Add an Oracle WebLogic Server App

The purpose of this tutorial is to walk through the process of setting up an Oracle WebLogic Server application through the Access Gateway Admin Console.

Before you begin

Ensure that:

  • Access Gateway is installed and configured for use.
    See Manage Access Gateway deployment.
  • Access Gateway has been configured to use your Okta tenant as IDP.
    See Configure your Okta tenant as an Identity Provider for more information about configuring your Okta tenant as an IDP.
  • You have administrator rights on your Okta tenant and can assign applications to users and create groups.
  • An external Oracle WebLogic Server based application which requires protection.
  • The external app version is supported. Oracle Weblogic Server supported versions include:
    • v10.3.6 (11g) or later
  • Appropriate DNS entries for both the legacy application and the exposed new URL exist.
  • Appropriate DNS entries for both the protected application and the external URL for example:

    ValueDescription
    https://weblogic.externalexample.comExternal or customer facing application URL.
    https://weblogic.internalexample.com

    Internal or protected application URL.

 

Tip

Tip

This application is part of a class of applications which exchange user information using header variables. See Add a generic header application for more information about the Access Gateway generic header application.

Access Gateway also provides a sample header application. See Add a sample header application.

Create the application in Access Gateway

  1. Sign in to the Access Gateway Admin UI console.
  2. Click the Applications tab.

  3. Click +Add to add a new application.

  4. Select the Oracle WebLogic option from the left column menu, and click Create.

    Select header based and click create.

    The New Protected Application wizard will start and display the Essentials pane for the application being added.

  5. In the Essentials pane specify the following:

    Field Value
    Label A name for the application.
    Public Domain A fully qualified host name such as <yourexternalname>.<your domain>.
    In the example provided this would be weblogic.externalexample.com.
    Protected Web Resource

    The URL of the internal protected application.
    In the example provided this would be weblogic.internalexample.com:<port>/<path>
    Where:

    • port - the port WebLogic Server is listening on for http requests.
    • path - represents the path to the application.
    Group Enter the group containing the users who should have access to the application.
    Description [optional] An appropriate description for your application.
  6. Important Note

    Important

    While optional, Okta recommends that all applications include certificates.
    See About Access Gateway Certificates for general information about certificate.
    See Certificate management tasks for a general task flow for obtaining and assigning certificates.  

  7. Expand the Certificates tab.
    Note

    Note

    By default a wild card self signed certificate is created and assigned to the application when the application is initially created.

  8. Optional. Click Generate self-signed certificate

    A self-signed certificate is created and automatically assigned to the application.
  9. Optional. Select an existing certificate from the list of provided certificates.
    Use the Search field to narrow the set of certificates by common name.
    Use the page forward (>)and backward(<) arrows to navigate through the list of available certificates.

  10. Click Next. The Attributes pane appears.
  11. The Attributes pane provides a list of attributes that will be passed into the application.
    By default the login field of the Okta profile accessing the application is mapped to the OAM_REMOTE_USER.
    Use the pencil to change the name of the login field attribute as required.

    Use the edit () to modify the name and other values associated with this attribute as required.
    Add or modify any required attributes. See Application attributes for more information on the attribute options.

  12. Click Next. The Policies pane appears.
  13. Leave all policies unchanged and click Done.
    See Managing Application Policy for more information on application policies.

Test the application

The following steps assign the application to a test account and then execute the application to verify basic functionality.

Assign the application

  1. Sign in to your Okta tenant as administrator.

  2. In the Admin Console, go to Applications > Applications.

  3. Click the name of the newly added header application.

  4. Select the Assignments tab.

  5. Select Assign > Assign To People.

  6. Select an appropriate user and click Assign.

    Info

    Note

    Testing is typically initially done using the same user who is associated with administering Access Gateway

  7. Click Done.

Execute the Application

  1. Return to the Access Gateway Admin UI console.

  2. On the row representing the newly added header app, select one of Goto application > IDP Initiated. or Goto application > SP Initiated.

    add-sample-header-app-okta.09

  3. Verify the results page displays all expected values.
  4. Close the results page.

Related topics