X

Deep dive into various configurations with Oracle Weblogic Server

  • November 15, 2015

Steps to modify analytics application ( OBIEE 11.1.1.7) to work with SSO

Puneeth Prakash
Principal Software Engineer

Below are the steps to modify the analytics application to login using SSO :

 - Create a new folder (say "modified") and copy the analytics.ear file to it.

NOTE : analytics.ear file is located @ Eg : "/refresh/home/app/obiee/Oracle_BI1/bifoundation/jee/"

 - Now run the following command to explode the analytics.ear file :

Command : jar -xvf analytics.ear 

Delete the analytics.ear file from "modified" folder. 

You should have the following files in "modified" folder now :

 1. analytics-ws.war

 2. analytics.war

 3. META-INF 

 -  Edit the MANIFEST.MF file located in META-INF folder to add the following :

Weblogic-Application-Version: 11.1.1.7.0.130303.2025

 NOTE : This step is optional

- Create a folder called "tmp"  and move analytics.war file to it, then explode it using the following command :

Command : jar -xvf analytics.war

-  Edit the web.xml file located in "tmp/WEB-INF" folder and add the following :

NOTE : Replace

 <login-config>
     <auth-method>CLIENT-CERT</auth-method>
  </login-config>

 with the following : 

<security-constraint>
<web-resource-collection>
<web-resource-name>BI Analytics</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>SSORole</role-name>
</auth-constraint>            
  </security-constraint>

<login-config>
    <auth-method>CLIENT-CERT</auth-method>
 </login-config>

   <security-role>
<role-name>SSORole</role-name>
   </security-role>

- Now edit the weblogic.xml file as follows :

 <?xml version = '1.0' encoding = 'US-ASCII'?>
<weblogic-web-app xmlns="http://xmlns.oracle.com/weblogic/weblogic-web-app">
   <context-root>analytics</context-root>
<security-role-assignment>
<role-name>SSORole</role-name>
<principal-name>puneeth</principal-name>
<principal-name>BIUsers</principal-name>
<principal-name>BIAdmins</principal-name>
                <principal-name>BISystemUser</principal-name>
</security-role-assignment>
   <!-- Bug 14659820.
         The oracle.bibopmn library would pull in a version of the sautils.jar which do not access to a mad.jar
         with appropriate codegrants. Due to updgrade restrictions we need to keep using the war's jars. 
      -->
   <container-descriptor>
       <prefer-web-inf-classes>true</prefer-web-inf-classes>
   </container-descriptor>
</weblogic-web-app>

NOTE : You have to specify the users / groups that need access to the analytics application in <principal-name> tag. 

- Create a war file using the following command :

Command : jar -cvf analytics.war *

- Copy this newly create analytics.war file to "modified" folder and delete the "tmp" folder that we created earlier. 

- "modified" folder should contain the following now :

1. analytics.war (modified)

2. META-INF folder (which contains the modified MANIFEST.MF )

3. analytics-ws.war (unchanged original file). 

- Create an ear using the following command :

Command : jar cvfM analytics.ear analytics.war analytics-ws.war META-INF/

- Take a back of the original analytics.ear file

- Login to console and stop "bi_server1"

- Delete the "analytics.ear" application from console -> deployments tab

- Replace the original "analytics.ear" file with the modified ear file.

- Now login to console -> start "bi_server1" and deploy the modified "analytics.ear" file.

- Make sure that the application is in active state and test SSO. 

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.