Add an Oracle Application Express application
The purpose of this tutorial is to walk through the process of setting up an Oracle Application Express application through the Access Gateway Admin UI console.
- Access Gateway is installed and configured for use.
See Manage Access Gateway deployment.
- Access Gateway has been configured to use your Okta tenant as IDP.
See Configure your Okta tenant as an Identity Provider for more information about configuring your Okta tenant as an IDP.
- You have administrator rights on your Okta tenant and can assign applications to users and create groups.
- An external Oracle Application express based application that requires protection.
- The external app version is supported. Oracle Application Express supported versions include:
- v10g or later
- Appropriate DNS entries exist for both the protected application and the external URL. For example:
Value Description https://app-ex.externalexample.com External or customer facing application URL. https://app-ex.internalexample.com
Internal or protected application URL of Oracle Application Express.
This application is part of a class of applications which exchange user information using header variables. See Add a generic header application for more information about the Access Gateway generic header application.
Access Gateway also provides a sample header application. See Add a sample header application.
- Sign in to the Access Gateway Admin UI console.
Click the Applications tab.
Click +Add to add a new application.
Select the Oracle Application Express application list, and click Create.
The New Protected Application wizard will start and display the Essentials pane for the application being added.
In the Essentials pane specify the following:
Field Value Label A name for the application, such as Oracle Application Express. Public Domain A fully qualified host name such as <yourexteralname>.<your domain>.
In the example provided this would be app-ex.externalexample.com.
Protected Web Resource
The URL of the internal, protected, application.
In the example provided this would be app-ex.internalexample.com:<port>
- port - the port Oracle Application Express is listening on for http requests.
Group Enter the group containing the users who should have access to the application.
Post Login URL
Enter or modify the Post Login URL. By default this field is enabled and contains value:
Description Optional. An appropriate description for your application.
- Expand the Certificates tab.
By default a wildcard self signed certificate is created and assigned to the application when the application is initially created.
- Optional. Click Generate self-signed certificate
A self-signed certificate is created and automatically assigned to the application.
- Optional. Select an existing certificate from the list of provided certificates.
Use the Search field to narrow the set of certificates by common name.
Use the page forward (>)and backward(<) arrows to navigate through the list of available certificates.
- Click Next. The Attributes pane appears.
The Attributes pane provides a list of attributes that are passed into the application as header fields.
Confirm that the attribute match those required by Oracle Application Express.
If required, use the Edit () icon to modify the name and other values associated with each attribute.
Add or modify any additional required attributes. See Application attributes. for more information on attribute options.
- Click Next. The Policies pane appears.
- Leave all policies unchanged and click Done.
See Managing application policy for more information on application policies.
While optional, Okta recommends that all applications include certificates.
See About Access Gateway certificates for general information about certificate.
See Certificate management tasks for a general task flow for obtaining and assigning certificates.
The following steps assign the application to a test account and then execute the application to verify basic functionality.
Assign the application
Sign in to your Okta tenant as administrator.
In the Admin Console, go to Applications >Applications.
Click the name of the newly added header application.
Select the Assignments tab.
Select Assign > Assign To People.
Select an appropriate user and click Assign.
Testing is typically initially done using the same user who is associated with administering Access Gateway
Execute the Application
Return to the Access Gateway Admin UI console.
On the row representing the newly added app, select one of Goto application > IDP Initiated or Goto application > SP Initiated.
- Verify the resulting page displays as expected.
- Close the results page.
- See Access Gateway supported application and version information for details of supported application and version information.
- See Add a generic header application.
- See Add a sample policy application.
- See Troubleshoot applications.
- Add or review application essential settings. See About application essentials and Manage application essentials.
- Add application behaviors. See About application behaviors.
- Add fine grained policy to further protect resources. See About application policy and Manage access control application policy for an overview on user policy and for examples respectively.
- Extend existing policy using custom configuration. See Advanced Access Gateway policy.