Note: This assumes that you've created a WebLogic domain only for Oracle Identity Manager and SOA. If you have been following my guides throughout, you are fine. If not, refer to the Oracle documentation for the specific scenario you are dealing with (Look at 3.2.9 Configuring Database Security Store for an Oracle Identity and Access Management Domain in Installation Guide for Oracle Identity and Access Management).
You will be using the "configureSecurityStore.py" script to create the Database Security Store. This script can be found under the "<IAM_HOME>/common/tools" directory.
#Execute the following command to create the Database Security Store (This is one command)
#<MW_HOME>/oracle_common/common/bin/wlst.sh <IAM_HOME>/common/tools/configureSecurityStore.py -d <domaindir> -c IAM -p <opss_schema_password> -m create /home/oracle/Oracle/Middleware/oracle_common/common/bin/wlst.sh /home/oracle/Oracle/Middleware/Oracle_IDM1/common/tools/configureSecurityStore.py -d /home/oracle/Oracle/Middleware/user_projects/domains/base_domain -c IAM -p myPassword -m create
#Execute the following command to validate if the Database Security Store created properly
#<MW_HOME>/oracle_common/common/bin/wlst.sh <IAM_HOME>/common/tools/configureSecurityStore.py -d <domaindir> -m validate /home/oracle/Oracle/Middleware/oracle_common/common/bin/wlst.sh /home/oracle/Oracle/Middleware/Oracle_IDM1/common/tools/configureSecurityStore.py -d /home/oracle/Oracle/Middleware/user_projects/domains/base_domain -m validateLogs for Create
Initializing WebLogic Scripting Tool (WLST) ... Jython scans all the jar files it can find at first startup. Depending on the system, this process may take a few minutes to complete, and WLST may not return a prompt right away. Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands Info: Data source is: opss-DBDS Info: DB JDBC driver: oracle.jdbc.OracleDriver Info: DB JDBC URL: jdbc:oracle:thin:@localhost:1521/orcl [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done Jan 5, 2013 8:14:37 PM oracle.security.jps.internal.config.ldap.LdapCredStoreServiceConfigurator schemaCompatibleHandler INFO: Credential store schema upgrade not required. Store Schema version 11.1.1.6.0 is compatible to the seed schema version 11.1.1.4.0 [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done Jan 5, 2013 8:14:42 PM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl migrateCredentialData INFO: Migration of Credential Store data in progress..... Jan 5, 2013 8:14:42 PM oracle.security.jps.internal.tools.utility.JpsUtilMigrationCredImpl migrateCredentialData INFO: Migration of Credential Store data completed, Time taken for migration is 00:00:00 [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] migrateData - done [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] testJpsService - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup - done Jan 5, 2013 8:14:43 PM oracle.security.jps.internal.config.ldap.LdapKeyStoreServiceConfigurator schemaCompatibleHandler INFO: Keystore schema upgrade not required. Store Schema version 11.1.1.6.0 is compatible to the seed schema version 11.1.1.4.0 [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] updateServiceConfiguration - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] migrateData - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] testJpsService - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup - done Jan 5, 2013 8:14:45 PM oracle.security.jps.internal.config.ldap.LdapPolicyStoreServiceConfigurator schemaCompatibleHandler INFO: Policy schema upgrade not required. Store Schema version 11.1.1.6.0 is compatible to the seed schema version 11.1.1.4.0 [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] updateServiceConfiguration - done WLS ManagedService is not up running. Fall back to use system properties for configuration. Jan 5, 2013 8:14:54 PM oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData INFO: Migration of Admin Role Members started Jan 5, 2013 8:14:54 PM oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy migrateData INFO: Migration of Admin Role Members completed in 00:00:00 [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] migrateData - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] testJpsService - done [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup - done Jan 5, 2013 8:14:54 PM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator schemaCompatibleHandler INFO: Audit store schema upgrade not required. Store Schema version 11.1.1.6.0 is compatible to the seed schema version 11.1.1.4.0 [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSchema - Store schema has been seeded completely [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] updateServiceConfiguration - done Jan 5, 2013 8:14:54 PM oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData INFO: Migration of Audit Store data in progress..... Jan 5, 2013 8:15:19 PM oracle.security.jps.internal.tools.utility.JpsUtilMigrationAuditStoreImpl migrateAuditStoreData INFO: Migration of Audit Store data completed, Time taken for migration is 00:00:25 [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] migrateData - done [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] testJpsService - done persist to output: /home/oracle/Oracle/Middleware/user_projects/domains/base_domain/config/fmwconfig - done [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] updateServiceConfiguration - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbKeyStoreServiceConfigurator] updateServiceConfiguration - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] checkServiceSetup - done [oracle.security.jps.internal.config.db.DbPolicyStoreServiceConfigurator] updateServiceConfiguration - done Jan 5, 2013 8:15:30 PM oracle.security.jps.internal.config.ldap.LdapAuditServiceConfigurator checkIfConfigurationValid INFO: Audit store re-association not supported. [oracle.security.jps.internal.config.db.DbAuditStoreServiceConfigurator] checkServiceSetup - Audit store re-association not supported. persist to output: /home/oracle/Oracle/Middleware/user_projects/domains/base_domain/config/fmwconfig - done INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used. INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used. Using default context in /home/oracle/Oracle/Middleware/user_projects/domains/base_domain/config/fmwconfig/jps-config-migration.xml file for credential store. Credential store location : jdbc:oracle:thin:@localhost:1521/orcl Credential with map Oracle-IAM-Security-Store-Diagnostics key Test-Cred stored successfully! Credential for map Oracle-IAM-Security-Store-Diagnostics and key Test-Cred is: GenericCredential Info: diagnostic credential created in the credential store. Info: Create operation has completed successfully.Logs for Validate
Initializing WebLogic Scripting Tool (WLST) ... Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands Info: Data source is: opss-DBDS INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used. INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used. Info: Diagnostics data was saved to the credential store. Info: Validate operation has completed successfully.
No comments:
Post a Comment