Step 4: Configure Directory Services and Web Infrastructure

1. Update Oracle Internet Directory (OID)

To enable Single Sign-On (SSO) authentication, configure Oracle Internet Directory (OID) by importing users and groups.

1.1 Connect to Oracle Directory Services Manager (ODSM)

Open the ODSM console: http://test.public.myvcn.oraclevcn.com:7011/odsm
Log in with the Oracle Directory Administrator credentials: Username: cn=orcladmin

1.2 Import a Test User

Create a user using the following user.ldif data:

dn: cn=User01,cn=Users,dc=us,dc=oracle,dc=com
givenname: User01
sn: User01
mail: [email protected]
uid: User01
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: orclUser
objectclass: orclUserV2
cn: User01
orclisenabled: enabled

1.3 Import Test Groups

Import groups using the following groups.ldif data:

dn: cn=OIDBIConsumers,cn=Groups,dc=us,dc=oracle,dc=com
objectclass: groupOfUniqueNames
uniquemember: cn=orcladmin

dn: cn=OIDBIContentAuthors,cn=Groups,dc=us,dc=oracle,dc=com
objectclass: groupOfUniqueNames
uniquemember: cn=orcladmin

dn: cn=OIDBIServiceAdministrator,cn=Groups,dc=us,dc=oracle,dc=com
objectclass: groupOfUniqueNames
uniquemember: cn=orcladmin
uniquemember: cn=User01

Verify that the imported users and groups are correctly visible in OID.

2. Configure Oracle HTTP Server (OHS) with WebGate

Prepare WebGate to protect OBIEE resources and redirect authentication requests.

2.1 Update the mod_wl_ohs.conf File

Access the OHS server and go to: $OHS_HOME/user_projects/domains/ohs/config/fmwconfig/components/OHS/instances/ohs1

Open mod_wl_ohs.conf and replace its contents with the following:

LoadModule weblogic_module "${PRODUCT_HOME}/modules/mod_wl_ohs.so"

<IfModule weblogic_module>
  WLTempDir /tmp

  <Location /analytics>
    SetHandler weblogic-handler
    WebLogicCluster test:9502
  </Location>

  <Location /va>
    SetHandler weblogic-handler
    WebLogicCluster test:9502
  </Location>

  <Location /xmlpserver>
    SetHandler weblogic-handler
    WebLogicCluster test:9502
  </Location>

  WebLogicHost test
  WebLogicPort 9502
  DynamicServerList On
</IfModule>

2.2 Verify Resource Paths

Ensure that additional OBIEE paths (/analytics, /va, /xmlpserver) are properly defined.

3. Deploy WebGate Configuration Files

Install the WebGate configuration generated during OAM agent registration.

3.1 Copy Configuration Files

ObAccessClient.xml From: $OAM_HOME/idm/oam/server/rreg/output/TEST_BI_OAM/ObAccessClient.xml To: webgate/config/ObAccessClient.xml
cwallet.sso From: $OAM_HOME/idm/oam/server/rreg/output/TEST_BI_OAM/wallet/cwallet.sso To: webgate/config/wallet/cwallet.sso

3.2 Verify Permissions

Ensure that the OHS server process has read access to both files.

4. Restart the Oracle HTTP Server (OHS)

Apply the changes by restarting the OHS server.

4.1 Restart the Service

Run the following command:

$OHS_HOME/bin/opmnctl restartproc ias-component=ohs1

4.2 Verify WebGate Activation

After restart, accessing any protected OBIEE URL (e.g., /analytics) should redirect users to Oracle Access Manager (OAM) for authentication.

Notes:

In this guide, we are using the example address http://test.public.myvcn.oraclevcn.com. Replace it with your actual environment URL if different.
Backup the original mod_wl_ohs.conf before making changes.
Verify that server ports (e.g., 9502) correspond to your environment settings.

PreviousStep 3: Register Oracle Access Manager (OAM) in Hideez Enterprise Server (HES)NextStep 5: Configure Oracle Business Intelligence Enterprise Edition (OBIEE) for Single Sign-On (SSO)

Last updated 2 months ago

Was this helpful?