OAAM Advanced integration with OAM11gR2PS1 using TAP Steps

1. After starting OAAM Admin Server (startAdminOAAM.sh) and OAAM
Managed Server (startOAAM.sh), login as keith.warren/Oracle123 to OAAM
Admin Console (http://oam.example.com:14200/oaam_admin)
2. Restore a snapshot to upload OAAM data: goto Environment --> System
Snapshots and click on Load from File
3. Uncheck Back up current system now and click on Continue
4. Click on Continue again to confirm the non backup of the current system
configuration.
5. Click on Browse and select oaam_base_snapshot.zip from
/app/u01/middleware/Oracle_IDM1/oaam/init
6. Click on Load
7. Click on Restore
8. Create a directory where you will store the Keystore file
9.Connect using WLST to Admin Server
 cd /app/u01/middleware/Oracle_IDM1/common/bin
 ./wlst.sh
 connect()
 username : weblogic
 password : Oracle123
 server URL : t3://oam.example.com:7001
10.Register OAAM as Thirdparty TAP Partner using the following command :
? registerThirdPartyTAPPartner(partnerName = "OAAMTAPPartner",
keystoreLocation =
"/app/u01/middleware/keystore/TAP_OAAM_OAM/TAPkeystore.jks" ,
password="Oracle123", tapTokenVersion="v2.0",
tapScheme="TAPScheme",
tapRedirectUrl="http://oam.example.com:14300/oaam_server/oamLogin
Page.jsp")
11. Update in the OAM Console the TAPScheme to have challenge parameter
MatchLDAPAttribute=uid as we are using UID as login attribute in our
deployment (Policy Configuration --> TAPScheme
12. Update the IAMSuiteAgent's profile and set Access Client Password to
Oracle123 (System Configuration --> Access Manager --> SSO Agents -->
OAM Agents --> Search and Edit IAMSuiteAgent)
13. As we have updated IAMSuiteAgent's password, we need to update
IAMSuiteAgent provider in Weblogic Security Realms with the same
Oracle123 password (WLS Console --> Security Realms --> myrealm -->
Providers --> IAMSuiteAgent --> Provider Specific --> Agent Password)
14. Copy the cli directory to a temporary location (for example /app/u05/tmp)
from /app/u01/middleware/Oracle_IDM1/oaam:
15.Copy the config file oaam_cli.properties from ~/labs that has been updated for
you reflecting the environment: cp ~/labs/oaam_cli.properties
/app/u05/tmp/cli/conf/bharosa_properties/
16.For your information here are the parameters that have been updated in the
configuration file template. 
17. To setup TAP integration with OAM, execute the script
setupOAMTapIntegration.sh and provide all requested information:
export ORACLE_MW_HOME=/app/u01/middleware
export JAVA_HOME=/app/u01/jdk1.6.0_33
cd /app/u05/tmp/cli
chmod +x setupOAMTapIntegration.sh
chmod +x findjar.sh
export PATH=$PATH:.
./setupOAMTapIntegration.sh
/app/u05/tmp/cli/conf/bharosa_properties/oaam_cli.properties
Default value for Weblogic Server Home Directory: press Enter (wait few
seconds)
OAAM AdminServer User Name: weblogic
OAAM AdminServer Password: Oracle123
OAAM DB User name: DEV_OAAM
OAAM DB User password: Oracle123
OAM WebGate credentials to stored in the CSF: Oracle123
OAM TAP Key store file password: Oracle123
18. Successful message should be: SetupOAMIntegration script ran successfully
19. Restart OAM Admin Server (startAdminOAM.sh), OAM Server (startOAM.sh)
and OAAM Server (startOAAM.sh)
20. Login to the OAM admin console and change Authentication Scheme to
TAPScheme for webgate11g_1 Protected Resource Policy
21. Check that you are prompted for credentials using the OAAM authenticator
when accessing http://oam.example.com:7777
22. Notice that you are redirected to http://oam.example.com:14300/oaam_server
which is OAAM managed server for authentication. Enter user.4 and click on
Continue.
23.The TextPad OAAM device is used for getting the password
24. Don't go through the registration steps clicking on Skip
25.You should see the OHS default welcome page.
26.Have a look to the cookies that have been created