OAM and F5 APM module integration
Does anyone have any experience integrating the 10g webgate used in the F5 BIP-IP APM module with OAM 11gR1? I'm trying to configure SSO and centralised logout across multiple domains (including the domain used by OIM and OAM).
As far as access management goes I have a single webgate agent in OAM which references a single application domain that includes the resources originally covered by IAMSuiteAgent and other resources in various other domains. That part seems to work ok. The OAM login screen appears whenever a protected resource is accessed. I have single sign on into webcenter apps in various integrated weblogic domains but sign out isn't working
In terms of OAM-OIM integration I have followed the enterprise guide at http://docs.oracle.com/cd/E21764_01/core.1111/e12035/wiring.htm#CEGFBCID as far as possible. It is a bit unclear to me how we cater for the fact that we have no OHS involved in this setup (all the relevant requests are routed through the F5 where the webgate resides instead).
Currently I don't see the OAM login screen when I try to access the OIM console and when I logout of OIM or OAM, my session doesn't terminate and I get
Error: Single Sign Off didn't take place
Cause: The IDMDomainAgent for SingleSignOn is not enabled, but SingleSignOff tried to access the Agent's logout page..
Action: Enable the IDMDomainAgent or use a WebGate for SingleSignOn protection. Direct access to this page with the IDMDomainAgent is invalid.
Any thoughts or help appreciated.