Resources of 11 g 2 exclusive OAM

Similar Questions

• Ondaaah with OAM

  Hello experts

  need for an overview on the work of the Ondaaah with OAM. We have a scenario where the domain controllers are located at geographically different locations in different data centers. Suppose that the OAM is installed in DC 1. Now, when a user in DC 2, she is authenticated by DC in DC 2. When the user tries to access a web resource, the request is routed to OAM in DC 1.

  At this stage, OAM is able to authenticate the user through DC 1 DC? as I am confused which will be so KDC runs in DC 2, DC 1 being able to authenticate domain controller?

  I really appreciate your response.

  Yes, your example would work. Ondaaah installation allows you to specify several KDC in the krb5.conf so file.

• OAM 10 g webgate does not protect my applications

  Hi all

  I'm doing the Setpup OAM. I installed OAM, OHS and webgate successfully. When I try to access the protected resource webgate is not intercept the OAM authentication request. I did the following steps:

  Environment:

  OAM 11.1.1.5.0

  OSH 11.1.1.7.0

  WebGate 10.1.4.3

  The steps I did:

  1 seat 10 g webgate in OAM console.

  2 installed webgate (its an automatic update of Web server).

  3 ObAccessClient.xml file manually copied into the C:\OracleAccessManager\WebComponent\access\oblix\config directory.
  

  Access Tester results are good.

  I'm getting 404 when I try to access the protected resource, if I enable the Deny on unprotected by webgate record and I don't get a 404, if I'm not enable that. But I'm getting the page protected directly without any login page.

  What I'm missing here. Please advice me on this.

  Kind regards

  Deena.

  Please check changes in host name that must include all the variations of the web server, IPs also included.

  Let us know if this helped?

• Integration of OAM (11.1.2.0.0) with the OIF (11.1.1.2.0) and the Protection of resources

  Hi Oracle community!  It's my first post here on the forums, so please bear with me.

  I have a question about the integration between the IOF, acting as an IdP and OAM as the authentication engine.  I'll start with our Setup and the way we protect resources and then finally to deliver my ultimate question.

  First things first:

  We use the OIF 11.1.1.2.0 and OAM 11.1.2.0.0 (looking at upgrading OAM/OIF soon to 11.1.2 patch set 2, so we get full OIF blown in OAM packet and not only the part of MS).

  I essentially was self-taught in the integration of the products and did the best that I can.  We have that in the production running the full blown federations now, so that we know that we are doing something good.  I won't say that we have done is the perfect solution, but it is the way in which we understand how products interact and worked at the time.

  We have OIF, acting as an IdP (without SP yet), configured to use our OAM authentication search engine.  According to the documentation, we read through, when this configuration occurs, when the IOF receives a request to start the process of Federation (/ fed/PDI/initiatesso? providerid = XXXXXX), she sees the user is not authenticated and will forward to the authentication engine.  In our case, this means that we forwards the request to an internal flow in the OIF (/ fed/user/authnoam11g) which crosses the webgate, then check with OAM, if it is a resource that is protected or not.  In OAM, we defined a resource to protect/fed/user/authnoam11g so she who collects and authenticates the user via the policy regime, etc.  Once that ends, she goes back to the OIF to finish the assertion.

  Keep in mind, I'm aware of a lot more of what's going on in the process, but it's the main room that will be the basis of my question.

  So than stated above, we have a single policy protected for all federations from the OIF since "out of the box" OIF doesn't have several URL structures that it will send to OAM based on service provider being accessible.  For me, this is a small problem because I want to perform specific authorization controls in OAM based on the providerid who had been requested to the OIF.  OIF, as far as I know, completely removes the URL of origin that was requested and query parameters (for example providerid) which means that I have little or no information of the initial request to any robust condition checks in the policies of the OAM.

  My question to the community would be:

  Is it possible for the headers of the OIF or query string parameters to be going to OAM via header variables/session variables/etc. and then accessible through licensing of OAM requirements to do solid state audits in order to allow/deny access based on rules?

  A small example:

  I am a customer who asks the following Federation on OIF:

  1. https://oifhost/fed/IDP/initiatesso?ProviderID=partnerAlias GOLD https://oifhost/FED/IDP/samlv20 <-the samlv20 would include a request for authentication with the good provider
  2. IOF receives the request and begins creating processes and the SAML assertion.  It is determined that the user is not authenticated, so OIF will forward to the authentication engine.
  3. OIF transmits to the https://oifhost/fed/user/authnoam11g
  4. OAM protects the url "/ fed/user/authnoam11g" to make the authentication/authorization.
  5. The point of authorization, I want to build conditions that are basically looking for the "providerid" in initial demand to run specific rules to allow/deny cons.  Currently, it is not possible that I know, and that's what I want to know.
  6. Once the authentication/authorization, OAM refers the request to the OIF where he finished the SAML flow and sends the statement to MS.

  In step 5, I would need a mechanism to find the providerid (value of the header, cookie, session, etc.)

  I posted this same question on another blog of Oracle and received a reply that I want to do with the current configuration is not supported.  In order for me to get the desired result, I need to upgrade to patch set 2 of OAM with the fully integrated OIF.

  See response to blog here:

  https://blogs.Oracle.com/dcarru/entry/authorization_in_oif_idp#comments

• No default resource in OAM 11.1.1.5.0 type

  Hi all
  
  I installed OAM 11.1.1.5.0 in my environment. In this console OAM, I only get the default resorce types(HTTP,Wl_athun...) to add resources in
  application domain.
  How to solve this problem. What is the cause of this problem?
  Please suggest me on this as soon as possible. Its very urgent.
  
  Kind regards
  Deena.

  It seems that OAM is not installed correctly. Visit this link I don't find the default resource Type in my console OAM.

• I don't find the default resource Type in my console OAM.

  I'm new in OAM, I configured an OAM - OID environment for development. I want to integrate the Webgate 10 g in OAM 11 g, based on Raj here guide: [The Guide | http://www.freeoraclehelp.com/2011/12/oam-weggate-10g10143-integration-with.html], [The Image | http://1.bp.blogspot.com/-XmVpr0GsavA/Tt53goEbr9I/AAAAAAAACJE/qMN6oMrH9r8/s1600/OAM+Configuration+011.gif], he can see the Types of default resource (HTTP / TokenServiceRP / wl_authen) in the console of the OAM-> Policy Configuration-> shared-> components resource Type , but I can't see all Types of default resources in my OAM console!
  
  Here are the package versions:
  Operating system: Oracle enterprise linux 5.4
  WebLogic 10.3.5
  iam_linux_11.1.1.5.0
  soa_linux_11.1.1.5.0
  
  Can someone help me?

  This may be due to an incomplete installation of OAM. I would say to install and configure OAM even once.

• OAM protect a resource simple .asp

  Hi all
  
  Having a problem with the OAM. Trying to protect a test page /test/test.asp and I'm getting a weird thing. I've set up to allow access to a group, and I have a user in this group with which I am testing. When I use the OAM strategy Tester, it tests always good... ie. If I delete the user, its policy is set to no access when I put him in the group, it is set to Yes.
  
  However, in time real test by accessing the URL, I still get access denied, user in or out of the group.
  
  Why would a discrepancy between the policy and real life Tester test on the url?

  Hello

  There could be two reasons for such a difference-

  (1) the webgate configuration includes a preferred host setting - in most cases, he uses this fact to replace the host Party: port while checking if a URL is protected. This can be mapped to a different host ID and a completely different strategy could be fired when you do the test of real life. Check using any HTTP or the newspaper of webgate tracing tool what URL OAM trying to assess access on?
  (2) the group query cache which built the OAM access server is updated every 10 minutes. This is not configurable. So if you add a user to a group and expect approval on this basis, it would be wise to wait for it for a long time, or if possible, restart the access server before testing.

  -Vinod

• Process of multithreading is it possible that several attempts to use an exclusive resource simultaneously.

  
  
  

• Is work available for the 25 target Exclusive Adele?

  I recently bought the 25 Adele target Exclusive and it imported into my itunes. He had not any illustration of album album work if you click on get and he says that the requested resource was not found. I can't even work of 25 regular.

  If it is not available via iTunes, you can manually add it to the album in your iTunes library yourself: find and save an image of the work, select/highlight the songs in your iTunes library and do "get info" (command I) and on the tab of the work on the popup stick image

• What is going on? Resource not found on the development computer. Error loading VI in lvlib. Load error code 3: could not open the front panel.

  Hello!

  I'm new to libraries of LV and I am compiling my application for the first time with several new lvlib.

  The executable is apparently built without problem, but when I try to run it on the same computer, I get various error messages (4) on the different elements but a single library:

  «LavVIEW: resource not found.»

  "An error occurred loading VI ' LibraryA.lvlib: ItemA.vi '.

  LabVIEW support 3 error code: could not load façade. »

  After that I got the same message for points B, C and D, a final message pops up like this:

  "Missing Subvi LibraryA.lvilib:ItemA.vi in LibraryA.lvilib:CallerX.vi.

  Missing, Subvi LibraryA.lvilib:ItemB.vi in LibraryA.lvilib:CallerX.vi.

  Missing, Subvi LibraryA.lvilib:ItemC.vi in LibraryA.lvilib:CallerX.vi.

  Missing Subvi LibraryA.lvilib:ItemD.vi in LibraryA.lvilib:CallerX.vi. »

  I am not getting any errors for all libraries, so I wonder what is happening.

  So far I have tried:

  -Mass compilation, a few times

  -Check / uncheck 'delete unused library of the project members' and change project after library file removed unused members in the additional Exclusions Page «»

  -Add the screw mentioned in "Still included" in "Source Files".

  When I added the "Always included" screw, I rather got the following (4 times, end to end):

  "The Vi is not executable. The version of LabVIEW full development is necessary to correct the errors. [...]"

  Any other ideas?

  Thank you!

  I have it!

  My problem wasn't a bug compilation of the library at all, but a Scilab Script one.

  The solution can be found here: http://digital.ni.com/public.nsf/allkb/D21F6AC8CFC39E318625756600553B1E

  Thanks for your help, it made me identify!

  Good day!

• OAM questions EBS

  Hello

  I use EBS 12.1.3, I need to use OAM (Oracle Access Manager), the scenario to connect our EBS with Microsoft Active Directory OAM jet, I have a question:

  1. If I do this it means that all users need Microsoft Active Directory ? what happens if I create user does not exist in Microsoft Active Directory?  (how it works in this case of sysadmin).
  2. I can connect as EBS username and password and domain user name and password?
     
  3. All think about any business module if we opt for this solution as iSupplier? where we create the user name of the provider?
     
  4. If I have oracle MAF solution connect with EBS, this open solution work list notification URL, in this case no need for username and password?
  5. All account for electronic signature in this case?

  Thank you

  Hi HaniYS,

  My thoughts/personal suggestions are below.

  I also suggest you look at the blog of Steven Chan as starting point (it is a great resource with lots of pointers to different areas) - https://blogs.oracle.com/stevenChan/entry/oracle_access_manager_11gr2ps2_certified

  1. If I do this mean that all users need Microsoft Active Directory? What happens if I create user does not exist in Microsoft Active Directory?  (sysadmin how it works in this case).

  -Please note that you can have different profiles of configuration according to your needs. For Sysadmin, there is a local user and administrator authentication is processed locally within the EBS. You are going to control this optional profile Applications SSO Login Types and will be the connection by using the url AppsLocalLogin.jsp

  2. I can connect as EBS username and password and domain user name and password?

  -My personal opinion is that this is not a suggested means to keep these two avenues open. How more you open, there are several security issues that you need to worry. However, you can define the profile of the SSO Applications Login Types to the user level to achieve this. But you must use different URLS. AppsLocalLogin.jsp will be for local authentication. The Gateway URL will be your domain user access.

  3. all think about any business module if we opt for this solution as iSupplier? where we create the user name of the provider?

  -You can implement isupplier and have an external webnode and should be able to configure to manage authentication locally.

  4. If I have oracle MAF solution connect with EBS, this open solution work list notification URL, in this case no need for username and password?

  -I suggest you examine Oracle E-Business Suite Mobile Apps frequently asked Questions (FAQ) (Doc ID 2064887.1)

  Thank you

  Chandra

• MS Facebook OAuth OAM

  Hello guys,.

  
  

  I try to incorporate MS OAM on Facebook here. Here are the configurations made by me:
  

  1. created an application in FB to generate a consumer key and Consumer Secret @ https://developers.facebook.com/apps

  2 basic information of the specified application "application areas" such as example.com

  3 added a website with site as platform http://oam.example.com:14100

  4 copied 'App ID' and «App Secret»

  5. the side OAM, update the profile of the identity provider Internet for FB by specifying 'Consumer Key' and 'Consumer Secret' with 'App ID' and 'App Secret' retrieved from #4

  6.

  (a) using OAMApplication as application profile

  (b) OAMServiceProviderInterface used as a 'Service Provider Interface.

  (c) Facebook selected as 'Application user attribute Vs Internet Identity Provider user attributes mapping'

  (d) in the properties of Application Profile adds the property 'colocated.oam' with value 'true' and 'oic.app.idp.oauth.token' as 'true '.

  7. protect an app with webgate OOTB OICScheme.

  8 activate "Mobile and social services" form Configuration-> Service system

  9 configure WebLogic Server for compatibility Facebook identity provider

  (a) open the WebLogic Console.

  http://host/console

  (b) select domain > environment > servers > managed server.

  (c) click on the SSL tab, and then click Advanced.

  (d) Click Lock and change the configuration.

  (e) change the hostname on any auditor.

  (f) restart the managed server.

  Question:

  1. access to the resource protected by OICScheme

  2. click on Facebook

  An error page is thrown on the popup with below exception on the managed server:

  
  

  Caused by: oracle.security.idaas.rp.RPException: java.lang.ClassNotFoundException: oracle.security.idaas.rp.oauth.provider.FacebookImpl

  at oracle.security.idaas.rp.provider.IdentityProviderFactory.getInstance(IdentityProviderFactory.java:76)

  at oracle.security.idaas.rp.provider.RPProtocolHandlerImpl.invokeAuthnRequest(RPProtocolHandlerImpl.java:81)

  at oracle.security.idaas.rp.RPInitServlet.processRequest(RPInitServlet.java:224)

  at oracle.security.idaas.rp.RPInitServlet.doGet(RPInitServlet.java:251)

  at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)

  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)

  to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)

  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)

  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)

  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)

  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

  to oracle.security.jps.ee.http.JpsAbsFilter$ 1.run(JpsAbsFilter.java:119)

  at java.security.AccessController.doPrivileged (Native Method)

  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)

  at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:460)

  at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)

  at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)

  at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)

  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

  at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.doFilter(OAMServletAuthenticationFilter.java:265)

  at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilter(OAMValidationSystemFilter.java:133)

  at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentWrapperFilter.java:120)

  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

  at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:163)

  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

  to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.wrapRun (WebAppServletContext.java:3730)

  to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.run (WebAppServletContext.java:3696)

  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)

  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)

  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)

  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)

  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)

  at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

  Caused by: java.lang.ClassNotFoundException: oracle.security.idaas.rp.oauth.provider.FacebookImpl

  in java.net.URLClassLoader$ 1.run(URLClassLoader.java:366)

  in java.net.URLClassLoader$ 1.run(URLClassLoader.java:355)

  at java.security.AccessController.doPrivileged (Native Method)

  at java.net.URLClassLoader.findClass(URLClassLoader.java:354)

  at java.lang.ClassLoader.loadClass(ClassLoader.java:423)

  at java.lang.ClassLoader.loadClass(ClassLoader.java:356)

  at oracle.security.idaas.common.util.OICClassManager.loadClass(OICClassManager.java:193)

  at oracle.security.idaas.common.util.OICClassManager.reloadClass(OICClassManager.java:183)

  at oracle.security.idaas.rp.provider.IdentityProviderFactory.getProvider(IdentityProviderFactory.java:122)

  at oracle.security.idaas.rp.provider.IdentityProviderFactory.getInstance(IdentityProviderFactory.java:73)

  at oracle.security.idaas.rp.provider.RPProtocolHandlerImpl.invokeAuthnRequest(RPProtocolHandlerImpl.java:81)

  at oracle.security.idaas.rp.RPInitServlet.processRequest(RPInitServlet.java:224)

  at oracle.security.idaas.rp.RPInitServlet.doGet(RPInitServlet.java:251)

  at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)

  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)

  to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)

  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)

  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)

  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)

  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

  to oracle.security.jps.ee.http.JpsAbsFilter$ 1.run(JpsAbsFilter.java:119)

  at java.security.AccessController.doPrivileged (Native Method)

  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)

  at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:460)

  at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)

  at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)

  at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)

  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

  at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.doFilter(OAMServletAuthenticationFilter.java:265)

  at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilter(OAMValidationSystemFilter.java:133)

  at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentWrapperFilter.java:120)

  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

  at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:163)

  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

  to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.wrapRun (WebAppServletContext.java:3730)

  to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.run (WebAppServletContext.java:3696)

  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)

  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)

  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)

  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)

  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)

  at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

  >

  So, we finally got to do the integration. The trick here is, Facebook stopped mail as part of their response to attribute.

• forgotpassword OAM oim integration page does not

  Hello

  We have integrated OAM - IOM (11.1.2.2) a problem where forgotpassword page don't showup. When we reached the forgotpassword link it goes to http://< ohs_host >: < ohs_port > / identity/faces/forgotpassword , but what we see is a wheel that turns and that the page does not showup. Now, if connect us to IOM and then hit that url page comes up fine resembles a kind of politics of the OAM for IOM. Here's what we have in the tab "resources" OAM.

  

  Any idea on what could be missing or misconfigured.

  Thank you

  Got it understood problem was with the footer I protected this is why self-service pages were not working. So I have to revert back the changes and applied appropriate security level everything works fine.

  Thank you

• For OAM WebGate

  I installed 11.1.2 for 11.1.2 OAM Webgate and ran into a problem. I uninstalled and reinstalled(webgate/webcache).

  I use this doc-installation and configuration of server of HTTP in Oracle 11 g WebGate in OAM-11 g Release 2 (11.1.2.2.0)

  and in this section 2.6.1.4 uses the Mode Out-Of-Band.

  In political OAM Configuration host identifiers, I have some host identifiers that I would like to get rid of. How to manually remove these?

  When I try to remove them within the OAM, it tells me "host ID cannot be deleted. (Referred to in a resource). »

  I currently have 4.

  I would like to run the Mode Out-Of-Band with no host identifiers, so I don't have any problems.

  Any recommendations would be appreciated.

  Thank you

  To remove a host identifier, you must separate them all the resources protected by them. Check the areas of application and to identify the resources that are related to this host-ID. Remove from the protected/auth/az public policy. Once that is done, try to delete the host identifier

• OAM WebCenter application protect not

  Hi all

  We execute integration webcenter OAM and trying to access the URL webcenter, we receive the found Web page.

  Details of the environment:

  OAM 11.1.2.2.0

  OSH 11.1.1.7

  OAM 11 g webgate

  I did following steps:

  Installation and deployed OAM 11 g webgate on host of OSH.

  Registered OAM 11 g webgate band oamreg.sh mode

  Copied the file to the host of the OHS artifacts.

  Components present in OAM:

  OAM agent = DEV_OAM_AGT1_11GR2

  Identifier of the host = DEV_OHS1_11GR2 by the name of RREG_OHS1_11GR2 but without port.

  Application domain = DEV_TEST_OAM11GR2 where I come from URL to be protected under the protected in the authentication policy resources policy

  Ex: /testportal.dev/**

  /testportal.dev/.../*

  I'm not found when Web page to access the protected resource.

  Did I miss something?  Please advice.

  Thank you

  Rahul

  For the OHS server redirect queries to OAM you add entries in conf files. For example, if you have access to a resource/CS using the URL of the OHS, then you make an entry in the OSH conf files. This essentially serves as a proxy. In the example when access you the url http://ohsserver or a port for dns entry: /cs first OHS server routes the request to OAM for authentication then it redirects to the weblogic HOST mentioned below. In this case, the host of weblogic will host of webcenter. Without this entry how server OHS know what model of resource, it must protect and where to redirect to after authentication.

  NameVirtualHost *: 80

  ServerName XXXXXXXXXX

  RewriteEngine on

  RewriteOptions inherit

  UseCanonicalName on

  #resources

  SetHandler weblogic-Manager

  WebLogicHost XXXXXXXXXX

  WebLogicPort 16200

  http://docs.Oracle.com/CD/E21764_01/WebCenter.1111/e12405/wcadm_app_http.htm

  Example B - 1 WebCenter spaces - sample mod_wl_ohs.conf file

  # WebCenter Spaces  SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8888   SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8888   SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8888   SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8888  # Discussions  SetHandler weblogic-handler WeblogicHost discuss.example.com WeblogicPort 8890  # SES Search  SetHandler weblogic-handler WeblogicHost ses.examplet.com WeblogicPort 7777   SetHandler weblogic-handler WeblogicHost ses.example.com WeblogicPort 7777  # Portlets  SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8889   SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8889  # Personalization  SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8891  # Activity Graph  SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8891  # UCM # Web server context root for Oracle Content Server  SetHandler weblogic-handler WeblogicHost ucm.example.com WeblogicPort 16200  # Enables Oracle Content Server authentication  SetHandler weblogic-handler WeblogicHost ucm.example.com  # Same as /cs entry WeblogicPort 16200            # Same as /css entry  # SAML SSO > SetHandler weblogic-handler WeblogicHost ucm.example.com WeblogicPort 16200  # BPEL Server  SetHandler weblogic-handler WeblogicHost soa.example.com WeblogicPort 8001  # Virtual Hosts - Pagelet Producer  ServerName pagelet-producer.example.com  SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8889   # Virtual Hosts - Sharepoint  ServerName webtier-spaces.example.com  SetHandler weblogic-handler WeblogicHost webcenter.example.com WeblogicPort 8888   Deny from all   Deny from all   Deny from all