We are going to cover about the commands that can be used to enable White listing of URLs in OAM and enable it on OAM Protected applications. This white listing of URLs helps to avoid re-directions to external sites/URLs that are not registered with OAM.
Environment:
Enabling and configuring White-listing mode is very simple and just requires the following acitivites.
1. Enable OAM White listing Mode:Environment:
- OAM 11.1.2.3BP07
- RHEL6/OEL6
Enabling and configuring White-listing mode is very simple and just requires the following acitivites.
- Enable OAM White listing Mode
- Adding/Removing URLs to/from the list of White listed URLs
- Login to the server that contains installation of OAM component
- Browse to the following directory
- <Oracle_IDM_Home>/common/bin
- Execute the following commands
- ./wlst.sh
- connect('weblogic','password','t3://oamhost:7001'>)
- domainRuntime()
- oamSetWhiteListMode(oamWhiteListMode="true")
- This returns the success message as shown below.
2. Adding/Removing URLs to/from the list of White listed URLs :
- Execute the below command to add a URL to the list
- oamWhiteListURLConfig(Name="google",Value="http://www.google.com",Operation="Update")
- Execute the below command to remove a URL from the list
- oamWhiteListURLConfig(Name="google",Value="http://www.google.com",Operation="Remove")
Validation:
- We can validate the behaviour during the logout process of any protected application with OAM Logout URL. For example, Add a URL like "http://www.google.com/" to white list and invoke the following Logout URL which has end_url parameter with the google.com URL
- http://<OHSHost:7777/oamsso/logout.html?end_URL=http://www.google.com/
- After successful logout, above URL will redirect you back to "http://www.google.com/" as it is trusted URL.
- You can validate by removing the same URL from the White Listed URLs list and invoke logout again. Then OAM will just log you out but will not redirect the user to "http://www.google.com/"
Thanks for visiting.
