Create the application in Access Gateway

Create application

To create the application in Access Gateway:

1. Sign in to the Access Gateway Admin UI console.

2. Click the Applications tab.

3. Click +Add to add a new application.

4. From the Application menu, select Oracle JD Edwards Enterprise One, and click Create.
   
   

   

   

   Note

   See the Supported technologiessection in Supported technologies.

Configure the application

1. In the Essentials pane enter:
   

   Field	Value
   Label	The name of the application, For example: JD Edwards
   Public Domain	The external facing URL of the application. For example: https://jde-external.example.com
   Protected Web Resource	The URL and port combination of the Oracle JD Edwards Implementation that is being protected. For example: http://jde-internal.example.com:7005 See Configure load balancing
   Post Login URL	Enter an appropriate target URL. For example https://jde-external.example.com/jde/owhtml. Note: Post Login URL may contain other elements specific to the implementation.
   Group	The group containing users who can access the JD Edwards instance.

Configure load balancing

Available since Access Gateway version 2022.2.3

Important

Okta recommends that whenever possible load balancers and Access Gateway as a load balancer be implemented.
See About Access Gateway load balancing.

1. Expand the Protected Web Resources tab.
2. In Protected Web Resource tab enable load balancing.
   
   The Protected Web Resource tab will then expand to include a table of hostnames and weights representing the target load balancing instances, initially empty.
3. Select a URL scheme. All added protected web resources will inherit this scheme. HTTP and HTTPS schemes are supported.
4. [Optional] Enable and specify Host Header value.
5. Repeat as required:
   1. Click Add protected web resource.
      A new empty row will be added to the table.
   2. Enter a fully qualified hostname:port combination.
      For example https://backendserver1.atko.com:7001.
   3. Enter a weight between 1 and 100. Enter 0 to specify a disabled host.
      
      

      Weights represent the percentage of requests that will be routed to this host.
      For example, two hosts of weights 2:1 would result in requests being routed ~66% to the host weighted 2 and ~33% to the host weighted 1.

   4. Click Okay to add the new host, or Cancel to cancel.
      Click edit () to modify an existing host.
      Click delete() to delete an existing host.

6. Optional Configure health checks:
   Health checks are optional and use GET operations to confirm back and resources are functional.
   Resources deemed unhealthy are not routed new requests.

   1. Enable health checks.
      
   2. Click Edit to modify health check settings.
   3. Modify settings as required.

      Field	Value	Default
      Path	URI to resource used in health check.	/
      Method	HTTP method used.	Always GET
      Status code	HTTP status code used to determine health.	200
      Interval	Interval between health checks in seconds.	10
      Request timeout	Health check request timeout in seconds.	1
      Healthy threshold	Number of successful requests before a host is considered healthy.	3
      Unhealthy threshold	Number of failed requests before a host is considered unhealthy.	3

   4. Click Save to save changes.
      Click Cancel to cancel changes.

Configure certificates

Important

While optional, Okta recommends that all applications include certificates.
See About Access Gateway certificate use for general information about certificate.
See Certificate management tasks for a general task flow for obtaining and assigning certificates.  

1. Expand the Certificates tab.
   
   

   Note

   By default a wildcard self signed certificate is created and assigned to the application when the application is initially created.

2. Optional. Click Generate self-signed certificate
   
   A self-signed certificate is created and automatically assigned to the application.
3. Optional. Select an existing certificate from the list of provided certificates.
   Use the Search field to narrow the set of certificates by common name.
   Use the page forward (>)and backward(<) arrows to navigate through the list of available certificates.
   
   

4. Click Next. The Attributes pane appears.

   For detailed information on the attribute options, see Application attributes .

5. Confirm the IDP login attribute.
   
   

   Note

   By default the JD Edwards application template login field as the JDE_SSO_UID header. Change the value of the header field if required. Add additional header fields required by the application.

Configure policy

1. Click Next. The Policies pane displays.

   See Advanced Access Gateway policy

2. On the root policy row, click the Edit icon.
3. Expand the Advanced sub-tab.
4. In the Custom configuration tab, enter a proxy redirect for the target JD Edwards application.
   For example:
   proxy_redirect http://jde-app.domain.tld:7005 https://$host:$server_port;
   

5. Click Not validated when complete.
   
   If all values are entered correctly, the Not Validated button will change to Validated.
   

6. Click Okay.
7. Click Done.
   

Next steps

Test a JD Edwards based application