Thursday, July 24, 2014

No agent key entry found due to JPS config error or wallet file does not exist or contains no agent key: OAM 11g Access SDK Error Solution

This is the error that usually occurs when you are trying to run OAM Access SDK in 11g Compatibility Mode, during Access client initialization.

ac = AccessClient.createDefaultInstance(m_configLocation, AccessClient.CompatibilityMode.OAM_11G);


Following is the error that we see :



oracle.security.am.asdk.AccessException: OAMAGENT-02081: No agent key entry found due to JPS config error or wallet file does not exist or contains no agent key.
        at oracle.security.am.asdk.impl.Configuration.readAgentKey(Configuration.java:249)
        at oracle.security.am.asdk.AccessClient.initialize(AccessClient.java:1365)
        at oracle.security.am.asdk.AccessClient.(AccessClient.java:928)

Solution: 

Reason 1:

Verify location in jps-config.xml

Usually default location may not work in all application servers. Use below tag if you are facing problem.

   <serviceInstances> 
      <serviceInstance provider="credstoressp" name="credstore"> 
         <property value="C:/Oracle/AccessSDK/config/bootstrap/cwallet.sso" name="location"/> 
      </serviceInstance> 
   </serviceInstances> 

Reason 2: 

Path for cwallet.sso file in jps-config.xml file should be correct.

  <serviceInstance provider="credstoressp" name="credstore"> 
         <property value="C:/Oracle/AccessSDK/config/bootstrap/cwallet.sso" name="location"/> 
      </serviceInstance> 
      
Reason 3: 

Create a agent name with "webgate11g" and try using exactly same cwallet.sso file





Thanks !!!

Thursday, July 17, 2014

Unsolicited Login OAM

Unsolicited Login OAM


Unsolicited Login is used when we want to authenticate user without any request_id or resource.
  • We need only username, password and successURL for unsolicited login.
  • If we are doing unsolicited login OAM will use default domain IAMSuite.
  • We post username, password and successURL action to http://OAMHost:Port/oam/server/authentication.
  • Once user successfully logged in, it will redirect user to successURL.
  • Only Post will supported, GET and DELETE won’t be supported.
Implementation:
Navigate to oam-config.xml located in C:\Oracle\Middleware\user_projects\domains\base_domain\config\fmwconfig and edit following property.
DirectAuthenticationServiceDescriptor  to true
Restart both Admin and managed servers.
Example Unsolicited Login Form:


<form id="loginForm" name="loginForm" action="http://CHINNI-PC:14100/oam/server/authentication" method="post" hidden="true" >
<input id="username" type="text" name="username" />
<input id="password" type="password" name="password" />
<input id="successurl" type="text" name="successurl" value="http://chinni-pc:7777/"/>
<input type="submit" value="submit" />
</form>


Once user logs in, user will be redirected to successurl.

Thursday, July 3, 2014

JDK Installation in Linux

JDK Installation in Linux
Download JDK rpm from below link:
Steps:
  1. Copy jdk-6u43-linux-rpm.bin to softwares folder under opt
  2. Provide required permissions on that file chmod 775 jdk-6u43-linux-rpm.bin using root
  3. Run ./jdk-6u43-linux-rpm.bin




  1. Press Enter
  1. By default java will be installed under /usr/java
  2. To check java version use java –version
  3. To change java version to present version do following steps
    1. Provide required permission on /opt/oracle folder
    2. Copy java to required folder using cp -R /usr/java /opt/oracle/
    1. Run following steps
      1. echo 'export JAVA_HOME=/opt/oracle/java/jdk1.6.0_43' > /etc/profile.d/jdk.sh
      2. echo 'export PATH=$JAVA_HOME/bin:$PATH' >> /etc/profile.d/jdk.sh
      3. source /etc/profile.d/jdk.sh
      4. java –version




Apache Web Server File based User Authentication


In this post we are going to cover file based authentication in Apache WebServer. In this user id and password can be stored in files and Webserver is going authenticate user for particular directory.

mod_auth_basic and mod_authn_file modules need to be loaded in httpd.conf file to make this work.

1) Add location tag (in httpd.conf) which you want to protect with following parameters.


< location /protected >
AuthType basic
AuthName "private area"
AuthBasicProvider file
AuthUserFile /var/authlist
Require valid-user< /location >


2) Create file specified above using following command.

cd /var

htpasswd -c authlist username1

Enter password and confirmation password for username1 which will be stored in authlist file in encrypted format.

3) To add new user use the command.

htpasswd authlist chinni





How to Remove users from Authentication? 

To remove user from the open authlist file and remove the userid and password.




Thanks !!! 

Other Posts