README.html revision b93185b577f7150fec37f9999b95b246d73bf63c
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk<h1><small><span style="font-weight: bold;">OpenAM
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkIntegration with Oracle OpenAM</span></small><br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster===============================================================================<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkThis README explains the OpenAM SSO
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterIntegration with Oracle Access Manager (OAM) previously known as Oblix.
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkbe read in the context of OpenAM Integration Document
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterwhere the use cases, possible integrations and configurations are
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterdescribed in detail.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterThis README explains the custom codes for e.g. Authentication
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterModules, compilation instructions and the configuration of the
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkauth modules for OpenAM context. The OpenAM custom
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterauthentication enables the SSO integration between legacy OAM and
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkOpenAM especially when the
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterdeployment contains OAM for protecting existing applications.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster1. Pre-requisites :<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster==========<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster1. opensso.zip - This zip file contains all
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterthe integration souce code, configuration files and ofcourse this
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster2. Oracle Access Manager 10g (10.1.4.0.1) - The Oracle
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterAccess Manager must be installed and configured. For more details,
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostercheck the<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster Oracle Access Manager Documenation. You can download
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterWeb site for evaluation.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster3. Oracle Access Manager SDK
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster10g(10.1.4.0.1) - The Oracle Access Manager SDK
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostermust be installed and configured. The SDK is required to compile and
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk build OpenAM Authentication
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterModules for Oracle Access Manager. <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster4. Oracle Web Gate installed and configured.<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk5. OpenAM C-SDK 2.2<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster2. Brief Description of Contents:<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster======================<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterThe opensso/integrations directory contains source and configurations
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterto compile and build the custom authentication modules and other
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterplugins.
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkCheck the OpenAM integration document for your use case and
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterconfigure accordingly. This document provides instructions on how to
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterconfigure authentication modules<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterThe opensso.zip contains "opensso/integrations/oracle" directory
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterwhere the source code and configurations are in place..<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterbuild.xml - This file is a build script for building <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterconfig - This directory contains auth module configuration files.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterOblixAuthService.xml - This is OAM auth
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkmodule configuration file that must be imported into OpenAM<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterOblixAuthModule.xml - This file is used for auth
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostercall backs for theOAM Auth module it is empty. However, the
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterfile must be used.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterOblixAuth.properties - This file is a
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterproperties file that stores i18n keys for OAM authentication
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostermodule configuration lables.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterlib - This directory is by default empty . However, this lib directory
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostermust contain all the necessary libraries to compile the source
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterlibraries. They are:<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster jobaccess.jar (Oracle
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkOpenAM SDK jar file)<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster openfedlib.jar,
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkamserver.jar, opensso-sharedlib.jar (OpenAM jar files)<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster servlet .jar file (If
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostersource - This directory contains all the source files<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostercom/sun/identity/authentication/oblix/OAMAuthModule.java <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostercom/sun/identity/authentication/oblix/OAMPrincipal.java<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster The above java source
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterfiles are the custom authentication module classes that would be
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkplugged into OpenAM for generating OpenAM Session by<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster using OAM session.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostercom/sun/identity/saml2/plugins/OAMAdapter.java - This class is a
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterSAML2 Plugin Adapter for SAML service providers to do the remote
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterauthentication to<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk Oracle OpenAM using OpenAM
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkEssentially these java files are used for usecase2 in OpenAM
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterdocument.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosteroamauth- This directory contains source files for OAM Auth
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkScheme for OpenAM. This is a C-based auth module and
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkleverages OpenAM C-SDK for validation.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster oam/solaris/authn_api.c- This file
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkimplements OAM custom authentication for OpenAM.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster oam/solaris/include/*.h - All the
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterheader files that are required to compile auth scheme.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster oam/solaris/AMAgent.properties -
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkSample OpenAM Agent Configuration file. This is required for the auth
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkscheme to validate OpenAM session.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster3: How to build:<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster===========<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk1. Make sure all the Oracle Access Manager libraries and OpenAM
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterpresent in lib directory as mentioned above.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster2. Use "ant" script to build the source files. A compatible
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterant must be installed and configured in the PATH.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster3. cd $openssozipdir/integrations/oracle and type ant. This
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostershould build all the source files and generates fam_oam_integration.jar
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster$openssozipdir/integrations/oracle/dist directory. <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterFor building OAM authentication scheme, you must customize the
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostermakefile. Also since this is C-based auth module, it is OS dependent.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster1. The auth scheme files are located under
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster$openssozipdir/integrations/oracle/oamauth/solaris<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk2. Download and configure OpenAM C-SDK 2.2 version. The authn_api.c
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostercontains a reference to AMAgent.propeties file , so modify accordingly.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster3. Customize makefile for your environment for e.g. gcc compile
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenklocation. Also edit the LDFLAGS to point to your OpenAM C-SDK lib
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterdirectory.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster4. make command should result in authn_api.so file.<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk4. OpenAM Installation and Configuration with OAM AuthModule:<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster==============================================<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster1. Create a temporary directory for e.g. /export/tmp and unwar
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterthe opensso.war using jar -xvf opensso.war. <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster From now on, /export/tmp is called as a war staging
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterarea and is represented with a marco $WAR_DIR <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster$openssozipdir/integrations/oracle/dist/fam_oam_integration.jar to
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster3. Copy $openssozipdir/integrations/oracle/config/OblixAuth.properties
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster4. Copy $openssozipdir/integrations/oracle/config/OAMAuthModule.xml
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterto $WAR_DIR/config/auth/default and also to the directory<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster5. Re-war opensso.war using jar cvf opensso.war from $WAR_DIR<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk6. Deploy opensso.war onto OpenAM web container. The deployment is
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterexplanatory. Please check the web container documentation for war<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterdeployment.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster7. Access the deployed opensso directory <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster8. Accessing deployed application redirects to opensso configurator.
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkChoose custom configuration. By default OpenAM uses embedded directory<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterserver for configuration, however, you could choose to use existing or
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostera new directory server instance for configuration. <br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkNote: The OpenAM can be configured to use various
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosteruser repository for validating the user existance, however, you could
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosteralso choose to ignore profile. <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster9. After successful configuration, the configuration redirects to a
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosteruser login and verify your administrator credentials. <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster5. OAM Auth module configuration:<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster========================<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterNow we have to load the OAM authentication module service
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterinto Open SSO and configure for the SSO integration. The auth
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostermodule service<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkis loaded from a OpenAM command line utility called as "ssoadm". For
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterthe ssoadm utitily is exposed in both console mode and browser based<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkinterfaces. Here we will use use browser based ssoadm for OpenAM
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterconfiguration changes.<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk1. Login into OpenAM using amadmin<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster2. Now access the following URL<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterhttp://<host>:<port>/opensso/ssoadm.jsp<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster3. Choose create-service option. <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster4. Copy and paste the xml file from
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster$openssozipdir/integrations/oracle/config/OblixAuthService.xml and
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkThis will load the auth module service into OpenAM configuration.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster5. Register the auth module into the authentication core framework. <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterhttp://<host>:<port>/opensso/ssoadm.jsp<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterChoose register-auth-module option.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterEnter "com.sun.identity.authentication.oblix.OAMAuthModule" as the
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterauth module class name.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster6. Now verify that the auth module is registered to the default realm.
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterhttp://<host>:<port>/opensso, click on default realm, and
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster"authentication" tab, create new AuthModule as "OblixAuth" and choose
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterOblixAuthModule<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster7. Click on OblixAuth auth module<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster8. Most of the Oblix Auth params are self explanatory. This requires
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterOAM SDK directory and make sure that ObAccessClient.xml
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster(located under $OAMSDK/<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster oblix/lib) is configured properly. For details on Oracle
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkOpenAM SDK, check the Oracle Documentation<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster6. OAM Auth Module Testing:<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster====================<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterThe testing of OAM auth module assumes that Oracle Access Manager SDK
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterinstalled and configured. <br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster1. Set the LD_LIBRARY_PATH for loading Oblix SDK libraries.They
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterare located under $OAM_SDK_INSTALL/oblix/lib<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk2. Restart the OpenAM web container with LD_LIBRARY_PATH set and make
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostersure that container is loaded with these Oblix SDK shared libs.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster3. Now access the Oblix protected application and login with
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterOblix configured user to establish ObSessionCookie. The configuration<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterof oblix policy and authentication schemes are outside scope of
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterthis documentation and please check Oracle Access Manager documentation
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterfor more <br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkinformation. Also, check the OpenAM integration guide for sample
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterconfiguration.<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk4. By default OpenAM authentication framework looks for user profile
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterexistance in it's known data repositories. However, you could use
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterignoreProfile<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosteroption if your integration does not require a user to be searched from
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkOblix's user repository. Check the OpenAM documentation for more info<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterabout ignoreProfile/dynamic profile creation option.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterAdmin Console -> Configuration -> Global -> Authentication
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster-> Core -> User Profile required : Change it to dynamic or
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterignored option<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkif the repository of Oracle Access Manager is not same as OpenAM.<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk5. After successful authentication at Oracle OpenAM, access the
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterauth module url as follows:<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterhttp://<host>:<port>/opensso/UI/Login?module=OblixAuth<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkThis should provide a valid OpenAM session.<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkNote: Assumption here is that OAM and OpenAM are in the same
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterphysical domain. <br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkBy default OpenAM authentication framework looks for user profile
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterexistance in it's known data repositories. However, you could use
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterignoreProfile<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosteroption if your integration does not require a user to be searched from
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkOracle Access Manager's user repository. Check the OpenAM documentation<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterfor more info about ignoreProfile option.<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenk7. Installation of OAM AuthScheme into Oracle OpenAM:<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster=========================================<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterThis section is for a use case where the OAM session needs to be
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkgenerated upon validating OpenAM session. Check the integration
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterdocument for<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosteruse case descriptions. The OAM Auth Schemes are exposed as C Auth
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkmodules and this auth scheme uses OpenAM C-SDK 2.2 version to validate<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkOpenAM Session.<br>
b93185b577f7150fec37f9999b95b246d73bf63cjeff.schenkThe OpenAM Auth Scheme in OAM uses a configuration OpenAM client side
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterconfiguration in AMAgent.properties and this must need to be customized<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterbefore configuring the auth module. The build instructions specify the
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterlocation of this file.<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan FosterThe compiled authn_api.so and other C-SDK libraries must need to be
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fostercopied to $OAM_INSTALL_DIR/access/oblix/lib before configuring the<br>
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Foster Auth Scheme. The integration guide shows a sample screen shot how
4fe4e4f798a84a46e567f64ceadd3648eb0582d4Allan Fosterto configure the Oracle Auth Scheme.<br>