Installation guide
Deploying the Integrated SSO Solution
Chapter 5 Single Sign-on Solution for Oracle Application Servers 133
3. Run
ssonete.sql
on the first computer to configure Login Server to operate in
the external mode and load the new external authentication implementation
for Sun ONE Identity Server, which was just saved to
ssoxnete.pkb
in the
previous step. This file can be found in the directory
$ORACLE_HOME/portal30/admin/plsql/sso
and should be run as user
portal30_sso
.
4. Restart Login Server for the changes to take effect.
5. Install the policy agent for Apache Web Server 1.3.29 in the same machine that
Oracle 9iAS R1 is installed. The agent module gets installed on the same
instance of Login Server. For instructions to install the agent, see Chapter 2,
“Policy Agents on Solaris and HP-UX”. When installing the agent, the SSL
Ready box must be checked since Oracle’s Apache Server supports SSL.
Additionally, make sure CDSSO is enabled even if the agent and Sun ONE
Identity Server are in the same domain.
6. Configure the agent by modifying the
AMAgent.properties
files. The section
Configuring the Agent explains the properties that must be changed.
7. Edit the
modplsql
Database Access Descriptor (DAD) file named
wdbsvr.app
for Oracle9iAS on the first computer, to include the following entries. This file
is located in the directory
$ORACLE_HOME/Apache/modplsql/cfg
.
❍ Identity Server headers:
cgi_env_list = HTTP_IDENTITY_USER
❍ Connect string for the Login Server schema:
connect_string
= FQDN:Database_Listener_Port:ORACLE_SID
The
cgi_env_list
and
connect_string
entries must be added under the
sections
[DAD_portal30]
and
[DAD_portal30_sso]
.
BEGIN
RETURN ’Sun ONE Identity Server’;
END get_authentication_name;
Code Example 5-2
Changes to the Function get_Authentication_Name