Posted by Ujwol Shrestha - Principal Support Engineer in CA Security on Feb 2, 2016
Envrionment :
- Oracle HTTP Server 11g
- Siteminder Web Agent : 12.5+
Step 1. Changes to httpd.conf file at <Instance Directory>\instance1\config\OHS\ohs1
1. Add LoadModule entry to the DSO Support Section
The following line(s) are added to the Dynamic Shared Object (DSO) Support configuration section, which precedes the Main server configuration section of the file.
LoadModule sm_module "<web_agent_home>/win64/bin/mod_sm22.dll"
Note:
The SiteMinder Agent requires one of the following modules in order to load:
Apache 2.0
LoadModule sm_module web_agent_home/bin/libmod_sm20.so
Apache 2.0 running on Windows
LoadModule sm_module web_agent_home/bin/mod_sm20.dll
Apache 2.2 running on Windows
LoadModule sm_module web_agent_home/bin/mod_sm22.dll
2. Add SmInitFile Entry
This entry is placed after the LoadModule entry that you added in (1). A full path is used, not a relative path.
SmInitFile "<Instance Directory>/instance1/config/OHS/ohs1/WebAgent.conf"
3. Alias Entries Added
In the Aliases section of the file, following entries are added to enable SiteMinder features.
Note:
The Alias /siteminderagent/ “<web_agent_home>/samples/” entry must come after all other aliases in the Aliases section.
AliasMatch /siteminderagent/nocert/[0-9]+/(.*) "<web_agent_home>/win64/$1"
<Directory "<web_agent_home>/win64/$1">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Alias /siteminderagent/pwcgi/ "<web_agent_home>/win64/pw/"
<Directory "<web_agent_home>/win64/pw/">
Options Indexes MultiViews ExecCGI
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Alias /siteminderagent/pw/ "<web_agent_home>/win64/pw/"
<Directory "<web_agent_home>/win64/pw/">
Options Indexes MultiViews ExecCGI
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Alias /siteminderagent/ "<web_agent_home>/win64/samples/"
<Directory "<web_agent_home>/win64/samples/">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
Step 2. Create WebAgent.conf file with the following content and copy it in <Instance Directory>\instance1\config\OHS\ohs1
# WebAgent.conf - configuration file for SiteMinder Web Agent
# Web Agent Version = 12.51, Build = 1402, Update = 07
LOCALE=en-US
#agentname="<AgentName>, <IPAddress>"
HostConfigFile="<web_agent_home>\win64\config\SmHost.conf"
AgentConfigObject="<aco_name>"
EnableWebAgent="YES"
ServerPath=""
#localconfigfile="<Instance Directory>\instance1\config\OHS\ohs1\LocalConfig.conf"
LoadPlugin="<web_agent_home>\win64\bin\HttpPlugin.dll"
#LoadPlugin="<web_agent_home>\win64\bin\Affiliate10Plugin.dll"
#LoadPlugin="<web_agent_home>\win64\bin\SAMLAffiliatePlugin.dll"
#LoadPlugin="<web_agent_home>\win64\bin\eTSSOPlugin.dll"
#LoadPlugin="<web_agent_home>\win64\bin\IntroscopePlugin.dll"
#LoadPlugin="<web_agent_home>\win64\bin\SAMLDataPlugin.dll"
#LoadPlugin="<web_agent_home>\win64\bin\OpenIDPlugin.dll"
#LoadPlugin="<web_agent_home>\win64\bin\DisambiguatePlugin.dll"
#LoadPlugin="<web_agent_home>\win64\bin\OAuthPlugin.dll"
AgentIdFile="<Instance Directory>\instance1\config\OHS\ohs1\AgentId.dat"
Step 3. Create AgentId.dat file with the following content and copy it in <Instance Directory>\instance1\config\OHS\ohs1
GUID=000080fe0000000075939d10c0597d33-0bf0-5643dc86-0bf4-0339021c
(Specify unique GUID value for each of the Agent Instance )
Step 4. Change opmn.xml file at <Instance Directory>\instance1\config\OPMN\opmn
=======================================================================
Add following lines after
<ias-instance id="instance1" name="instance1">
<environment>
section
<variable id="NETE_WA_PATH" value="<web_agent_home>/win64/bin"/>
<variable id="NETE_WA_ROOT" value="<web_agent_home>/win64" />
<variable id="PATH" value="$NETE_WA_PATH;$PATH"/>
Note:
1. All the sections within <> need to be changed with the actual path
2. After making all these changes OS needs to be restarted.
Attachment:
All the sample files are attached for reference.