Hi,
I followed the links form Oracle website to integrate OAM with WebLogic 10.3 using SSPI connector. I used following link;
http://www.oracle.com/technology/products/webcenter/html/e14210/jpsdg_sso.htm#CIHEHGBE
I created the delgated user, policies, resources and all other things step by step almost. Installed the SSPI using WebPass protected by WebGate on Access Server. In the end of installation it asked me to perform some manual configurations like copying jar files from SSPI to WebLogic domain and adding/editing CLASSPATH variables and PATH variables to include jar from SSPI.
Finally the script we use to create new 'Security Realm' using script present in SSPI_Install_Dir called 'setupNetPointRealm.cmd' which failed so I created the new 'realm manually using instruction on following link which says '*Preparing WebLogic Environment*'; (*Step 12.5*)
http://download.oracle.com/docs/cd/E10761_01/doc/oam.1014/e10356/weblogic.htm#BHCJIEGE
After that it ask me to restart the server but WebLogic Server failed to start giving me following exception;
Console Output_
.....
<01-Oct-2009 20:11:22 o'clock BST> <Notice> <Security> <BEA-090082> <Security initializing using security realm
NetPointRealm.>
<01-Oct-2009 20:11:22 o'clock BST> <Warning> <NetPointSecurityProviders> <700021> <*Authentication failed for user [weblogic]*.
Reason - Unprotected resource LOGIN wl_authen:/Authen/Basic used in an ObAuthenticationScheme or ObUserSession constructor.>
<01-Oct-2009 20:11:22 o'clock BST> <Critical> <Security> <BEA-090402> <*Authentication denied: Boot identity not valid*; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
<01-Oct-2009 20:11:22 o'clock BST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
<01-Oct-2009 20:11:22 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<01-Oct-2009 20:11:22 o'clock BST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<01-Oct-2009 20:11:22 o'clock BST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
Stopping PointBase server...
PointBase server stopped.
>
Amazingly one thing I did not understand that in instructions it says it will prompt for password but its not prompting for any password at all. its trying to get started and failing straight away.
Secondly, I want to remind one more thing that, I created user in OAM who will act as a administrator for WLS (originally created in OID) with delegated Administrative rights. I kept the name for this user as 'weblogic' but password for this user is 'weblogic99' because of the password policy that I have to have numbers and letters. On the other hand the default user we have in weblogic is 'weblogic' with password 'weblogic'. do you think that can be the problem???
If I just change the password manually in one of the file from 'weblogic' to 'weblogic99' because the security policy surely be trying 'weblogic99' and WLS is denying this password because its expecting 'weblogic'. Does it make any sense???
Note: I already tried to edit *'boot.properties'* file in location 'bea/wlserver_10.3/samples/domains/wl_server/server/exampleserver/security' directory. I am starting my server using 'startWebLogic.cmd' script present in 'bea/wlserver_10.3/samples/domains/wl_server' directory. Finally this is the fresh installation.
Thanks
--
sjunejo