Troubleshooting and Management

48 15 0
  • Loading ...
1/48 trang

Thông tin tài liệu

Ngày đăng: 25/11/2016, 21:15

10 Troubleshooting and Management Copyright © 2010, Oracle and/or its affiliates All rights reserved Objectives After completing this lesson, you should be able to: • Work with Access Tester • Identify connectivity issues – Between agents and servers (impact of load balancers and firewalls) • • 10 - Explain OAM-specific WLST commands Work with Oracle Enterprise Manager Fusion Middleware Control Copyright © 2010, Oracle and/or its affiliates All rights reserved Objectives After completing this lesson, you should be able to: • Describe the diagnostic capabilities within OAM 11g – OAM Access Tester • Explain EM FMW Control integration – – – – – 10 - Server processes and charts Topology viewer Farm and domain OAM server management MBean browser Copyright © 2010, Oracle and/or its affiliates All rights reserved Road Map • • • • • 10 - Working with Access Tester WLS troubleshooting tips and agent and server monitoring Top problem areas Working with WLST Monitoring by using EM FMW Control Copyright © 2010, Oracle and/or its affiliates All rights reserved Access Tester • Simulates interactions between registered OAM agents and OAM 11g servers – You can verify agent connection and test policy definitions – An administrator emulates the end user and the Access Tester emulates agents • • • 10 - Is a stand-alone Java application that ships with Oracle Access Manager 11g Can be run from any computer Has both a GUI (manual testing) and command-line interface (automated testing) Copyright © 2010, Oracle and/or its affiliates All rights reserved Use Cases: Access Tester • Use Cases: – Simulate interaction between OAM agents and the OAM server – Handle the response from the OAM server in the same manner as a real agent – Review the results of intended policy changes – Troubleshoot issues with agent connections or access policy definitions – Track the latency of authentication and authorization requests – Stress-test the OAM server – Establish performance metrics 10 - Copyright © 2010, Oracle and/or its affiliates All rights reserved Access Tester Simulating Steps 1, 3, 5, of Agent and OAM Server Interaction User WebGate (agent) Application 4 10 - Agent connects to OAM server - Connect User accesses application resource Agent makes IsProtected (Validate) request • OAM server returns Yes/No and type of credentials required For protected resources, agent prompts user for credentials • User or user agent submits credentials Agent makes IsAuthenticated request • OAM server validates user credentials and returns Y/N and additional responses For authenticated users, agent makes IsAuthorized request • OAM server evaluates policies and returns Y/N and additional responses Oracle Access Agent grants or denies access to application Manager Server Copyright © 2010, Oracle and/or its affiliates All rights reserved User Store Policy Store Access Tester: Core Functionality Testing • Connect to policy servers • Validate resource protection • Authenticate users • Authorize users Automation and Analysis • Collect test cases • Generate test scripts • Run test scripts • Evaluate results and analyze differences Usability • GUI (manual) and command-line (automated) testing modes • Scalable testing framework via separation of test cases from physical servers • Auto-import of resources to test • XML persistence 10 - Copyright © 2010, Oracle and/or its affiliates All rights reserved Access Tester Architecture 10 - 10 Copyright © 2010, Oracle and/or its affiliates All rights reserved Output Files and Security Features • The following XML files are produced when you run the Access Tester : – – – – – • config.xml script.xml oamtest_target.xml oamtest_stats.xml oamtest_log.xml Security: – Supports Open and Simple modes – Encrypts passwords 10 - 12 Copyright © 2010, Oracle and/or its affiliates All rights reserved Example: Create Identity Store Embedding WLST Command in Python Script ADMIN_USER_NAME = "weblogic" ADMIN_PASSWORD = "welcome1" ADMIN_SERVER_PORT = "7001" LDAP_HOST = “myhost.us.oracle.com" LDAP_PORT = "20440" LDAP_PRINCIPAL = "cn=orcladmin" LDAP_CREDENTIAL = "welcome1" LDAP_BASE_DN = "dc=us,dc=oracle,dc=com" LDAP_USER_BASE_DN = "cn=Users,dc=us,dc=oracle,dc=com" LDAP_GROUP_BASE_DN = "cn=Groups,dc=us,dc=oracle,dc=com“ connect(ADMIN_USER_NAME, ADMIN_PASSWORD,'localhost:'+ADMIN_SERVER_PORT) print "*** Creating User IdentityStore“ createUserIdentityStore(name="UserIdentityStore4",principal=LDAP_PRINCI AL, credential=LDAP_CREDENTIAL, type="OID", userAttr="uid",ldapProvider="OID", userSearchBase=LDAP_USER_BASE_DN, groupSearchBase=LDAP_GROUP_BASE_DN, ldapUrl="ldap://%s:%s" % (LDAP_HOST, LDAP_PORT), isPrimary="false") #type="LDAP", roleSecAdmin="Administrators", roleSysMonitor="Monitors", roleSysManager="Deployers", roleAppAdmin="Operators", userIDProvider="", domainHome="" print "*** Display User IdentityStore" print displayUserIdentityStore(name="UserIdentityStore4") disconnect() 10 - 45 Copyright © 2010, Oracle and/or its affiliates All rights reserved WLST Commands for OAM 11g • • WLST commands for OAM are available within oamWlstCmd.py under \common\wlst Some key WLST commands: createOAMAuthenticator (delete and update as well) displayWebgate11gAgent (edit and delete as well) displayOssoAgent (edit and delete as well) displayOAMMetrics displayWebgateAgent (edit and delete as well) listOAMAuthnProviderParams displayUserIdentityStore createOAMIdentityAsserter (edit, create, delete as well) (update as well) displayOamServer (create, edit, delete as well) changeLoggerSetting displayTopology 10 - 46 Copyright © 2010, Oracle and/or its affiliates All rights reserved Road Map • • • • • 10 - 49 Working with Access Tester WLS troubleshooting tips and agent and server monitoring Top problem areas Working with WLST Monitoring by using EM FMW Control Copyright © 2010, Oracle and/or its affiliates All rights reserved Oracle Enterprise Manager Fusion Middleware Control Systems management interface for OAM 11g Key operations: • Performance overview and drilldown • Dynamic log level changes and log searches (will be discussed later in the course) • Topology overview • MBean browser 10 - 50 Copyright © 2010, Oracle and/or its affiliates All rights reserved FMW Control: Performance Overview 10 - 51 Copyright © 2010, Oracle and/or its affiliates All rights reserved Topology View a graphical representation of the topology 10 - 52 Copyright © 2010, Oracle and/or its affiliates All rights reserved MBean Browser View key MBeans Invoke methods 10 - 53 Copyright © 2010, Oracle and/or its affiliates All rights reserved How to Re-register an Agent from the OAM Admin Console Delete the agent Application Domain > AuthN and AuthZ policies > Delete the resources under the protected and public resource policies and then delete the protected and public resource policies Delete the resources under the application domain Delete the application domain Delete the host identifier 10 - 54 Copyright © 2010, Oracle and/or its affiliates All rights reserved Summary In this lesson, you should have learned how to: • Work with Access Tester • Identify connectivity issues – Between agents and servers (impact of load balancers and firewalls) • • 10 - 55 Describe OAM-specific WLST commands Work with Oracle Enterprise Manager Fusion Middleware Control Copyright © 2010, Oracle and/or its affiliates All rights reserved Summary • Learn the diagnostic capabilities within OAM 11g – OAM Access Tester • Explain EM FMW Control integration – – – – – 10 - 56 Server processes and charts Topology viewer Farm and domain OAM server management MBean browser Copyright © 2010, Oracle and/or its affiliates All rights reserved Quiz Which of the following is true: a You must run Access Tester from the OAM server machine b You must run Access Tester from the agent machine c You can run Access Tester from any machine d You must run Access Tester from the WLS admin server machine 10 - 57 Copyright © 2010, Oracle and/or its affiliates All rights reserved Quiz Following are the management interfaces for OAM 11g: a WLST command line b WLS admin console c OAM admin console d EM FMW Control e All of the above 10 - 58 Copyright © 2010, Oracle and/or its affiliates All rights reserved Quiz When Access Tester connects to the OAM server, it acts like an: a Agent b End user client c OAM administrator d OAM proxy server 10 - 59 Copyright © 2010, Oracle and/or its affiliates All rights reserved Quiz EM FMW Control allows you to: a View performance overview and drilldown of the OAM server environment b Configure dynamic log level changes and view log searches c View OAM environment topology d Interact with methods, attributes, and their operations by using the MBean browser e All of the above 10 - 60 Copyright © 2010, Oracle and/or its affiliates All rights reserved Practice 10 Overview: Working with Access Tester, WLST, and FMW Control This practice covers the following topics: • Practice 10-1: Working with Access Tester • Practice 10-2: Using OAM-specific WLST commands • Practice 10-3: Working with Oracle Enterprise Manager Fusion Middleware Control 10 - 61 Copyright © 2010, Oracle and/or its affiliates All rights reserved
- Xem thêm -

Xem thêm: Troubleshooting and Management, Troubleshooting and Management, Troubleshooting and Management

Gợi ý tài liệu liên quan cho bạn

Nạp tiền Tải lên
Đăng ký
Đăng nhập