IAMSuiteAgent is agent installed while installing OAM 11g by default. it is a domain wide agent. it evaluates all the requests coming to Weblogic Server.
when this agent is Active and you have installed OAM and OIM at the same domain and integration between them is not done, whenever you try to login to OIM you will be redirected to OAM login page.
in order to avoid this issue. you have to make IAMSuiteAgent as an optional.
here is how you can do that
login to Weblogic Admin server
click on Security realms
click on realm ( that comes up at right side of your screen).
click on Provider ( we will see all the Authentication provider list and their oder)
click on IAMSuiteAgent
change Control Flag from Required to Optional
restart Admin and manage servers
now you should be able to login to OIM with prompted for OAM login page again.
if you have a application that is protected by SSO and after login thru SSO you are prompted for SSO or Application page again. you need to create Identity Asserter, you also need to create Identity Asserter if your end application is not getting users identity information from SSO login page
Creating OAMIdentityAsserter
you can create this thru Weblogic console Security Releam --> myreleam --> Provider --> New --> OAMIdentityAsster --> click OK . make sure Control Flag is OPTIONAL ,
from Active Types select all the attributes from Available to Chosen(you can choose one you need, instead of all but for the easiment of explanation i am saying select all), Save and Restart the Admin server
No comments:
Post a Comment