Add an Oracle Access Gate Application

The purpose of this tutorial is to walk through the process of setting up an Oracle Access Gate application through the Access Gateway Admin Console.

Access Gate Architecture

Before You Begin

  • Access Gateway is installed and configured for use.
    See Manage Access Gateway deployment.
  • Access Gateway has been configured to use your Okta tenant as IDP.
    See Configure your Okta tenant as Identity Provider for more information about configuring your Okta tenant as an IDP.
  • You have administrator rights on your Okta tenant and can assign applications to users, and create groups.
  • An external Oracle Access Gateway Server based application which requires protection.
  • Appropriate DNS entries for both the legacy application and the exposed new URL exist.
  • Appropriate DNS entries for both the protected application and the external URL for example:
    ValueDescription
    https://access-gate.externalexample.comExternal or customer facing application URL.
    https://access-gate.internalexample.com

    Internal or protected application URL of Oracle EBS Access Gate.

  • Access information for the OID instance is available, including:
    ValueDescription
    Name of OID HostThe resolvable name of the machine hosting OID.
    OID Port

    OID Port

    Bind Name/password

    The binding name and password on the OID host.

    CN
    cn=Users,dc=domain,dc=com

    User search attribute and base

 

Tip

Tip

This application is part of a class of applications which exchange user information using header variables. For more information about the Access Gateway generic header application please see Add a generic header application.

Access Gatewayalso provides a sample header application. Please see Add a sample header application for more information.

Create the Application in Access Gateway

  1. Navigate to your Access Gateway Instance.

  2. In the Access Gateway Admin UI, sign in as an administrator.

  3. Click the Applications tab.

    Select applications tab

  4. Click +Add to add a new application.

    Click Add.

  5. Select the Oracle WebLogic option from the left column menu, and click Create.

    Select header based and click create.

    The New Protected Application wizard will start and display the Essentials pane for the application being added.

  6. In the Essentials pane specify the following:

    Field Value
    Label A name for the application.
    Public Domain A fully qualified host name such as <yourexteralname>.<your domain>.
    In the example provided this would be access-gate.externalexample.com.
    Protected Web Resource

    The URL of the internal, protected, application.
    In the example provided this would be access-gate.internalexample.com:<port>/<path>
    Where:

    • port - the port Oracle Access Gate is listening on for http requests.
    • path - represents the path to the application.
    Group Enter the group containing the users who should have access to the application.

    Post Login URL

    Enter or modify the post login URL. By default this field is enabled and contains value:
    access-gateexternalexample.com/OA_HTML/AppsLogin.
    Description [optional] An appropriate description for your application.
  7. Click Next.
    The Applications pane appears.
  8. The Applications page provides a list settings particular to Oracle Access Gate.
    Confirm the following fields and click Validate.
    Click Next when complete.
    FieldValue
    OID DatasourceEnabled.  For more information on data sources see Administer data stores
    OID HostFully qualified host name of the OID Host.
    Default ebs-iam.internalhost.com.
    OID PortThe port used to connect to the OID host.
    Defaults 3060.
    Bind UserThe user use for OID access.
    Defaults cn=oracleuser.
    Bind User PasswordPassword for Bind User.
    BaseUser search base
    Default cn=Users,dc=domain,dc=com

    User Search Attribute

    Attribute to search OID using.
    Default CN.

    Matching Attribute

    Attribute used for matching in the attributes step.
    Default: USER_NAME.

  9. The Attributes page provides a list of attributes that will be passed into the application as header fields.
    Datasource

    Value

    		NAME
    idp

    email

    		USER_NAME
    oid

    orclguid

    		USER_ORCLGUID

    Use the pencil icon to edit the name and other values associated with this attribute as required.
    Add or modify any required attributes, and click Next.
    For more information on the attribute options, see Application attributes.
    The Policies pane appears.

  10. Leave all policies unchanged and click Done.
    For more information on Application policies see About application policy and Manage application policy .

Test the Application

The following steps assign the application to a test account and then execute the application to verify basic functionality.

Assign the application

  1. Login to your Okta tenant as administrator.

  2. Select Application > Applications.

  3. Click the name of the newly added header application.

  4. Select the Assignments tab.

  5. Select Assign > Assign To People.

  6. Select an appropriate user and click Assign.

    Info

    Note

    Testing is typically initially done using the same user who is associated with administering Access Gateway

  7. Click Done.

Execute the Application

  1. Return to the Access Gateway admin console.

  2. On the row representing the newly added app, select one of Goto application > IDP Initiated or Goto application > SP Initiated.

  3. Verify the resulting page displays as expected.
  4. Close the results page.

See Also