Thursday, 18 December 2014

OAM



OAM

Creating a 10g webgate/ 11g webgate

  1. Click on New OAM 10g Webgate
  2. Enter any Name(abc) for the webgate 
  3. Access client password.
  4. Click apply
  5. Click apply again to save the webgate settings.
  6. Copy the ObAccessClient.xml  from /net/adc00xtp/scratch/aime1/work/mw5862/user_projects/domains/WLS_IDM/output/abc to the webgate folder
  7. To the ohs folder  /scratch/nehkumar/oamohs/Oracle_WT1/instances/instance1/config/OHS/ohs1/webgate/config
  8. Restart OHS server 
  9. Access the resource being protected by the webserver .
  10. The OAM login page will be shown .
     

For whiletlist URL testing :

help("oamSetWhiteListMode")
help("oamWhiteListURLConfig")
oamSetWhiteListMode(oamWhiteListMode="false") --Disable
oamSetWhiteListMode(oamWhiteListMode="true") --Enable
oamWhiteListURLConfig (Name="oam", Value= "http://my.oracle.com", Operation="Update") --Adds "http://my.oracle.com" to whitelist
oamWhiteListURLConfig (Name="oam", Value= "http://my.oracle.com", Operation="Remove") --Removed "http://my.oracle.com" from whitelist.

TEST URL :
OAM_HOST:port/oam/server/logout?doneURL=http://my.oracle.com --->Should forward you to oracle home page
OAM_HOST:port/oam/server/logout?doneURL=http://mail.yahoo.com --->should render the default OAM logout page as yahoo is not whitelisted

The corresponding settings will be present under <Setting Name="EndURLWhiteList" Type="htf:map"> in oam-config.xml.


URL for redirection
Steps to reproduce :
 Step to reproduce:
  -------------------
  1. Construct an URL to OAM login page with modified "ru" redirect page to any
  site (sample: http://www.google.com).
  .
  http://slc02kfx:14100/oam/server/obrareq.cgi?wh=IAMSuiteAgent
  wu=/oamconsole/faces/pages/PolicyManager.jspx wo=GET
  rh=http://slc02kfx:7001/oamconsole/faces/pages ru=http://www.google.com
   
  2. Copy and paste the url to the browser and the browser will load OAM login
  page.
  3. Try to login using OAM credential.
  4. After authenticated the browser will be redirect to the desire page.

  Expected Behaviour:
  OAM should not accept redirect to any site by default.  



 http://adc00xtp.us.oracle.com:16573/oam/server/obrareq.cgi?wh=webgate10g wu=/test10g.html wo=GET rh=http://slc04lnu.us.oracle.com:9797 ru=http://www.google.com

 http://adc00xtp.us.oracle.com:16573/oam/server/obrareq.cgi?wh=IAMSuiteAgent wu=/oamconsole/faces/pages/PolicyManager.jspx wo=GET rh=http://slc02kfx:7001/oamconsole/faces/pages ru=http://adc00xtp.us.oracle.com:16573/oam/server/logout.

The redirection should only happen if whitelist has the URL in it .



MATS URL with DIFFS :
http://stddrwiki.us.oracle.com:7778/twiki/bin/view/ApplicationServer/11gMats

Released OAM Labels:
http://stddrwiki.us.oracle.com:7778/twiki/bin/view/ApplicationServer/NGAMLabels#Released_Labels
 
URL Encoder Decoder :
http://www.hypergurl.com/urlencode.html
 

Backport process:
http://stddrwiki.us.oracle.com:7778/twiki/bin/view/ApplicationServer/OAM11gBundlePatchProcess#Detailed_CI_Backport_Instruction







 



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)