In OIM 11gR2 PS3, one should not update the default applications (Self-Service and Sysadmin) from Weblogic deployments.
Sometime during implementation of OIM UI Customizations, peoples are updating the oracle.iam.ui.custom. In PS3 you can find that while updating oracle.iam.ui.custom, automatically below depended applications got updated.
If by mistake oracle.iam.console.identity.self-service.ear and oracle.iam.console.identity.sysadmin.ear got updated then you may find the workflow policy in sysadmin console showing blank. See the below image where opening the Workflows -> Approvals showing a white page.
Reason:
In OIM PS3, if some how oracle.iam.console.identity.self-service.ear and oracle.iam.console.identity.sysadmin.ear got updated then the OPSS policy gets overwritten.
Solution:
To resolve this issue, we need to Re-Seed the policy again from self service and sysadmin.
There are 3 policy files you need to re-seed.
1. Copy 'jazn-data.xml' (from OIM.ear) to a different directory.
2. Copy 'jazn-data.xml' (found in oracle.iam.console.identity.self-service.ear) to a different directory.
3. Copy 'jazn-data-sysadmin.xml' (found in oracle.iam.console.identity.self-service.ear) to a different directory.
4. Go to [DOMAIN_HOME]/config/fmwconfig/ take a backup of the file 'jps-config-jse.xml' in the same folder
cp jps-config-jse.xml jps-config-jse_backup.xml
5. Open the backup file 'jps-config-jse_backup.xml' and add the below 2 jps contexts just before the "</jpsContexts>" tag.
<jpsContext name="mydst">
<serviceInstanceRef ref="policystore.db"/>
</jpsContext>
<jpsContext name="mysrc">
<serviceInstanceRef ref="mysource.policystore.xml"/>
</jpsContext>
6. Open the 'jps-config-jse_backup.xml' file and add the below 'serviceInstance' just before the "</serviceInstances>" tag.
<serviceInstance name="mysource.policystore.xml"
provider="policystore.xml.provider" location="<FILE PATH>">
<description>My source</description>
</serviceInstance>
Give an absolute path of jazn-dataXXXX.xml in <FILE PATH> as per the step 1. You need to change the <FILE PATH> 3 times to seed 3 different policies.
7. Goto the location "[MWHOME]/oracle_common/common/bin/" and execute "sh wlst.sh" script
8. Execute the below command to import policies from Jazn-dataxxx.xml to the OPSS store.
Syntax
migrateSecurityStore(type='appPolicies', configFile='/opt/app/oracle/Middleware/user_projects/domains/<oim_domain>/config/fmwconfig/jps-config-jse_backup.xml',
src='mysrc', dst='mydst', srcApp='<Follow point B mentioned above>', overWrite='false')
Example
migrateSecurityStore(type='appPolicies', configFile='[DOMAIN_HOME]/config/fmwconfig/jps-config-jse_backup.xml',src='mysrc', dst='mydst', srcApp='OIM', overWrite='false')
Note: srcApp value will be changed according to the policy data as below:
'jazn-data.xml' (from OIM.ear) - srcApp is OIM
'jazn-data.xml' (found in oracle.iam.console.identity.self-service.ear) - srcApp is OracleIdentityManager
'jazn-data-sysadmin.xml' (found in oracle.iam.console.identity.self-service.ear) - srcApp is OracleIdentityManager
9. Exit the WLST session using exit() command.
10. Repeat from the Step 6 for the other 2 policies.
11. Once done take a restart of OIM servers.
Example for the WLS command for other 2 policies:
migrateSecurityStore(type='appPolicies', configFile='[DOMAIN_HOME]/config/fmwconfig/jps-config-jse_backup.xml',src='mysrc', dst='mydst', srcApp='OracleIdentityManager', overWrite='false')
Sometime during implementation of OIM UI Customizations, peoples are updating the oracle.iam.ui.custom. In PS3 you can find that while updating oracle.iam.ui.custom, automatically below depended applications got updated.
Reason:
In OIM PS3, if some how oracle.iam.console.identity.self-service.ear and oracle.iam.console.identity.sysadmin.ear got updated then the OPSS policy gets overwritten.
Solution:
To resolve this issue, we need to Re-Seed the policy again from self service and sysadmin.
There are 3 policy files you need to re-seed.
1. Copy 'jazn-data.xml' (from OIM.ear) to a different directory.
2. Copy 'jazn-data.xml' (found in oracle.iam.console.identity.self-service.ear) to a different directory.
3. Copy 'jazn-data-sysadmin.xml' (found in oracle.iam.console.identity.self-service.ear) to a different directory.
4. Go to [DOMAIN_HOME]/config/fmwconfig/ take a backup of the file 'jps-config-jse.xml' in the same folder
cp jps-config-jse.xml jps-config-jse_backup.xml
5. Open the backup file 'jps-config-jse_backup.xml' and add the below 2 jps contexts just before the "</jpsContexts>" tag.
<jpsContext name="mydst">
<serviceInstanceRef ref="policystore.db"/>
</jpsContext>
<jpsContext name="mysrc">
<serviceInstanceRef ref="mysource.policystore.xml"/>
</jpsContext>
6. Open the 'jps-config-jse_backup.xml' file and add the below 'serviceInstance' just before the "</serviceInstances>" tag.
<serviceInstance name="mysource.policystore.xml"
provider="policystore.xml.provider" location="<FILE PATH>">
<description>My source</description>
</serviceInstance>
Give an absolute path of jazn-dataXXXX.xml in <FILE PATH> as per the step 1. You need to change the <FILE PATH> 3 times to seed 3 different policies.
7. Goto the location "[MWHOME]/oracle_common/common/bin/" and execute "sh wlst.sh" script
8. Execute the below command to import policies from Jazn-dataxxx.xml to the OPSS store.
Syntax
migrateSecurityStore(type='appPolicies', configFile='/opt/app/oracle/Middleware/user_projects/domains/<oim_domain>/config/fmwconfig/jps-config-jse_backup.xml',
src='mysrc', dst='mydst', srcApp='<Follow point B mentioned above>', overWrite='false')
Example
migrateSecurityStore(type='appPolicies', configFile='[DOMAIN_HOME]/config/fmwconfig/jps-config-jse_backup.xml',src='mysrc', dst='mydst', srcApp='OIM', overWrite='false')
Note: srcApp value will be changed according to the policy data as below:
'jazn-data.xml' (from OIM.ear) - srcApp is OIM
'jazn-data.xml' (found in oracle.iam.console.identity.self-service.ear) - srcApp is OracleIdentityManager
'jazn-data-sysadmin.xml' (found in oracle.iam.console.identity.self-service.ear) - srcApp is OracleIdentityManager
9. Exit the WLST session using exit() command.
10. Repeat from the Step 6 for the other 2 policies.
11. Once done take a restart of OIM servers.
Example for the WLS command for other 2 policies:
migrateSecurityStore(type='appPolicies', configFile='[DOMAIN_HOME]/config/fmwconfig/jps-config-jse_backup.xml',src='mysrc', dst='mydst', srcApp='OracleIdentityManager', overWrite='false')
No comments:
Post a Comment