Pre-Installation Checks.
a)oracle database requirement :9.2.0.3(min)
b)oracle JVM requirement : available
c)shared_pool_size =100(min)
d)Browser requirement = Microsoft internet explorer 6.0 version or later
e)HTTP server requirements
Oracle application express must access any one of the following
1)Embedded pl/sql gateway
2)Oracle http server and mod_plsql
f) Disk Space Requirement
Oracle Application Express disk space requirements are as follows:
■ free space for Oracle Application Express software files on the file system: 450 MB
■ free space in Oracle Application Express tablespace: 125 MB
■ free space in SYSTEM tablespace: 85 MB
■ Free space in Oracle Application Express tablespace for each additional language
(Other than English) installed: 34 MB
I) i) Oracle XML DB requirement
Installaing a new XML DB manually without DBCA
catqm.sql
ii) Reconnect to SYS again and run the following:
catxdbj.sql #Load xdb java library
After the manual installation, carry out these tasks:
1.Add the following dispatcher entry to the init.ora file:
2.dispatchers="(PROTOCOL=TCP) (SERVICE=DEVXDB)"
2.Restart database and listener to enable Oracle XML DB protocol access.
3.To allow for unauthenticated access to your Oracle XML DB Repository data through HTTP, you must also unlock the ANONYMOUS user account.
Oracle text requirement:
Connect sys account
Sql> @/$ORACLE_HOME/ctx/admin/defaults/drdefus.sql
J)Download apex_3.1.2.zip from www.oracle.com to 9.2.0.8(RDBMS home)
K)Unzip the apex_3.1.2
Pl/sql web tool Kit:
Run the PL/SQL Web Toolkit installation script by issuing: @owainst.sql
To upgrade modplsql libraries and everything
After this we need compile invalid objects in the database.
Sql>@?/rdbms/admin/utlrp.sql
Setup steps:
1) Create tablespace apex with size of min 500MB.
create tablespace APEX datafile '/u04/sam/orasam/samdata/apex01.dbf' size 200M
Connect to sqlplus as sysdba
@apexins.sql xxxxx apex apex temp /i/ none
Post installation steps:
Copy The Images Directory
Copy the images directory at $ORACLE_HOME/apex/images(DB Tier) to $IAS_ORACLE_HOME/Apache/Apache (Applications Tier)
cp -Rf images $IAS_ORACLE_HOME/Apache/Apache
Edit wdbsrv.app
Edit the $IAS_ORACLE_HOME/Apache/modplsql/cfg/wdbsrv.app file and add the following
[DAD_apex]
connect_string = SAM (your connect string here)
password = XXXXX (password you gave while installing APEX)
username = apex_public_user
default_page = apex
document_table = wwv_flow_file_objects$
document_path = docs
document_proc = wwv_flow_file_mgr.process_download
reuse = Yes
enablesso = No
stateful = STATELESS_RESET
nls_lang = American_America.AL32UTF8
Edit the httpd.conf
Edit the $IAS_ORACLE_HOME/Apache/Apache/conf/httpd.conf file and add the alias
Alias /i/ "/u03/sam/applsam/samora/iAS/Apache/Apache/images/"
Bounce your HTTP Server
Restart your HTTP server to have the changes take effect.
$cd $COMMON_TOP/admin/scripts/SAM/
./adapcctl.sh stop
./adapcctl.sh start
Logging in to APEX
You can use the following URL to login to APEX
http://
login as
Workspace=internal
User = admin
Password=’xxxx’
----------------------------------------------
APEX Another DOCUMENT
----------------------------------------------
There are 5 steps to this SETUP:
A. Install the SSO SDK in the FLOWS_NNNNNN schema.
B. Register APEX as a Partner Application in SSO.
C. Update the FLOWS_NNNNNN schema objects to reflect the registration information generated in step B.
D. Install the wwv_flow_custom_auth_sso package.
E. Configure the specific APEX application to use SSO.
A. INSTALLING THE SSO SDK INTO THE FLOWS_NNNNNN SCHEMA
1. As SYS or SYSTEM, unlock the FLOWS_NNNNNN schema. (alter user flows_NNNNNN account unlock)
2. Obtain the 9.0.2 SSO SDK. For Application Servers 10gR1 (9.0.4) and 10gR2(10.1.2.0.X) it is located in the ORACLE_HOME/sso/lib directory and called ssosdk902.zip.
3. Unzip the file and cd to the ../packages directory.
4. Using sqlplus connect as FLOWS_NNNNNN.
5. Load the 902 SDK using the command -> @loadsdk.sql
6. You will see sequences, tables, procedures, and packages created. There should be no errors.
B. REGISTER APEX AS PARTNER APP IN SSO
1. Go to the SSO Administration home and login:
http://machine.domain:port/pls/orasso/orasso.home
Normally, this portion of the set up can be done when logged in as the user -> orcladmin
2. Click on SSO Server Administration
3. Click on Administer Partner Applications
4. Click on Add Partner Application
Enter the following values:
Name: (Anything you want). For example -> SSO HTMLDB
Home URL: (This is the normal APEX login url)
http://machine.domain:port/pls/apex
Success URL: http://machine.domain:port/pls/apex/wwv_flow_custom_auth_sso.process_success
Logout URL: http://machine.domain:port/pls/apex
Note: The above 3 urls assume that the APEX DAD is called -> /pls/apex'. In earlier versions of APEX it was common to call it -> /pls/htmldb
Add a valid 'End Date:' unless an indefinite logon time frame is desired.
Add 'Application Administrator' information as desired.
When completed, and after hitting the Apply button, information similar to the following will appear. Save these values or keep up in your browser as they will be needed in step C:
ID: BF0C5678
Token: 5J2L2FQFBF0D9106
Encryption Key: 555B973718553478
Login URL: http://machine.domain:port/pls/orasso/orasso.wwsso_app_admin.ls_login
Single Sign-Off URL: http://machine.domain:port/pls/orasso/orasso.wwsso_app_admin.ls_logout
Name: SSO HTMLDB
Home URL: http://machine.domain:port/pls/apex
Success URL: http://machine.domain:port/pls/apex/wwv_flow_custom_auth_sso.process_success
Logout URL: http://machine.domain:port/pls/apex
C. UPDATE THE FLOWS_NNNNNN SCHEMA WITH SSO REGISTRATION INFO
1. cd to the ..../packages directory as you did in step A.3 above.
2. Using sqlplus connect as FLOWS_NNNNNN.
3. run -> @regapp.sql and answer the questions.
4. The value for the listener token will be of the format -> app_name:your-host:port. You must use
HTML_DB as the app_name. For example -> HTML_DB:myserver.com:80 where myserver.com:80 is the machine & port used to access APEX. Note that the machine name and port used are normally values from the serverName and Port directives listed in the httpd.conf of the http server machine. This is NOT
always the same machine name and port used when accessing APEX via a URL. See the
TROUBLESHOOTING section for more details.
5. For site_id enter the ID you received in step B.
6. For site_token enter the Token value from step B.
7. For login_url enter the Login URL from step B.
8. For encryption key, enter the Encryption key value you received in step B.
9. For ip_check enter -> N
10. There should be no errors and a 'Registration successful' message should display with a
confirmation of the information entered.
D. INSTALL THE WWV_FLOW_CUSTOM_AUTH_SSO PACKAGE:
1. Locate the the following package scripts in
custom_auth_sso_902.sql
custom_auth_sso_902.plb
Note
2. cd to the location of the two scripts.
3. Using sqlplus connect as the appropriate FLOWS_NNNNNN user.
4. Run both:
@custom_auth_sso_902.sql
@custom_auth_sso_902.plb
There should be no errors.
5. Issue the following grant:
grant execute on wwv_flow_custom_auth_sso to APEX_PUBLIC_USER;
Note: In earlier versions of APEX this user was called -> HTMLDB_PUBLIC_USER
Note 2: If using the Embedded PLSQL Gateway then grant execute to ANONYMOUS. For example, grant execute on wwv_flow_custom_auth_sso to ANONYMOUS
E. CONFIGURING THE APEX APPLICATION
1. Login to APEX as an application developer.
2. Enter Application Builder and click on the application to be configured for SSO.
3. Choose -> Shared Components
4. Beside the Security icon, click on -> Authentication Schemes
5. Click on -> Create
6. Ensure ->” Based on a pre configured scheme from the gallery” is selected.
7. Click -> Next
8. Choose -> “Oracle Application Server Single Sign-On (Oracle Application Express Engine as Partner App)".
9. Click -> Next
10.Give it a name (It can be any valid name such as -> SSO_AUTH)
11. Click -> Create Scheme
--Make the new authentication scheme current for the application
1. Click on the application you wish to enable for SSO.
2. Choose -> Shared Components
3. Click on -> Authentication Schemes
4. Click on -> Change Current
5. Choose -> SSO_AUTH (or whatever you named it in step 10 above).
6. Choose -> Next.
7. Click -> “Make Current “ Button.
TEST YOUR APPLICATION
1. Login to APEX and attempt to run the application that you configured to use SSO.
2. When you click on the run icon, you should be redirected to the SSO Server and presented with an
SSO login screen.
3. Once you login, your APEX application should come up.
TROUBLESHOOTING
See
UPGRADING APEX WITH SDK IN FLOWS_NNNNNN SCHEMA
When APEX is upgraded SSO will have to be reconfigured because the objects loaded by the SDK will not be in the new FLOWS_NNNNNN schema. For discussion purposes, lets refer to the old schema as FLOWS_OLD and the upgraded one as FLOWS_NEW. It is important to understand that after the upgrade all of the SDK related files, including the information entered by regapp, is still in the FLOWS_OLD schema. So after upgrading, SSO can be enabled by either:
1. Reaccomplishing steps A, C & D of this note in the FLOWS_NEW schema. Step B can be reaccomplished if you wish to create a new Partner Application. However, this is not necessary because you may use the information from the original SSO Partner Application.
or
2. Reuse the registration information that already exists in the FLOWS_OLD schema. To do this you would:
a. Perform Step A in the FLOWS_NEW schema.
b. Create the necessary synonym as follows:
-connect to FLOWS_NEW
-Drop table wwsec_enabler_config_info$;
-create synonym wwsec_enabler_config_info$ for FLOWS_OLD.wwsec_enabler_config_info$;
-connect to FLOWS_OLD
-grant select on wwsec_sso_enabler_private to FLOWS_NEW;
c. If the WWV_FLOW_CUSTOM_AUTH_SSO is not already in the FLOWS_NEW schema, then accomplish step D to create it.
Note: This note is based on the white paper at ->
http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html
It does not address the 'Alternate Procedure for Individual Registration of Partner Application Schemas' described in this reference.
References
@ Note 562807.1 - Configuring an APEX Application to Use SSO With SDK in Separate Schema
Note 562840.1 - Troubleshooting Apex SSO Related Error ERR-7620
-------------------------------------------------------------
APEX Another DOCUMENT 2
-------------------------------------------------------------
Download apex_2.2.zip to server.
Unzip in D:\apex. It will create directory on unzip.
From server: Oracle Enterprise Manager, Storage Manager, SYSTEM, MANAGER, PROD
Tablespaces, + (Create)
APEX (NAME), Permanent, Datafiles, Add, D:\ORACLE\PRODDATA\APEX.DBF, File Size
100M, Auto Extend, Enable Auto Extend, Increment 100M, OK, OK
Create a desktop shortcut on server to D:\oracle\proddb\9.2.0\bin\sqlplusw.exe,
Start in D:\APEX. Call shortcut "SQL Plus ApEx".
Startup SQL Plus ApEx shortcut. Username: system, Password: Manager, Host
String: PROD
CONNECT SYS@PROD AS SYSDBA
Password for SYS: change_on_install
Change SYS password: ALTER USER SYS IDENTIFIED BY ;
Change SYSTEM password: ALTER USER SYSTEM IDENTIFIED BY ;
@apexins
SQL Plus will close automatically when database portion is completed.
Startup SQL Plus again. SYSTEM/new pwd/PROD.
CONNECT SYS@PROD AS SYSDBA
@d:\oracle\proddb\9.2.0\rdbms\admin\utlrp.sql
Possible fix for two invalid database packages.
Copy d:\apex\images directory to d:\oracle\prodora\iAS\Apache\Apache (will
create an images subdirectory)
Modify d:\oracle\prodora\iAS\Apache\modplsql\cfg\wdbsvr.app
Modify d:\oracle\prodora\iAS\Apache\Apache\conf\httpd.conf
Restart Oracle Apache Server PROD_
http://server:8000/pls/htmldb
Workspace: internal Username: ADMIN Password:
wdbsvr.app changes
Comment out:
;custom_auth = CUSTOM
OR
Add:
Add the following to plsql.conf:
SetHandler pls_handler
Order deny,allow
Allow from all
Add to bottom:
[DAD_htmldb]
connect_string = PROD
;connect_string = localhost:1521:prod
password =
username = apex_public_user
default_page = apex
document_table = wwv_flow_file_objects$
document_path = docs
document_proc = wwv_flow_file_mgr.process_download
reuse = Yes
enablesso = No
stateful = STATELESS_RESET
nls_lang = American_America.US7ASCII
Note: There is a way to hide the password but leave it readable for now.
httpd.conf changes
Add to bottom:
#ApEx 2.2
Alias /i/ "D:\oracle\prodora\iAS\Apache\Apache\images/"
AddType text/xml xbl
AddType text/x-component htc
No comments:
Post a Comment