After creating ADF application, follow the below link to configure security.
And refer this blog for users/roles setup - http://andrejusb.blogspot.com/2009/01/practical-adf-security-deployment-on.html
Once you are done with security setup with ADF, we need to configure keystore for weblogic domain.
Make sure that you have default-keystore.jks copied to $MW_HOME/user_projects/domains/<domain_name>/config/fmwconfig/
Now run the wlst.sh from $MW_HOME/oracle_common/common/bin/wlst.sh.
wls:/offline> connect()
Please enter your username [weblogic]
:weblogic
Please enter your password [weblogic] :
Please enter your server
URL [t3://localhost:7001] :t3://localhost:7101
Connecting to
t3://localhost:7101 with userid weblogic ...
Successfully connected to Admin
Server 'DefaultServer' that belongs to domain 'DefaultDomain'.
Warning: An insecure protocol was used to connect to the
server. To ensure
on-the-wire security, the SSL port or
Admin port should be used instead.
wls:/DefaultDomain/serverConfig>
Please enter your username [weblogic]
:weblogic
Please enter your password [weblogic] :
Please enter your server
URL [t3://localhost:7001] :t3://localhost:7101
Connecting to
t3://localhost:7101 with userid weblogic ...
Successfully connected to Admin
Server 'DefaultServer' that belongs to domain 'DefaultDomain'.
Warning: An insecure protocol was used to connect to the
server. To ensure
on-the-wire security, the SSL port or
Admin port should be used instead.
wls:/DefaultDomain/serverConfig>
wls:/DefaultDomain/serverConfig> createCred(map="oracle.wsm.security", key="keystore-csf-key", user="owsm", password="welcome1", desc="Keystore key")
wls:/DefaultDomain/serverConfig> createCred(map="oracle.wsm.security", key="enc-csf-key", user="orakey", password="welcome1", desc="Encryption key")
wls:/DefaultDomain/serverConfig> createCred(map="oracle.wsm.security", key="sign-csf-key", user="orakey", password="welcome1", desc="Signing key")
If the credentials for keystore-csf-key, enc-csf-key and sign-csf-key already exist and their password is anything other than welcome1, update them, using the updateCred command, as shown below:
wls:/DefaultDomain/serverConfig> updateCred(map="oracle.wsm.security", key="keystore-csf-key", user="owsm", password="welcome1", desc="Keystore key")
wls:/DefaultDomain/serverConfig> updateCred(map="oracle.wsm.security", key="enc-csf-key", user="orakey", password="welcome1", desc="Encryption key")
wls:/DefaultDomain/serverConfig> updateCred(map="oracle.wsm.security", key="sign-csf-key", user="orakey", password="welcome1", desc="Signing key")
wls:/DefaultDomain/serverConfig> createCred(map="oracle.wsm.security", key="enc-csf-key", user="orakey", password="welcome1", desc="Encryption key")
wls:/DefaultDomain/serverConfig> createCred(map="oracle.wsm.security", key="sign-csf-key", user="orakey", password="welcome1", desc="Signing key")
If the credentials for keystore-csf-key, enc-csf-key and sign-csf-key already exist and their password is anything other than welcome1, update them, using the updateCred command, as shown below:
wls:/DefaultDomain/serverConfig> updateCred(map="oracle.wsm.security", key="keystore-csf-key", user="owsm", password="welcome1", desc="Keystore key")
wls:/DefaultDomain/serverConfig> updateCred(map="oracle.wsm.security", key="enc-csf-key", user="orakey", password="welcome1", desc="Encryption key")
wls:/DefaultDomain/serverConfig> updateCred(map="oracle.wsm.security", key="sign-csf-key", user="orakey", password="welcome1", desc="Signing key")
I am assuming that we are using single weblogic domain to test integration between ADF and SOA.
Restart both admin and soa server. You are ready to test!
No comments:
Post a Comment