Académique Documents
Professionnel Documents
Culture Documents
1]
In this Document
Goal
Solution
How to Install SSO with Oracle Fusion Middleware 11g
1. Install Oracle Internet Directory 11g - SSO Documentation
2. Install Metadata Repository Creation Assistant (MRCA)
3. Install Oracle Identity Management 10g (10.1.4.0.1) SSO+DAS Only
4. Apply the Identity Management 10g 10.1.4.3.0 Patchset
Using an Existing Identity Management 10g for SSO
References
Applies to:
Oracle Fusion Middleware - Version: 11.1.1.1.0 to 11.1.1.3.0]
Information in this document applies to any platform.
Goal
To Answer Frequently Asked Questions Specific to Using SSO with FMW 11g...
I am trying to find Single Sign-On (SSO) installation and configuration for Oracle Fusion
Middleware (FMW) 11g, but am finding out that SSO is not available in FMW 11g. What is
supposed to be done for middle tier applications (such as Oracle Portal) which require its use?
According to documentation there is a Metadata Repository Creation Assistant (MRCA)
10.1.4.3.1. What is the difference between MRCA 10.1.4.3.1 and Identity Management
10.1.4.0.1 patched with the 10.1.4.3.0 Patchset?
[ Taken from Note:858748.1 - Oracle Fusion Middleware 11g - Getting Started FAQ ]
Solution
Note:
In the original FMW 11g release (11.1.1.1.0) the MRCA 10.1.4.3.0 was used. With the releases
of 11.1.1.2.0/11.1.1.3.0, there is an updated version of MRCA available - version 10.1.4.3.1. The
updated version has fixes which allow it to be successfully run against Oracle Database 11.1
and 11.2 versions.
Documentation for Oracle Fusion Middleware 11g Single Sign-On installation and configuration
is within the Oracle Identity Management 10g (10.1.4) Installation Guide. After you have
installed Oracle Internet Directory 11g, see Chapter 10 to begin the steps for Single Sign-On:
Note:
Chapter 10 is the main documentation for installing SSO for Oracle Fusion Middleware
11g. Chapter 10 has been revised from the original and re-released with the 11.1.1.3.0
documentation library. The "11.1.1.3.0" Install Guide would be applicable to 11.1.1.2.0
and 11.1.1.3.0 because IDM 11.1.1.2.0 installation is required before updating to
11.1.1.3.0...See "Understanding Your Installation Starting Point". The remainder of this
My Oracle Support document is outlining the major steps and important points, as it goes
through each stage.
Using Chapter 10 instructions, it is very important to run the inspre11.pl with the proper
options at the proper times. It is also important that it executes and makes changes, as
required. Ensure that the the script runs and returns a message to your screen. If the file is
0 bytes, (for whatever reason) it will not run and return nothing. If you need another file,
download this . There are various issues surrounding this, and data collected from the
following commands will help troubleshoot:
Referring to IDM 11g Installation Guide Chapter 10, the first step of installing SSO is to install
the required objects in the database using a special version of the Metadata Repository Creation
Assistant. MRCA 10.1.4.3.1 is released only on Linux x86 and Windows x86 platforms, and is to
be executed remotely to connect to any certified Oracle Database version, (10.2.0.4+, 11.1.0.7+,
11.2.0.1+).
MRCA files are installed on the system, into a new Oracle home directory.
RepCA tool is run to connect to your Oracle Database to install required schemas and
objects, then register with your OID 11g. At the screen prompts, choose install and
register and ensure you provide both non-SSL and SSL connection details to your
existing OID 11g.
Important:
Documentation has not been written specifically for MRCA 10.1.4.3.1 besides Chapter 10 of the
11g IDM Installation Guide. It is important use the MRCA 10.1.4.0.1 User's Guide during these
steps:
Oracle Application Server Metadata Repository Creation Assistant User's Guide
Microsoft Windows
[ http://download.oracle.com/docs/cd/B28196_01/repca.1014/b28216/toc.htm ]
Linux x86
[ http://download.oracle.com/docs/cd/B28196_01/repca.1014/b28214/toc.htm ]
Certification Information:
When installing from the IM 10.1.4 media, it is important to first verify the IM 10.1.4
Certification Guide, "Section 8, "Oracle Internet Directory and Oracle Application Server
Single Sign-On Certification", taking note that there may be footnotes applicable to your
platform, as there are patches required in order to start the installer on newer platforms:
Oracle Identity Management (10.1.4.0.1) Certification Guide
[http://www.oracle.com/technology/software/products/ias/files/idm_certification_101401.html]
On the above OS versions, there has been a certification performed where there are requirements,
known issues and patches required before starting the installer. Use these patches if the Installer
provides an error that the OS is not supported, which are provided in the following document
from original IM 10.1.4.0.1 Certification Guide
Note 465847.1 Oracle Identity Management 10g (10.1.4.0.1) Release Notes Addendum
Bug 9865293 is filed on Patch 9188117 not applying with OPatch. Until this is resolved,
manually replace the repca.jar in the patch area to your MRCA home, then run the repca
tool as per the MRCA Install Guide.
Please note that Windows 2008 R2 is NOT certified/supported with this Oracle Fusion
Middleware 11g topology. It is currently going through testing and documentation.
After MRCA 10.1.4.3.1 is installed, an Identity Management 10g (10.1.4.0.1) installation would
be performed choosing the Oracle Single Sign-On and Oracle Delegated Administration Services
(SSO+DAS) installation option. For use with Oracle Fusion Middleware 11g, its important to
only choose the SSO+DAS installation option. This is available in the 10g download location:
Oracle Identity Management 10g (10.1.4.0.1) Download
[ http://www.oracle.com/technology/software/products/ias/htdocs/101401.html ]
-- Pick "Oracle Identity Management Infrastructure and Oracle Identity Federation"
Be sure to follow the Identity Management 10g (10.1.4) Installation Guide, in particular the steps
to choose the SSO+DAS without OID and DIP (which would already be installed as 11g). Below
is a Linux x86 Install Guide with a direct link to section of importance
Oracle Application Server Installation Guide10g (10.1.4.0.1) for Linux x86
4.24 Installing Oracle Identity Management Components Only (Excluding Oracle Internet
Directory)
[ http://download.oracle.com/docs/cd/B28196_01/install.1014/b28194/infra.htm#BABDDJIB ]
Notes
The IDM 11g Chapter 10 says Patch 5649850 is required for the 10.1.4.3
Patchset. It is actually required when installing the 10.1.4.0.1 SSO/DAS
home. During the OC4J Instance Configuration Assistant, there will be a
"java.sql.SQLException: ORA-01017: invalid username/password; logon
denied" error when deploying OC4J_SECURITY applications.
If this happens, perform the following actions while leaving the OUI
Installer up and running:
Certification Information:
After SSO+DAS 10.1.4.0.1 is installed, the Identity Management 10g 10.1.4.3 Patchset (Patch
7215628) needs to be applied to the SSO+DAS home. Where an Oracle Database Server release
2 (11.2) is associated, its important to first download Patch 6265268, following its readme file.
Chapter 10 of the IDM 11g Installation Guide says Patch 5649850 is required for a pre-requisite
failure during the 10.1.4.3 Patchset. It is actually required when installing the 10.1.4.0.1
SSO/DAS home. See the previous section, as this should already be applied.
If you have an already existing Identity Management 10g (10.1.4 or 10.1.2), it is an option to use
the Oracle Single Sign-On ((SSO) you already have installed and configured when installing
products such as Oracle Portal, (which requires SSO). Interoperability considerations will need
to be managed between the installed Oracle Internet Directory and Oracle Database Server while
planning the upgrade process.If installing an installation type which does not require SSO at
installation time, it may be a post-install configuration, depending on the components involved.
If considering this, refer to the Upgrade and Planning Guide and Security Guide for more
details:
Oracle Fusion Middleware Upgrade Guide for Oracle Identity Management 11g Release 1
(11.1.1)
Part Number E10129-04
2 Supported Starting Points for Oracle Identity Management Upgrade
[http://download.oracle.com/docs/cd/E14571_01/upgrade.1111/e10129/starting_points.htm ]
References
NOTE:858748.1 - Oracle Fusion Middleware 11g - Getting Started FAQ
Attachments
Related
Products
Middleware > Application Servers > Oracle Application Server > Oracle Fusion
Middleware
Keywords
ORA-1017
Back to top