Propel Your Business

Preparing and Configuring Virtual Hosts on OracleAS 10g HTTP Server

Preparing and Configuring Virtual Hosts on OracleAS 10g HTTP Server

Preparing and Configuring Virtual Hosts on OracleAS 10g HTTP Server

Titleimage

Posted by Patrick Hamou on 2017:09:19 22:59:10

PURPOSE: Oracle Application Server 10g

To explain the basic steps behind configuring virtual hosts with Oracle

Application Server 10g, focusing on the Oracle HTTP Server, and referencing

specific areas of Oracle Documentation to accomplish the necessary steps

applicable to other components.

 

This document was originally written for version 9.0.4, and has been considered

for relevance of current versions. Since Oracle HTTP Server virtual hosting has

not changed between versions, its still relevant. However, in newer versions, there

are more components and more dependencies to consider.  This Note explains how

to setup and test a Virtual Host in the Oracle HTTP Server, but how it is used

across the Oracle Application Server would depend on your implementation. It is

always recommended to refer to the Oracle Documentation for all steps. This

Note will lead into the required Oracle Documentation to follow.

 

See also:

Note 314381.1 How to Setup Oracle HTTP Server as a Virtual Host Reverse Proxy

 

SCOPE: Oracle HTTP Server or Oracle Web Cache Documentation

This article's intention is not to provide all Virtual Host configuration

steps. Please see the proper documentation for the actual steps. This will

be either the Oracle HTTP Server or Oracle Web Cache Documentation, whichever

is performing the virtual hosting. This document will outline the steps

allowing all OracleAS components to work together with a virtual hosting setup.

 

Note that in a Virtual Hosting setup, each situation can be different. No one

short document can comprehensively cover each scenario for definite step-by-step

instructions.

Configuring Virtual Hosts on Oracle Application Server 10g

Configuring Virtual Hosts is initially a very simple task. Since it can affect

many items, it is actually a complicated issue, in that there are a series of

steps and dependencies to clean up whenever you change the protocol, hostname or

port used in the URL. A Virtual Host can change the hostname or the port.

Configuring a Virtual Host in the Oracle Application Server can be taken in at

least five major steps and/or considerations:

   

    1. Add a VirtualHost for the Infrastructure (optional)

 

    2. Add a VirtualHost for the Middle Tier (most popular)

 

    3. Single Sign-On (SSO) services for the Infrastructure would need to be

       re-configured. This inclused OID and OIDDAS, but primarily if the

       Infrastructure introduced a VirtualHost on its own installation. This

       includes any SSL configuration, which uses a VirtualHost.

 

    4. SSO services for the Middle-Tier would need to be re-configured. This

       is commonly referred to as a Partner Application.

 

    5. SSO configuration for Portal would need to be re-configured. This is

       a Partner Application, but has different steps than a generic counterpart.

   

This should also be handled on a per-install basis. Meaning, the Infrastructure

should work first, then the Mid-Tier. You should configure the Infrastructure

(or separate Identity Management home) to work first, and then any Mid-Tiers.

 

It also depends on where the Virtual Host is, on the Mid-tier, the Infrastructure,

or both. You don't always need a VirtualHost on the Infrastructure. But, if SSL

is implemented on the Oracle HTTP Server, so was a Virtual Host.

 

Virtual Hosts are usually only initially desired on the Mid-tiers, where there

may be multiple names to access a site. On the Infrastructure, only one will

likely be used, and thus you can just modify the httpd.conf file's Servername

parameter to the new name, and re-register the HTTP Server with SSO, using that

name. If using SSL, its a separate Virtual Host within the ssl.conf file, and

should be treated separately from the global httpd.conf configuration.

 

Note:

You don't need to change anything on the Infrastructure unless implementing SSL

with SSO, or desire to change the ServerName value for the SSO Server. How extensive

of a change depends on overall goals.

Getting Started: Oracle HTTP Server, Virtual Hosting setup

The very first step on any installation is to ensure the Virtual Host works, with

the desired configuration. It can be configured a few different ways, depending on

functionality desired. Below is a virtual host test, using port-based virtual hosting

within the Oracle HTTP Server. Port-based virtual hosting is the easiest way if

another http server is in front of the Oracle HTTP Server (like Oracle Web Cache):

---in httpd.conf---    
    Listen 8000
    Listen 8001

    NameVirtualHost *:8000      
    <VirtualHost *:8000>
        # If a different name is desired:
        ServerName yourname0.com
         # If the request is initially handled by another http server (like Web Cache):
        Port 80
        # Just to proove the virtualhost config is found:
        DocumentRoot "/space/home/oracle/orahome/Apache/Apache/htdocs/vh-yourname8000"
        # Insert any vh-specific config here
    </VirtualHost>
    
    NameVirtualHost *:8001
    <VirtualHost *:8001>
        # If a different name is desired:
        ServerName yourname1.com
        # If the request is initially handled by another http server (like Web Cache):
        Port 80
        # Just to proove the virtualhost config is found:
        DocumentRoot "/space/home/oracle/orahome/Apache/Apache/htdocs/vh-yourname8001"
       # Insert any vh-specific config here
    </VirtualHost>

---end httpd.conf---

Note:

In an Virtual Hosting setup, each situation can be different. No one short document

can comprehensively cover each scenario for definite step-by-step instructions.

   

    Working on the above example, assuming theres a *different* html file in the

    vh-yourname8000 and vh-yourname8001 directories, the following should work,

    and display different pages:

http://yourname0:8000/
http://yourname1:8001/

If going through a front-end device, such as Oracle Web Cache, as configured

    by default in the Application Server, then you should be able to use the

    Listen port used by Oracle Web Cache. In the above example, it is port 80:

http://yourname/ --> forwards to --> http://yourname:8001/
http://yourname/ --> forwards to --> http://yourname:8001/

The first step is to make to ensure the basic Infrastructure (or IM home) URLs

are working correctly. Be sure this configuration works as desired...On the

Infrastructure, the Mid-Tier, and/or when SSL is enabled. Without this working

as desired, the other dependencies will be harder to configure.

^^^major checkpoint 1^^^

 

Dependencies of a VirtualHost on the Infrastructure (SSO Server)

The next step is to ensure the SSO configuration is working correctly. Below is

some information regarding the Single Sign-On configuration, which will be important

to look at:

    ORASSO Schema (WWSEC_ENABLER_CONFIG_INFO$)
    virtualname:port
    http://virtualname:port/pls/orasso/orasso.wwsso_app_admin.ls_login
    
    The SSO Server (orasso)
    http://virtualname:port/pls/orasso/orasso.wwsso_home.process_signon
    http://virtualname:port/pls/orasso/orasso.wwsso_app_admin.ls_login
    http://virtualname:port/pls/orasso/orasso.home
    http://virtualname:port/pls/orasso/orasso.wwsec_app_priv.logout

Reference:

Note:244112.1 Capture Single Sign-On orasso Schema Tables

   

We need to get rid any occurrences of an old name, or the machine name,

and replace it with the virtual name and port. For simplicity sake, lets

assume that you only want one virtual host on the Infrastructure (or IM home).

That means no virtual host configuration is needed in the httpd.conf. You

just change the ServerName parameter, and re-register the http server with SSO,

and don't use the the virtualhost flag as an ossoreg.jar parameter.

 

Note 1:

You don't need to change anything on the Infrastructure unless implementing SSL

with SSO, or desire a different ServerName for the SSO Server.

 

Note 2:

If using SSL, the use of the ssl.conf will mean using a Virtual Host for the

SSL configuration. See the documentation listed below for a Mid-Tier if

VirtualHosts *are* desired on the Infrastructure. Then, follow #6-10 to

re-configure the SSO Server. Note that you can configure ONE Virtual Host,

and modify the global Servername to be the same value.

 

We will first discuss the easiest method to configure one non-ssl virtual host

on the Infrastructure to differentiate the SSO steps from the other steps:

   

    ACTIONS

    -------

   

    1. In the httpd.conf, editing with Application Server Control:

       

       change this:

       ServerName machinename.domain.com

       to this:

       ServerName

Note:

       This assumes that "virtualname" resolves to the IP Address of that box.

       However, its not important on the initial request, as the HTTP Server

       will respond when the IP address is requested. The Servername parameter

       come into play when setting the appropriate response headers, along with

       the Port parameter.

   

    2. Ensure theres no added "VirtualHost" configuration in the httpd.conf.

 

    3. Now is the time to change the Listen and Port parameter to a desired port(s).

      

    4. Restart the HTTP_Server.

   

    5. Test access:

       http://virtualname:port/

    6. Configure SSO with the new URL parameters:

       $ORACLE_HOME/sso/bin/ssocfg.sh http virtualname 7777

This *always* needs to be done when changing the protocol, host, or port)

   

    7. Ensure OID is properly configured:

   

       Open the OID Directory Manager, and do the following:

   

       Login using the orcladmin account.

       Expand the tree:

Entry Management
         cn=OracleContext
           cn=Products
             cn=DAS

Select the cn=OperationURLs page, do not expand the tree, just click on

      the cn=OperationURLs page.  The right hand pane will display a number of

      fields or attributes. The last field will be orcldasurlbase and will

      should be set to the Infrastructure HTTP Server and port. Change this

      entry to reflect the new name and port. e.g. http://virtualname:port.

      (this is stated just as a "url" desired, so do not include port 80

       or 443).

   

   

    8. See this Note to refresh the OID cache:

    

       Note:292380.1 How to Refresh Cache for OID Parameters

   

    9. Re-register the Infrastructure OHS with SSO...

   

       - Set $ORACLE_HOME and environment to the Infrastructure directories.

       - Ensure you are using the Java which came with the installation,

         using the command, "which java".

   

       Paste this into a plain text file, and make it all one line, changing

       appropriately, for your configuration,  then paste into the command line:

   

       $ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoreg.jar
       -oracle_home_path 
       -site_name  \
       -config_mod_osso TRUE \
       -mod_osso_url http://virtualname:port
       -u oracle  \ # since oracle user starts ohs

       Sometimes needed:
       -ssoDBConnect :1521:asdb
       -pass

The goal is to set the proper URL. Since the VirtualHost *is* the Servername,

      we don't need the -virtualhost flag, and this registration will set the

      default osso.conf obfuscated file.

   

    10. Restart the http server

          Hopefully, this has been "10 steps to get the Infrastructure working with a Virtual Host"

          Test it only on the Infrastructure:

        http://virtualname:port/pls/orasso/ --> log in and out as orcladmin
        http://virtualname:port/oiddas/ --> log in and out as orcladmin

        Don't continue until this works. Once this works, you can configure

        VirtualHosts on the Mid-tier, and get Portal to work with them. If

        desiring multiple virtual hosts, or configuring SSL, configure the

        Infrastructure as if it were a Mid-Tier, (with instructions below),

        and then follow #6-10, above. Note that you can configure ONE Virtual

        Host, modify the global Servername (and Port) to be the same value,

        and everything should work fine. These are the sole dependencies. If

        using multiple Virtual Hosts, or enable the SSL Virtual Host, there

        are more dependencies.

^^^major checkpoint 2^^^

Note: In version 10.1.2.x, the documentation was greatly improved to include all

steps to configure dependencies after changing a name or port value. A good place

start is the following Oracle Documentation:

 

   Oracle Application Server Administrator's Guide 10g Release 2 (10.1.2)

   http://download.oracle.com/docs/cd/B14099_19/core.1012/b13995/toc.htm

   "4 Managing Ports"

 

   Usually, its a port change is performed one Oracle home at a time...

  

      By default, Infrastructure or Identity Management home:

      "4.4.3 Changing the HTTP Server Port on an Identity Management Installation"

http://download.oracle.com/docs/cd/B14099_19/core.1012/b13995/ports.htm#i1039402

While configuring a VirtualHost is not necessarily changing the port, it could be.

   The same steps are required when changing the protocol, name, or port to access

   the SSO Server.

Dependencies of a VirtualHost on the Middle Tier

The next step is to configure the Mid-Tiers with the desired URL(s).

   e.g.;

http://mid-vh:port/

You should use this documentation to configure VirtualHosts on the

Mid-tier or Infrastructure Oracle HTTP Server:

    

      Oracle HTTP Server Administrator's Guide 10g (9.0.4)

         Managing Virtual Hosts

http://download.oracle.com/docs/cd/B10464_01/portal.904/b10356/cg_advnc.htm#1054433

But, you are probably sending the virtual host thru Web Cache, if this is a Mid-Tier:

   

    1 Introduction to OracleAS Web Cache

    Virtual Hosting

http://download.oracle.com/docs/cd/B10464_01/caching.904/b10401/intro.htm#1020047

http://mid-vh:wc-port/ --> Should forward to the Mid OHS.

Note thast even if Oracle Web Cache is performing the Virtual Hosting, the Oracle HTTP Server

    configuration in the httpd.conf file will still need the configuration, like the sample above.

   

After all this works, it is onto re-configuring SSO. Please refer to this documentation:

   

    Oracle Application Server Single Sign-On Administrator's Guide 10g (9.0.4)

       4  Configuring and Administering Partner Applications

          Configuring mod_osso with Virtual Hosts

http://download.oracle.com/docs/cd/B10464_02/manage.904/b13791/part_apps.htm#sthref243

And, finally, (and alot of all this information is in here, if you are only concerned about Portal):

   

    Oracle Application Server Portal Configuration Guide 10g (9.0.4)

        5.4 Configuring Virtual Hosts

http://download.oracle.com/docs/cd/B10464_01/portal.904/b10356/cg_advnc.htm#1054433

 

For version 10.1.2, there are similar documented steps in the respective guides

mentioned. But, a popular configuration in this area has been outlined in the

following Metalink Note:

 

Note 378003.1 How to Configure Virtual Hosts on HTTP_Server for LBR Access or SSL Termination

 

 

Note:

The instructions here have become less explicit by design. This is because there

can be many different setups, and topologies. In a Virtual Hosting setup, each

situation can be different. No one short document can comprehensively cover each

scenario for definite step-by-step instructions. The purpose here is not to

rewrite the Oracle Documentation pointed out above. It must be read to ensure a

full understanding along with your topoplogy.

 

 

After configuring requests handled by the Oracle HTTP Server, anytime the address to

access the server has changed, other Oracle Application Server components need

to be configured for this new address. For Oracle Application Server 10g (10.1.2.0.2),

Mid-Tier installation types, its usually only a port change, and the following

documentation can be followed to re-configure the different components:

 

 

    Oracle Application Server Administrator's Guide 10g Release 2 (10.1.2)

 http://download.oracle.com/docs/cd/B14099_19/core.1012/b13995/toc.htm

4 Managing Ports

    4.3.5.1 Changing the OracleAS Web Cache Listen Ports

 

        Task 1: Enable OracleAS Web Cache to Run as Root for Ports Less Than 1024 (UNIX Only)

        Task 2: Change the OracleAS Web Cache Listen Port

        Task 3: Change the OracleAS Web Cache Logical Site Port

        Task 4: Update the Oracle HTTP Server Port Directive

        Task 5: Update the Application Server Control Console

        Task 6: Update mod_osso

        Task 7: Update OracleAS Portal Configuration

        Task 8: Update Web Providers

        Task 9: Update OracleAS Wireless

        Task 10: Update OracleBI Discoverer

        Task 11: Update OracleAS Reports Services

        Task 12: Restart the Middle-Tier Instance

 

Since many components are involved when making an address change, (protocol,

hostname, or port), instructions for admistering these changes may be in

multiple Configuration Guides. They should be the same basic concepts, but

there can be a few different steps specific to that component. The following is

in the Portal Configuration Guide:

 

    Oracle Application Server Portal Configuration Guide 10g Release 2 (10.1.2)

    5.4 Configuring Virtual Hosts

http://download.oracle.com/docs/cd/B14099_19/portal.1012/b14037/cg_advnc.htm#i1054431

--------------------------------------------------------------------------------

 

In summary, configuring virtual hosts with with the Oracle Application Server

should be taken step by step, only after carefully planning the correct steps to

take for the desired situation. Virtual hosts can be configured on either Oracle

Web Cache and/or Oracle HTTP Server. After the virtual host is properly working,

the SSO Server and Oracle Portal need to be re-configured for the URL change.

 

--------------------------------------------------------------------------------

   

ADDENDUM: Oracle HTTP Server, Apache-based servers

Within the httpd.conf or ssl.conf, the Servername and Port parameter are both

used for the "response" headers. Meaning, they have nothing to do with how the

Oracle HTTP Server listens for requests. Apache-based servers listen in the IP

address installed, and the Listen parameter. It depends on the DNS to properly

resolve the name to the IP. All works fine, the request is handled, and

responded to. If the Servername and Port are incorrectly set, then the wrong

Host: header will be sent to the browser. This makes no difference to the user,

and makes no difference to the Oracle HTTP Server, as its just doing whats its

told. The headers come into play because an application can use the header

(as its like a cookie), and refer to it for subsequent requests. Meaning, the

application will tell the browser, "just send another request to the previous

location". The browser will grab the Host: header (in the form of servername:port),

and along with a few others, formulate the URL to pass. In SSO's case, it grabs

the headers needed, stores them as a single string, and redirects the request

to the previous URL. The "application" here is SSO. There are cases, when Portal

does grab this info, as well, and Portal becomes the "application". It depends

on where and what the processing is. If something breaks on the login, it is

"sso" as the application. Together with the correct configuration, the SSO

registration is equally important.

 

This is where it becomes a multi-component dependency. An application component

may require certain settings to enable its optimal functionality.

 

   Portal (as an application component) uses RDBMS, OHS, WC, SSO, OC4J_Portal

   SSO (as an application component) uses OID, OHS, WC, OC4J_SECURITY

   WC is standalone (used by a component to enable application access)

   OHS is standalone  (used by a component to enable application access)

 

When setting the Servername and Port parameter in the httpd.conf or ssl.conf,

it will be for one sole reason: When the front-end name and port in the url is

different than what the IP address of the Oracle HTTP Server is installed on, or

different than the Listen parameter. (If on the same machine, the Servername

will be the same, only Port will be different). Whether or not SSL or virtual

hosts are used is also a consideration. It becomes a conceptual thing to 'grasp',

and apply for each occasion.

 

Trying to diagnose a problem within these dependencies can be difficult. But, it does

help to take it one step at a time, ensuring each standalone component is working

in itself. For example, a default static page should be accessible through the Oracle

HTTP Server. If using Oracle Web Cache, that same page should be accessible through

the Oracle Web Cache Listen port. Then, check that SSO and/or Portal configured correctly

for the desired URL, (protocol://servername:port), keeping in mind there may be some

configuration within Oracle Web Cache and/or Oracle HTTP Server that would allow

optimal functionality.

Posted by Patrick Hamou on 2017:09:19 22:59:10

Tags

Return to Blog

Back to the blog

Browse