Thursday, July 14, 2016

Tips: Set OVD 11g Debug Logs to Trace level

Step 1

1. Open ODSM
2. Click Advanced tab
3. Click/Expand Global Plugin
4. Click on the button to Create Plug-in 
5. For Name put for ex. myDumpTr
6. For Class choose DumpTransactions
7. Click on the button Create Parameter
8. For Name write loglevel 
9. For Value write FINEST
10.Cick Ok

Step 2:

1. Open Oracle Enterprise Manager, access http://<host>:<port>/em login with user name Weblogic (or whatever other user that you choose for admin)
2. Expand -> Farm_<name>Domain -> Identity and Access right click ovd1 ->choose Logs -> Log Configuration
3. Click Log Levels tab
 For Logger Name -- com.octetstring.accesslog choose TRACE:32 (FINEST)
 For Logger Name -- com.octetstring.vde choose TRACE:32 (FINEST)
4. Click Apply
5. Click Close in Confirmation dialog box

Stop OVD:

$ORACLE_INSTANCE/bin/opmnctl stopproc ias-component=ovd1

Start OVD:

$ORACLE_INSTANCE/bin/opmnctl startproc ias-component=ovd1


Check logs in $ORACLE_INSTANCE/diagnostics/logs/OVD/ovd1/ location

Tuesday, July 12, 2016

Fix: OAAM 11g R2 PS3 issue to generate OMA offline secret key

Issue:

Unable to generate OMA offline secret key when using OUD as OAM user store(there is no issue when tested with weblogic embedded LDAP).

Error from log file:

<Jul 12, 2016 11:30:49 AM EDT> <Warning> <oracle.ods.virtualization.engine.backend.jndi.OUD> <LIBOVD-40066> <Remote Server Failure:pokuri.demo.com:1389.
javax.naming.NamingException: [LDAP: error code 123 - You do not have sufficient privileges to use the proxied authorization control]; remaining name 'cn=users,dc=demo,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3169)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)

at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1829)

Solution:

Uncheck "Proxy Authentication" option in "OAuth User Profile Service Configuration"(Proxy Authentication is enabled by default) then click on Apply.




Thursday, July 7, 2016

How to Upgrade Oracle Coherence


Upgrade instructions to install Coherence 3.7.1.x on Oracle Access Manager 11gr2 (OAM 11.1.2.0.0) to Oracle Access Manager 11gr2PS2 (OAM 11.1.2.2.0)

1. Download desired coherence patch from Note:1405110.1

2. Shutdown all the servers.

3. On the each Server including the admin server, do the following.

     a. Unzip the contents of the patch to tmp folder.

     b. Backup the jar that exists at the location      MW_HOME/oracle_common/modules/oracle.coherence/coherence.jar

     c. copy the jar tmp/coherence/lib/coherence.jar to the folder MW_HOME/oracle_common/modules/oracle.coherence

     d. Backup the folder $Domain/config and all its nested contents.

4. Start the Admin Server

5. Log into weblogic console

6. Lock configuration

7. Select Deployments and locate the coherence library

8. Select the library and press the Delete button.

9. Release Configuration and apply changes.

10. Lock configuration

11. Select Deployments and press the Install button.

12. Select the coherence jar in the file path. Ensure that the library name is "coherence". Hit the next button till you finish deployments.

13. Save and release the configuration.

14. Stop And Start the Admin Server. Verify the the oam_admin deployment is started.

How to Check Oracle coherence version

1. Navigate to COHERENCE_HOME/lib and extract coherence.jar file

2. You can find the exact version details in MANIFEST.MF file under META-INF directory

File content:

Manifest-Version: 1.0
Ant-Version: Apache Ant 1.7.1
Created-By: 19.0-b09 (Sun Microsystems Inc.)
Main-Class: com.tangosol.net.CacheFactory
Class-Path: je.jar
Specification-Vendor: Oracle
Specification-Version: 3.7.1.1
Implementation-Build: 28901
Implementation-Description: 
Implementation-Title: Coherence
Implementation-URL: http://www.oracle.com
Implementation-Vendor: Oracle
Implementation-Version: 3.7.1.1




Friday, July 1, 2016

OAAM 11g R2 PS3 primary & secondary Email OTP challenge choice demo video


Follow below link for steps :



-- Siva Pokuri

OAAM 11g R2 PS3 Secondary email OTP configuration with custom challenge processor

Hello Readers,

Steps to configure secondary email as OTP:

Demo video: http://www.idmfun.com/2016/07/oaam-11g-r2-ps3-secondary-email-otp_1.html

1. Create custom challenge processor.

2. Create a class which extends "AbstractUMSOTPChallengeProcessor" as shown below.

import com.bharosa.uio.processor.challenge.AbstractUMSOTPChallengeProcessor;
import com.bharosa.uio.util.UIOSessionData;
import com.bharosa.uio.util.UIOUtil;
import java.util.ArrayList;
import java.util.List;
import oracle.ucs.messaging.ws.types.Address;
import oracle.ucs.messaging.ws.types.DeliveryType;

public class Email2ChallengeProcessor extends AbstractUMSOTPChallengeProcessor
{
   protected List<Address> getRecipients(UIOSessionData sessionData) 
   {
       String toAddress = UIOUtil.getContactInfo(sessionData, "email2");
       Address recipientAddr = getAddress(toAddress, DeliveryType.EMAIL);

       List<Address> retList = new ArrayList<Address>();
       retList.add(recipientAddr);

       return retList;
    }

}

3. Build jar file with the above java class file and place it in oracle.oaam.extensions.war lib folder.

4. Add below list of properties in oaam_custom.properties file in oracle.oaam.extensions.war

# Second Email Address Input Registration Field Properties Example
bharosa.uio.default.userinfo.inputs.enum.email2=2002
bharosa.uio.default.userinfo.inputs.enum.email2.name=Email Address 2
bharosa.uio.default.userinfo.inputs.enum.email2.description=Email Address 2
bharosa.uio.default.userinfo.inputs.enum.email2.inputname=email2
bharosa.uio.default.userinfo.inputs.enum.email2.inputtype=text
bharosa.uio.default.userinfo.inputs.enum.email2.maxlength=40
bharosa.uio.default.userinfo.inputs.enum.email2.required=true
bharosa.uio.default.userinfo.inputs.enum.email2.order=2
bharosa.uio.default.userinfo.inputs.enum.email2.enabled=true
bharosa.uio.default.userinfo.inputs.enum.email2.regex=.+@[a-zA-Z_]+?\.[a-zA-Z.]+
bharosa.uio.default.userinfo.inputs.enum.email2.errorCode=otp.invalid.email
bharosa.uio.default.userinfo.inputs.enum.email2.managerClass=com.bharosa.uio.manager.user.DefaultContactInfoManager
bharosa.uio.default.userinfo.inputs.enum.email2.verify=true
#bharosa.uio.default.userinfo.inputs.enum.email2.displaymask=.{1,2}(.*)@([a-zA-Z_]+)?\.[a-zA-Z]{2,3}

# Second Email Address Challenge OTP Field Properties Example
bharosa.uio.default.challenge.type.enum.ChallengeEmail2=2003
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.available=true
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.description=Challenge Email 2
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.displayedInfo=email2
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.enabled=true
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.htmlInputType=text
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.htmlLabel=Email Code
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.name=Email Challenge2
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.otp=true
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.otpexpirytimeMs=400000
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.processor=Email2ChallengeProcessor
bharosa.uio.default.challenge.type.enum.ChallengeEmail2.requiredInfo=email

# Rule action for ChallengeEmail2
rule.action.enum.ChallengeEmail2=1091
rule.action.enum.ChallengeEmail2.name=Challenge Email 2
rule.action.enum.ChallengeEmail2.description=Challenge the user using Email

rule.action.enum.ChallengeEmail2.otp=true

5. Redeploy oracle.oaam.extensions.war file in both oaam admin & oaam server managed servers.

6. Login to OAAM admin console

7. Navigate to Groups and click on "OAAM Challenge Choice" and click on "Actions" tab.

8. Add newly created action called "Challenge Email 2".

9. Now, login to TAP protected application by registering new user with 2 OTP email addresses.

10. Test login with user account who registered primary & secondary email address.

-- Siva Pokuri.

How to Create CLOUD Oracle Database Service

CLOUD ORACLE DATABSE 12C SERVICE







  • Generate SSH Key Pair Using SSH Key Generator
  • Select type of key as SSH-2 RSA.
  • No.of bits as 2048.
  • Click on Generate.



      • Key Will be Generated as below screen shot.


      • Click on Save Private Key to save key with extension .ppk.


      • Click on Conversions on Putty Key Generator and and click in Export Open SSH Key.
      • Save the Key with extension .ssh.

      • Copy the content under Public key for pasting into OpenSSH authorized_keys  in Putty Key generator and save as .pub file

       

      • Login to Database Cloud Service Console.
      • Click on Create Instance.

      • Select the Database version 11g or 12c.
      • Select the software edition.


      • Enter Service Name, Description.
      • SSH Public Key upload .pub file which is created in Putty Key generation.
      • Setup the Administrators password.
      • Click Next. 

      • Verify the summary. Click on Create.




      • Follow the Screen shot to modify the Access Policies.



      • Enable ora_p2_dblistener and ora_p2_httpssl 

      • Connect to Cloud Oracle Database using SQL Developer.








      Thanks !