My Oracle Support Banner

Can We Register Multiple Virtual Servers In OTD 12c With Different WebGate (Doc ID 2154009.1)

Last updated on OCTOBER 31, 2023

Applies to:

Oracle Access Manager - Version 12.2.1.1.0 and later
Information in this document applies to any platform.
Oracle is not responsible for instructions/information from 3rd party sites that may be contained in this KM note.

Goal

OAMWebGate - 12.2.1.0.0
OTD 12c         - 12.2.1.0.0

Is it possible to register multiple Virtual Servers in OTD with different OAM agents so they can have separate authentication and authorization polices?

For example, I have two Virtual Servers, dev-portal21.example.com  and dev-cos21.example.com

On my OTD servers, I've run the following

cd ${ORACLE_HOME}/webgate/otd/tools/deployWebGate
./deployWebGateInstance.sh -w ${DOMAIN_HOME}/config/fmwconfig/components/OTD/instances/otd_default_OTDMachine1/dev-portal21/ -oh ${ORACLE_HOME} -ws otd
./deployWebGateInstance.sh -w ${DOMAIN_HOME}/config/fmwconfig/components/OTD/instances/otd_default_OTDMachine1/dev-cos21/ -oh ${ORACLE_HOME} -ws otd

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:${ORACLE_HOME}/lib
cd ${ORACLE_HOME}/webgate/otd/tools/setup/InstallTools
./EditObjConf -f ${DOMAIN_HOME}/config/fmwconfig/components/OTD/instances/otd_default_OTDMachine1/config/dev-portal21.example.com-obj.conf -w ${DOMAIN_HOME}/config/fmwconfig/components/OTD/instances/otd_default_OTDMachine1/dev-portal21/ -oh ${ORACLE_HOME} -ws otd
./EditObjConf -f ${DOMAIN_HOME}/config/fmwconfig/components/OTD/instances/otd_default_OTDMachine1/config/dev-cos21.example.com-obj.conf -w ${DOMAIN_HOME}/config/fmwconfig/components/OTD/instances/otd_default_OTDMachine1/dev-cos21/ -oh ${ORACLE_HOME} -ws otd

Along with the Virtual Server conf files being updated, two entries then get added to magnus.conf (see attached)

I've then registered dev-portal21 and dev-cos21 as WebGate agents in OAM and copied cwallet.sso and ObAccessClient.xml to ${DOMAIN_HOME}/config/fmwconfig/components/OTD/instances/otd_default_OTDMachine1/dev-portal21/webgate/config and ${DOMAIN_HOME}/config/fmwconfig/components/OTD/instances/otd_default_OTDMachine1/dev-cos21/webgate/config, and restarted the OTD instances

However, the authentication and authorization polices for both Virtual Servers are then only linked to the 2nd site registered, i.e. the last site in the magnus.conf (dev-cos21)

if we  changed the order of dev-portal21 and dev-cos21 in magnus.conf then we  get the reverse behavior.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.