Monday, December 1, 2014

Oracle® Fusion Middleware OES-11g Release 2 ( - Secure the XACML Authorization Web Service

Oracle® Fusion Middleware OES-11g Release 2 ( - Secure the XACML Authorization Web Service

Migrating From Database to XML

Following is the procedure to migrate policies from a database to an XML-based

policy store.

Note: The value of the property needs to be populated with the key generated during reassociation of the policy, credential, and key stores from one repository type to another

1. On the OES server  installed box create a folder migration. Eg: /OES/migration

2. Create a file jps-config.xml Eg: /OES/migration/jps-config.xml

3. Copy the content below to the jps-config.xml file create above and edit the DB connection parameters.

4. Copy the bootstrap folder

5. Copy the system-jazn-data.xml from the following location
$ORACLE_HOME/user_projects/domains/oes_domain/config/fmwconfig to /OES/migration

<!-- Source DB-based policy store instance -->

<serviceInstance provider="policystore.provider"
<description>DB Based Policy Store Service Instance</description>
<property name="policystore.type" value="DB_ORACLE"/>
<property name="jdbc.url"
<property name="jdbc.driver" value="oracle.jdbc.driver.OracleDriver"/>
<property name=""
value="bootstrap_DWgpEJgXwhDIoLYVZ2OWd4R8wOA=" />
<property name="" value="cn=jpsTestNode"/>
<property name="" value="cn=view_steph.atz"/>

<!-- Destination XML-based policy store instance -->
<serviceInstance name="dst.xml" provider="policystore.xml.provider"
<description>File Based Policy Store Service Instance</description>

<!-- Bootstrap credentials to access source and destination stores -->
<serviceInstance location="./bootstrap" provider="credstoressp"
<description>Replace location with the full path of the directory where
the bootstrap file cwallet.sso is located; typically found in


<jpsContext name="sourceContext">
<serviceInstanceRef ref="policystore.db.source"/>


<jpsContext name="destinationContext">
<serviceInstanceRef ref="dst.xml"/>

<jpsContext name="bootstrap_credstore_context">
<serviceInstanceRef ref="bootstrap.cred"/>


6. On the OES server  installed box navigate to the following location $ORACLE_HOME/Oracle_IDM1/common/bin/

7. Run the follwing command ./

8. If you need to migrate entire policystore use this command:
Eg: migrateSecurityStore(type=”policyStore”,src=”sourceContext”,dst=”destinationContext”,configFile=”OES/migration/jps-config.xml”)

If you need to migration only a specific application policy:

(type="policyStore", src="sourceContext",

ForgeRock: Open AM. Install Open AM 5.5 with Tomcat 8.0 - Part 1- Install Tomcat

This BLOG thread discusses on steps to install and configure Open AM 5.5 with Tomcat 8.0. Install Tomcat. You can always find the l...