Dashboard > ESOE Users > Home > Integrating ESOE with Oracle Single Sign-On
  ESOE Users Log In   View a printable version of the current page.  
  Integrating ESOE with Oracle Single Sign-On
 Browse Space
Added by Shaun Mangelsdorf, last edited by Shaun Mangelsdorf on Nov 21, 2007  (view change)
Labels: 
(None)

IMPORTANT This document refers to an old version of the SPEP libraries, as the newer build has not been successfully tested with Oracle SSO.
The distribution files related to this document can be found at http://esoeproject.org/releases/0.4/java4/

Note

It is important that the SPEP war be deployed in the same container as Oracle SSO, as the SPEP filter relies on cross context communication to operate.

Download the SPEP archive

Download the spep.tar.gz and spepfilter.tar.gz files for your version of Java from the Downloads page, and extract to a temporary folder. This will create the files spep.config spep-endorsed.tar.gz spep-shared.tar.gz spep.war and the SPEP filter jar file for use during installation.

Preparing SPEP data directory

Make the following directories under $ORACLE_HOME

spep spep/lib spep/config spep/logging

Installing shared libraries

Extract the spep-shared.tar.gz archive from the distribution into $ORACLE_HOME/spep/lib

Installing endorsed libraries
Under $ORACLE_HOME/jdk/jre/lib ensure that a directory called endorsed exists. If not, create it. Then extract the spep-endorsed.tar.gz archive from the distribution into $ORACLE_HOME/jdk/jre/lib/endorsed

Performing SPEP configuration

Set up the SPEP according to the SPEP Registration section of Java SPEP Installation Guide. Copy your spep.config file to $ORACLE_HOME/spep/config/

Adding the shared library directory

In the Oracle Enterprise Manager admin control webpage, select the container for Oracle SSO (OC4J_SECURITY) and navigate to the Applications page.

Follow the link to the default application. Usually this is called "default". Down the bottom under Administration click the General link under the Properties header.

Add a new library path and point this at the SPEP library directory created in step 1. In a default installation this can be "../../../spep/lib"

Configuring Java VM arguments

Navigate to the Administration page for the OC4J_SECURITY container. Scroll down to the section labelled "Command Line Options" and add the following options (on the same line, seperated by spaces):

-Dspep.data=$ORACLE_HOME/spep
-Djavax.xml.validation.SchemaFactory:http://www.w3.org/2001/XMLSchema=org.apache.xerces.jaxp.validation.XMLSchemaFactory
-Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser
-Djavax.xml.transform.TransformerFactory=org.apache.xalan.processor.TransformerFactoryImpl

Note that you will need the absolute path to $ORACLE_HOME for the spep.data property, not the shell variable.

Deploying the SPEP webapp

Navigate back to the Applications page for the OC4J_SECURITY container. Click the "Deploy WAR file" link and proceed to deploy the spep.war file from the distribution.

Filtering the Oracle SSO URL

[oraas@oraashost ~]$ cd $ORACLE_HOME/j2ee/OC4J_SECURITY/applications/sso/web/WEB-INF
[oraas@oraashost WEB-INF]$ cp /path/to/spepfilter.jar ./lib/

Edit web.xml in this directory and add the following:

<filter>
        <filter-name>spep-filter</filter-name>
        <filter-class>com.qut.middleware.spep.filter.SPEPFilter</filter-class>

        <init-param>
                <param-name>spep-context</param-name>
                <param-value>/spep</param-value>
        </init-param>
</filter>
<filter-mapping>
        <filter-name>spep-filter</filter-name>
        <url-pattern>/auth</url-pattern>
</filter-mapping>

Change to the directory $ORACLE_HOME/j2ee/OC4J_SECURITY/applications/sso/web/META-INF.

Edit context.xml there to add the attribute crossContext="true" to the Context element. If the META-INF directory or the context.xml file do not exist, create them, and give the context.xml file the following content:

<?xml version="1.0" encoding="UTF-8"?>
<Context path="/sso" crossContext="true">
  <WatchedResource>WEB-INF/web.xml</WatchedResource>
  <WatchedResource>META-INF/context.xml</WatchedResource>
</Context>

Installing the Oracle SSO plugin

Download the Oracle SSO Integrator tarball from http://esoeproject.org/releases/current/java4/oraclessointegrator.tar.gz and extract it into $ORACLE_HOME/sso/plugin/

Edit the file $ORACLE_HOME/sso/plugin/com/qut/middleware/spep/integrators/oracle/spep.oraclesso.properties and ensure that the SPEP attributes name is set to the name that the SPEP filter gives to the attribute map in a session (by default this is "attributes"). Also, set the user identifier attribute value to the name of the attribute that you want to be passed to Oracle SSO.
Site running on a free Atlassian Confluence Open Source Project License granted to Enterprise Sign On Engine (ESOE). Evaluate Confluence today.
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.5.5 Build:#811 Jul 25, 2007) - Bug/feature request - Contact Administrators