appropriate realm.

You can add comma separated values here when you want applications accessed directly over the WebLogic Server host:port to be authenticated by the container. For instance:

<auth-method>CLIENT-CERT,FORM</auth-method>.

The auth-method can use BASIC, FORM, or CLIENT-CERT values. While these look like similar values in Oracle Access Manager, the auth-method specified in web.xml files are used by Oracle WebLogic Server (not Oracle Access Manager).

Identity and Trust Keystores

Posted inConcepts, Weblogic Configuration

When you configure SSL, you must decide how identity and trust will be stored. Although one keystore can be used for both identity and trust, Oracle recommends using separate keystores for both identity and trust because the identity keystore (private key/digital certificate pairs) and the trust keystore (trusted CA certificates) may have different security requirements. For example:

how to read cwallet.sso file

Posted inSOA/BPM, Weblogic Configuration
$MW_HOME/oracle_common/bin/orapki wallet display -wallet ~/cwallet.sso Sample: [oracle@wcsoa bin]$ ./orapki wallet display -wallet /webdata/Oracle/admin/wcsoadomain/aserver/wcsoadomain/config/fmwconfig/bootstrap/cwallet.sso Oracle PKI Tool : Version 11.1.1.7.0 Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.…