Step 2: Configure the Service Provider — Oracle Access Manager (OAM)
Configure the Service Provider — Oracle Access Manager (OAM)
Oracle Access Manager (OAM) will be configured through its web-based management console, referred to as the OAM Console.
You can access it via the following URL (example):
http://test.public.myvcn.oraclevcn.com:7001/oamconsole
To log in, use the WebLogic administrator account (default username: weblogic) and the password provided during installation.
1. Enable Federation Services
In the OAM Console, go to Configuration > Available Services
Click the "Enable Service" button next to Identity Federation
Make sure the service status changes to "Enabled"
2. Configure HTTPS settings
Navigate to Configuration > Settings > Access Manager
Update the required HTTPS parameters according to your environment (refer to the relevant configuration screenshot, if available)
3. Configure Federation Settings and Export Metadata
Go to Configuration > Settings > Federation
Update the federation parameters as shown in the screenshot
Click "Export SAML 2.0 Metadata…" and save the file
4. Create Oracle Internet Directory (OID) Identity Store
Navigate to Configuration > User Identity Stores
This store will be used to authenticate and authorize users in Oracle Business Intelligence Enterprise Edition (OBIEE).
Click "Create" and provide the necessary connection details for Oracle Internet Directory (OID)
5. Create SAML 2.0 Service Provider
Go to Federation > Service Provider Management
Click "Create" and fill in the required fields
Click "Browse" and select the IdP metadata file downloaded from HES
Click "Authentication Scheme and Module" to finalize the configuration
6. Create OAM Agent and Application Domain for OBIEE
Open an SSH session to the OAM host
Navigate to the following directory:
$OAM_HOME/idm/oam/server/rreg/inputCreate a file named
bi_sso.xmlwith the required configuration (provided in the next section)
<OAM11GRegRequest>
<serverAddress>http://test.public.myvcn.oraclevcn.com:7001</serverAddress>
<hostIdentifier>TEST_BI_HostId</hostIdentifier>
<agentName>TEST_BI_OAM</agentName>
<agentBaseUrl>http://test.public.myvcn.oraclevcn.com:7777</agentBaseUrl>
<applicationDomain>TEST_BI_OAM</applicationDomain>
<security>open</security>
<logOutUrls>
<url>/analytics/saw.dll?Logoff</url>
</logOutUrls>
<protectedResourcesList>
<resource>/aps/SmartView/**</resource>
<resource>/aps/SmartView/*</resource>
<resource>/cds/**</resource>
<resource>/cds/*</resource>
<resource>/va/**</resource>
<resource>/va*</resource>
<resource>/dv/**</resource>
<resource>/dv*</resource>
<resource>/mobile/.../*</resource>
<resource>/mobile/**</resource>
<resource>/mobile*</resource>
<resource>/bisearch/**</resource>
<resource>/bisearch*</resource>
<resource>/bicomposer/**</resource>
<resource>/bicomposer*</resource>
<resource>/mapviewer/mcsadmin/**</resource>
<resource>/mapviewer/mcsadmin*</resource>
<resource>/mapviewer/mapadmin/**</resource>
<resource>/mapviewer/mapadmin*</resource>
<resource>/mapviewer/console/**</resource>
<resource>/mapviewer/console*</resource>
<resource>/mapviewer/**</resource>
<resource>/mapviewer*</resource>
<resource>/xmlpserver/**</resource>
<resource>/xmlpserver*</resource>
<resource>/bicontent/**</resource>
<resource>/bicontent*</resource>
<resource>/analytics/jbips/**</resource>
<resource>/analytics/jbips*</resource>
<resource>/analytics/saw.dll/**</resource>
<resource>/analytics/saw.dll*</resource>
</protectedResourcesList>
<publicResourcesList>
<resource>/essbase-webservices/**</resource>
<resource>/essbase-webservices/*</resource>
<resource>/essbase/agent/**</resource>
<resource>/essbase/agent/*</resource>
<resource>/aps/Essbase/**</resource>
<resource>/aps/Essbase/*</resource>
<resource>/mapviewer/wmts/**</resource>
<resource>/mapviewer/wmts/*</resource>
<resource>/mapviewer/wms/**</resource>
<resource>/mapviewer/wms/*</resource>
<resource>/mapviewer/mcserver/**</resource>
<resource>/mapviewer/mcserver/*</resource>
<resource>/mapviewer/foi/**</resource>
<resource>/mapviewer/foi/*</resource>
<resource>/mapviewer/dataserver/**</resource>
<resource>/mapviewer/dataserver/*</resource>
<resource>/aps/JAPI/**</resource>
<resource>/aps/JAPI/*</resource>
<resource>/aps/**</resource>
<resource>/aps/*</resource>
<resource>/analytics-ws/saw.dll/**</resource>
<resource>/analytics-ws/saw.dll/*</resource>
<resource>/analytics/**</resource>
<resource>/analytics/*</resource>
</publicResourcesList>
<excludedResourcesList>
<resource>/biservices</resource>
<resource>/analytics-bi-adf</resource>
<resource>/xmlpserver/Guest</resource>
<resource>/xmlpserver/ReportTemplateService.xls</resource>
<resource>/xmlpserver/report_service</resource>
<resource>/xmlpserver/services</resource>
<resource>/analytics/saw.dll/wsdl</resource>
<resource>/analytics-ws</resource>
<resource>/ws/.../*</resource>
<resource>/wsm-pm</resource>
<resource>/wsm-pm/.../*</resource>
</excludedResourcesList>
<protectedAuthnScheme>HidFederationScheme</protectedAuthnScheme>
<userDefinedParameters>
<userDefinedParam>
<name>SSLVerfifyHostname</name>
<value>false</value>
</userDefinedParam>
<userDefinedParam>
<name>SSLVerifyPeerCert</name>
<value>false</value>
</userDefinedParam>
</userDefinedParameters>
</OAM11GRegRequest>
7. Register Oracle Access Manager (OAM) in Hideez Enterprise Server (HES)
After you export the SAML 2.0 metadata from Oracle Access Manager (OAM), you need to create a corresponding Service Provider (SP) entry in the Hideez Enterprise Server (HES) to establish a trust relationship.
Follow these steps:
Log in to the Hideez Enterprise Server (HES) as an administrator.
Navigate to Settings > Parameters in the left panel.
Click on the SAML widget in the right panel.
Click the "Add Service Provider" button.
Upload the SAML 2.0 metadata file that was previously exported from OAM.
Provide any additional required configuration details if prompted.
Save the new Service Provider configuration.
Last updated
Was this helpful?