Install the Proxy Plug-In on WebLogic

This page contains the following topics:
cim12606
This page contains the following topics:
 
 
If you use the Microsoft IIS web server as proxy server, you must configure an additional pass through setting to receive application-specific error responses when invalid REST API/TEWS requests are submitted through the Proxy URL.
Run the following command from the 
%windir%\system32\inetsrv
 folder on the IIS machine where the proxy plug-in is configured.
appcmd.exe set config -section:system.webServer/httpErrors /existingResponse:"PassThrough" /commit:apphost
Once the Web Agent authenticates and authorizes a request for a 
Identity Manager
 resource, the Web Server forwards the request to the application server that hosts the 
Identity Manager
 Server.
  1. Install the WebLogic proxy plug-in for your Web Server as described in the WebLogic documentation.
    For IIS users, when you install the proxy plug-in, be sure to configure proxying by file extension and by path. When you configure proxying by file extension, add an application mapping in the App Mapping tab with the following properties:
    Executable:
     IISProxy.dll
    Extension:
     .wlforward
  2. Configure the proxy plug-in for 
    Identity Manager
     as described in one of the following sections:
Configure the Proxy Plug-in for IIS (7.x)
The following procedure walks through the deployment and configuration of the WebLogic proxy plug-in for IIS 7.x.
 
Note:
 These instructions are for 32-bit operating environments. The same instructions apply for 64-bit operating environments. The location of the installation .dll file is different:
  • %WL_HOME%server\plugin\win\32\
  • %WL_HOME%server\plugin\win\64\
 
Follow these steps:
 
  1. Install Web agent and configure it on IIS7.
  2. Create a folder with the name ‘plugin’ in ‘C’ drive.
  3. Copy the following files to the plugin folder:
    • iisforward.dll
    • iisproxy.dll
    • iisproxy.ini
      If you are using Weblogic 12c Application Server, then download iisproxy.dll and iisforward.dll from the Oracle website.
  4. Install the Application Development and Management Tools role services on IIS7.
  5. Open Inet Manager and select the Default Web site.
  6. Click Handler Mappings.
  7. Double click Static File and modify the Request path to *.*.
  8. Click the Request Restrictions button.
  9. On the Mappings tab select Invoke handler only if the request is mapped to a File or folder.
  10. In Handler Mappings dialog click Add Script Map… on the right-hand side menu options. Enter the following values:
    • Request path : *
    • Executable: iisProxy.dll
    • Name: proxy
  11. Click the Request Restrictions button.
  12. Clear Invoke handler only if the request is mapped to.
  13. Click Yes to the prompt about allowing this IASPI extension.
  14. Click the Root node (Machine name) of the IIS Manager tree and click ISAPI and CGI Restrictions.
  15. Click Add in Actions pane and enter the following values:
    • ISAPI or CGI Path: C:\plugin\ iisproxy.dll.
    • Description: Weblogic
    • Select Allow extension path to execute.
  16. Click the Root node (Machine name) of the IIS Manager tree and click on the "ISAPI and CGI Restrictions". Select the option "Weblogic" and click on "Edit Feature Settings" at the right side pane.
  17. Select Allow unspecified ISAPI modules and Allow unspecified CGI modules.
  18. Do the same for Webagent.
  19. In Features View, on the ‘Default Web Site’, double-click Handler Mappings.
  20. On the Handler Mappings page, in the Actions pane, click Add Script Map and the following values:
    • Request path : .jsp
    • Executable : iisproxy.dll
    • Name : JSP
  21. Click Request restrictions.
  22. On the Mapping tab select Invoke handler only if request is mapped to File.
  23. Click OK.
  24. Click Add Script Map and the following values:
    • Request path : .do
    • Executable : C:\plugin\iisproxy.dll
  25. Click Request restrictions. The settings are the same .jsp.
  26. Click OK.
  27. Click Add Script Map and enter the following values:
    • Request path : .wlforward
    • Executable : C:\plugin\iisproxy.dll
  28. Click Request restrictions. The settings are the same as for .jsp.
  29. Click Default Web Site and double click ISAPI Filters.
  30. Click View Order List on the right-side pane.
  31. Place the CA SSO® Agent executable in second place in the list. After this entry, only the Weblogic executable is in the list.
    Note
    : If CA SSO® Agent executable appears after the Weblogic executable, then move the CA SSO® Agent using MOVE UP action.
  32. Click Application pools and change the Default App Pool to Classic mode.
The WebLogic plug-in is configured.
Configure the IIS 6.0 Proxy Plug-in
This procedure applies to configurations of the WebLogic proxy plug-in for IIS 6.0.x:
 
Follow these steps:
 
  1. Create a folder on the system where the web agent is installed. For example: c:\weblogic_proxy.
  2. Log in to the system where the 
    Identity Manager
     server is running.
  3. Go to this folder: 
    Weblogic_Home
    \wlserver_11\server\plugin
  4. Copy the following files to the weblogic proxy folder created in step 1.
    • iisforward.dll
    • iisproxy.dll
      If you are using Weblogic 12c Application Server, then download iisproxy.dll and iisforward.dll from the Oracle website.
  5. Create a file named iisproxy.ini in the same folder and include the following content:
    # This file contains initialization name/value pairs # for the IIS/WebLogic plug-in. WebLogicHost=host-name WebLogicPort=7001 ConnectTimeoutSecs=20 ConnectRetrySecs=2 WlForwardPath=/castylesr5.1.1,/iam,/im , /ca/Odata/ WLLogFile= c:\weblogic_proxy \proxy.log DebugConfigInfo=ON
    Replace 
    host-name
     with the actual host name.
  6. Start IIS Manager.
  7. Expand Web Sites.
  8. Right-click Default Web Site.
  9. Select Properties.
  10. Add a filter as follows:
    1. Click ISAPI Filters.
    2. Click Add and complete the dialog as follows:
      For Filter Name: WebLogic
      For Executable: Path of the iisforward.dll
  11. Provide the location of the iisproxy.dll file as follows:
    1. Click Home Directory.
    2. Click Configuration.
    3. Click Add.
    4. Enter the path of the iisproxy.dll file.
    5. Enter .jsp in the Extension field.
    6. Clear the Verify that file exists option.
  12. Repeat step 11 for the .do and .wlforward extensions.
  13. Add a web service extension for wlforward (in all lower case) pointing to the location of iisforward.dll.
    Set the extension status to Allowed.
  14. Right click each Web Service Extension to change it to Allowed Status.
  15. Restart the IIS web server.
Configure the iPlanet Proxy Plug-in
To configure the plug-in, modify the following iPlanet configuration files:
  • magnus.conf
  • obj.conf
The iPlanet configuration files have strict rules about the placement of text. To avoid problems, note the following points:
  • Eliminate extraneous leading and trailing white space. Extra white space can cause your iPlanet server to fail.
  • If you must enter more characters than you can fit on one line, place a backslash (\) at the end of that line and continue typing on the following line. The backslash directly appends the end of the first line to the beginning of the following line. If a space is necessary between the words that end the first line and begin the second line, be certain to use one space either at the end of the first line (before the backslash) or at the beginning of the second line.
  • Do not split attributes across multiple lines.
The iPlanet configuration files for your iPlanet instance are found in the following location:
 
iplanet_home
/https-
instance_name
/config/
where 
iplanet_home
 is the root directory of the iPlanet installation and 
instance_name
 is your particular server configuration.
 
Follow these steps:
 
  1. From the 
    weblogic_home
    /server/lib directory, copy the libproxy.so file that corresponds to your version of your iPlanet Web Server to the file system where you installed iPlanet.
  2. In a text editor, modify the iPlanet magnus.conf file.
    To instruct iPlanet to load the libproxy.so file as an iPlanet module, add the following lines to the beginning of the magnus.conf file:
    Init fn="load-modules" funcs="wl_proxy,wl_init"\ shlib=path in file system from step 1/libproxy.so Init fn="wl_init"
    For example:
    Init fn="load-modules" funcs="wl_proxy,wl_init"\ shlib=/usr/local/netscape/plugins/libproxy.so Init fn="wl_init"
    The function load-modules tags the shared library for loading when iPlanet starts up. The values wl_proxy and wl_init identify the functions that the plug-in executes.
  3. In a text editor, modify the iPlanet obj.conf file as follows:
    1. After the last line that begins with the following text:
      NameTrans fn=....
      Add the following Service directive to the Object name="default" section:
      Service method="(GET|HEAD|POST|PUT)" type=text/jsp fn="wl-proxy"
      You may add this directive in a line following existing Service directives.
    2. Add the following code to the end of the file:
      <Object name="idm" ppath="*/iam/*">"> Service fn="wl-proxy" WebLogicHost="hostname" WebLogicPort="portnumber" PathTrim="/weblogic" </Object> <Object name="weblogic1" ppath="*/console*"> Service fn="wl-proxy" WebLogicHost="hostname" WebLogicPort="portnumber" PathTrim="/weblogic" </Object>
      where 
      hostname
       is the server name and domain of the system where you installed WebLogic and 
      portnumber
       is the WebLogic port (default is 7001).
      You may have more than one Object entry.
      For example:
      <Object name="idm" ppath="*/iam/*">"> Service fn="wl-proxy" WebLogicHost="MyServer.MyCompany.com" WebLogicPort="7001" PathTrim="/weblogic" <Object name="weblogic1" ppath="*/console*"> Service fn="wl-proxy" WebLogicHost="MyServer.MyCompany.com" WebLogicPort="7001" PathTrim="/weblogic" </Object>
  4. Save your iPlanet configuration file.
  5. Restart your Web Server instance.
Configure the Apache Proxy Plug-in
Configuring the Apache Proxy Plug-in requires editing the http.conf file.
 
Follow these steps:
 
  1. Stop the Apache web server after installing a Web Agent on Solaris and copy the mod_wl_20.so file from the following location:
    weblogic_home
    /server/lib/solaris
    to
    apache_home
    /modules
  2. Edit the http.conf file (located in 
    apache_home
    /conf) and make the following changes:
    1. Under the load module section, add the following code:
      LoadModule weblogic_module modules/mod_wl_20.so
    2. Edit the server name with the name of the Apache server system.
    3. Add an If block at the end of the file as follows:
      <IfModule mod_weblogic.c> WebLogicHost weblogic_server.com WebLogicPort 7001 MatchExpression /iam MatchExpression /castylesr5.1.1 MatchExpression /ca/Odata </IfModule>
  3. Save the http.conf file.
  4. Restart the Apache web server.