Ebusiness 12.2.X Zero Sign on Part 4(Kerberos Authentication (WNA)) !!

Author: | Posted in Oracle Applications DBA No comments

Hi Techies,

In this post, will see Zero Sign-On for EBS 12.2.x using Kerberos Authentication Method.

Below is the high-level overview of how Kerberos Authentication will happen.

C:\Users\firozhussain4045\Desktop\WNA_Sequence_Diagram1.gif

Steps:

Login to OAMCONSOLE and edit the OID Identity Store, set attribute Login ID Attribute to displayName and save it.

Update Default store as OIDIdentityStore.

Using below command in AD server create a keytab file.

ktpass -princ HTTP/otd01.hussain.net@HUSSAIN.NET -mapuser oraoam -pass Welcome1 -ptype KRB5_NT_PRINCIPAL -crypto ALL -out c:\keytab\otd01.keytab

Copy the keytab file to OAM server.

In OAM server update the Kerberos configuration file like below.

vi /etc/krb5.conf

Listing the keys of keytab file

Testing Authentication through keytab file.

Go to OAMCONSOLE and create a custom Kerberos scheme.

Update keytab file in Kerberos Authentication Module.

Update the Kerberos Scheme in Protected Resource Policy of Application Domain.

Restart the OAM services and login to PC with AD username and password. In my case, ADTEST2 is the user.

And fire EBS Url, it should have to automatically authenticate using WNA and should land on the home page of the user.

Add Your Comment