Thursday, May 9, 2013

Configuring DCC in OAM 11gR2

In this post, I have configured DCC for an OHS 11g Webgate. OHS URL is http://localhost:7777/

Steps:

1. Navigate to C:\Oracle\Middleware\Oracle_OAMWebGate1\webgate\ohs\oamsso-bin
and edit the files login.pl, logout.pl and secureid.pl

    Update first line of the file with absolute path of perl bin directory on your system

    example: #!C:\Oracle\Middleware\Oracle_IDM2\perl\bin\perl

(search for perl.exe in your system and you will find the absolute path. Just update it as the first line for the above mentioned pl files)

2. Open the webgate configuration in OAM console and check the below



3. Double click on "access manager settings" in OAM console and make the changes as below







4. Create a new auth scheme say "DCC ODSEE Auth Scheme" with values as specified below

   Challenge redirect URL would be your web server URL





5. Navigate to the policies of the OHS webgate and create resources for
            /favicon.ico
            /oamsso-bin/login.pl
    make sure you create those resources as 'EXCLUDED'

6. Navigate to authentication policy and assign the newly created auth scheme "DCC ODSEE Auth Scheme" to the resources

7. Restart OAM server

8. You will get the new DCC default Login page as below




















   

If you want to revert the configs to use ECC (Embedded credential Collector), Make sure you uncheck the option "Allow Credential Collector Operations" in Webgate configuration.

Thanks,
Veeru Yads

6 comments:

  1. Hi,
    Is DCC is only possible with OHS server which having 11g webgate, as i dont see these option in 10g.
    is it possible to configure DCC with 10g webgate

    thanks

    ReplyDelete
  2. DCC can be implemented for 11g webgates only

    ReplyDelete
  3. Hi,

    Is there any setting / configuration available in OAM / OAM Webgate to hide the User-agent(in HTTP request / response) ?



    Can we comment out this attribute in login-config.pl so that its not printed as comment in the page?

    ReplyDelete
  4. Thanks for the post.

    Did you ever got this error while enabling DCC :

    I followed through all the settings as mentioned in this post, but still its throwing this error when I submit the credentials.

    The creds are correct, the scheme is right. Also, the redirect to oamsso-bin/login.pl is working fine. Any help is appreciated.

    Error: error while checking if the resource null is protected or not

    ReplyDelete
  5. did you protect the resource? And do you see any other error in Access manager or web agent logs???

    ReplyDelete
  6. I get this error on the OAM Managed server log:


    Also, the ohs wg logs show :
    "GET /index.html HTTP/1.1" 302 309
    "GET /oamsso-bin/login.pl?resource_url=******
    "GET /favicon.ico HTTP/1.1" 404 194
    "POST /oam/server/auth_cred_submit HTTP/1.1" 200 2806



    Thats all. Nothing more of a error code except OAM-2073.

    ReplyDelete

Other Posts