9 Configuring Intranet and Internet for Oracle Portal

This document explains how to configure a dedicated intranet and internet for Oracle Portal and upgrading Intranet-Internet setup from Oracle Portal 10g to Oracle Portal 11g. This document contains the following topics:

Configuring a Dedicated Intranet and Internet for Oracle Portal

Upgrading Oracle Portal 10g Intranet-Internet setup to 11g

9.1 Configuring a Dedicated Intranet and Internet for Oracle Portal

You can configure Oracle Portal to be accessible from within a company network as well as from external clients. This section describes some important characteristics of this configuration, and provides instructions on how to configure Oracle Portal for this purpose.

The intranet-internet configuration for Oracle Portal requires two logical middle tiers: portal.mycompany.com and internal.mycompany.com, each residing on a different host. This separation of physical middle-tiers helps isolate the content cached for internet and intranet users. This enhances security, and also ensures that users who navigate to one logical middle tier do not access content served by the other logical middle tier. Each logical middle tier then provides access to the same Oracle Portal schema in the Oracle Application Server Metadata Repository and the same Oracle Portal data. In this configuration, the external logical middle tier is the primary middle tier used to install, configure, and expose web providers. The internal logical middle tier is designated as a partner application.

The intranet-internet configuration requires that all Oracle Web Cache instances be configured as an invalidation-only cluster. Invalidation-only clustering ensures that Oracle Web Cache maintains distinct caches for the two logical sites, while enabling the cluster members to share invalidation messages (thereby ensuring that content edits are visible across the two logical sites).

In this configuration, invalidation messages are sent from the Oracle Portal schema in the OracleAS Metadata Repository to the internal Oracle Web Cache instance, and the invalidation message is then sent out to all the cluster members. The invalidation message used in this configuration ensures that it invalidates content regardless of the host and port specified in the cached URL. This type of invalidation ensures that content cached with either logical middle-tier URL is invalidated. For more information on the Oracle Web Cache invalidation-only cluster, refer to the Oracle Application Server Portal Configuration Guide.

To ensure that the internal and external user communities are distinct, two URLs are used to access the Oracle Portal applications: from the intranet, http://internal.mycompany.com; from the Internet, https://portal.mycompany.com.

The process of configuring the dedicated intranet and extranet for Oracle Portal consists of the following tasks:

Installing and Configuring the External Middle tier
Installing the First Internal Middle Tier on APPHOST3
Configuring an Oracle Web Cache Invalidation-only Cluster
Configuring the First internal Middle Tier on APPHOST3 for Load Balancing Router
Registering the Internal Middle Tier as a Partner Application
Changing Host Assertion in WebLogic
Installing the Second Internal Middle Tier on APPHOST4
Configuring an Oracle Web Cache Invalidation-only Cluster
Configuring the Second Internal Middle Tier on APPHOST4 for Load Balancing Router
Configure Web Cache
Configuring the Oracle Portal Schema in the Oracle Metadata Repository
Validating the Completed Configuration

9.1.1 Installing and Configuring the External Middle tier

To install and configure the external middle tier, perform the steps in the following sections in Oracle Portal Enterprise Deployment Guide:11.1.1.2:

Install application tier on APPHOST1
Configure APPHOST1

9.1.2 Installing the First Internal Middle Tier on APPHOST3

Follow these steps to install the first internal middle tier:

Copy the staticport.ini file from the Disk1/stage/Response directory to a local directory, such as TMP.

Edit the staticport.ini file to assign the following custom ports:

Oracle HTTP Server port = 7777
Oracle HTTP Server Listen port = 7778
Web Cache HTTP Listen port = 7777
Web Cache Administration port = 9400
Web Cache Invalidation port = 9401
Web Cache Statistics port = 9402
Application Server Control port = 1810

Before installing the first middle tier on APPHOST3, you must change the repository version in the portal schema from 11.1.1.4 to 11.1.1.1.0. This can be achieved by performing the following steps:
1. Query the Portal version by connecting to the database as portal schema as shown in the following example:
```
>sqlplus portal/portaldb_portal@portaldb
sql> select version from wwc_version$;
sql> 11.1.1.4.0
```
  Note and remember this Portal repository version.
2. Change the Portal repository version to 11.1.1.1.0 as shown in the following example:
```
sql> update wwc_version$ set version = '11.1.1.1.0';
sql> commit;
sql> select * from wwc_version$;
sql> 11.1.1.1.0
```
This step is mandatory. If this step is not performed, the newly installed middle tier on APPHOST3 overwrites the configuration maintained in the portal schema with the details of the newly installed middle tier. This affects the external portal middle tier. Temporarily downgrading the Portal schema version ensures that the configuration maintained in the Portal schema is left untouched. Later, the portal version must be restored to its original version. Downgrading the portal repository is required only when you are creating a new domain.

Install Weblogic Server

Start the Oracle Universal Installer.

To start the installer on Unix, issue the server103_linux32.bin command.

To start the installer on Windows, issue the server103_win32.exe command.

The Welcome screen appears Click Next.
Choose a Middleware Home Directory.

Enter a value for the Middleware Home as shown in the following example:

/u01/app/oracle/product/FMW

Henceforth, this will be known as MW_HOME. Click Next.
On the next screen, you will be prompted to register for security updates.

Choose whether or not to receive security updates from Oracle Support. Click Next.
Select Typical install type in the Choose Install Type screen.

Click Next.
Provide the path where you want to install the product in the Choose Product Installation Directories screen. Click Next.
Weblogic server will now be installed at the specified location. The Installation Summary screen appears. Click Done to complete the Installation.

Install Oracle Portal

Run following command to install Oracle Portal binaries into the MW_HOME created in the above steps:

On UNIX: runInstaller

On WIndows: setup.exe
The Welcome screen appears. Click Next.
The Installation Type screen appears. Select Install Software and Configure, and click Next.

The Prerequisite Checks screen appears.
Ensure that all checks have passed and click Next.

The Specify Installation Location screen appears.
Enter the following values:
- Middleware Home (MW_HOME)
  
  For example, /u01/1pp/oracle/product/FMW
- Oracle Home
  
  Enter the installation directory for Portal. This will be placed under the MW_HOME directory.
  
  For example, Portal
- Weblogic Server Directory
  
  Enter the installation directory for Oracle Weblogic server. This should be MW_HOME/wlserver_10.3.
  
  For example, /u01/app/oracle/product/FMW/wlserver_10.3
- Oracle Instance Location
  
  Enter the directory where the Oracle Configuration files will be placed. This should be outside of Oracle Home. Henceforth, this will be known as ORACLE_INSTANCE.
  
  For example, /u01/app/oracle/admin/PortalDomain/Portal1
- Oracle Instance Name.
  
  In this case, Portal1
  
  Click Next. The Select Domain screen appears.
Select Create New Domain. Enter the values for User Name, User Password, and Domain Name.

Click Next. The Configure Components screen appears.
Ensure that the following values are checked:
- Server Components - Oracle Portal
- Management Components - Enterprise Manager
- Clustered box
  
  Click Next. The Configure Ports screen appears.
Select Specify Ports using Configuration File.

Select a file name and click View or Edit. You can find a sample statisticports.ini file on installation Disk1 in the stage/repsonse directory.

Save the file and click Next.
In the Specify Schema screen, specify the following values:
- Database Connect String
  
  For example,
  
  db_hostname:port:servicename
- Portal Schema Name: MYP_PORTAL
- Portal Schema Password
  
  Enter password entered in RCU
  
  Click Next. The Specify Portlet Schema screen appears.
Specify the following portlet schema credentials:
- Portlet Schema Name: MYP_PORTLET
- Portlet Schema Password: Enter the password that was entered in RCU
Click Next. The Specify Application Identity Store screen appears.
Specify the following values:
- Hostname
  
  Enter the name of OID server.
- Port
  
  Enter OID port: 389
- User Name
  
  Enter cn=orcladmin
- Password
  
  Enter the orcladmin OID password.
Click Next. The Summary screen appears.
Click Install to begin the installation process.

Note:

For UNIX installations, run the oracleRoot.sh script when prompted.

9.1.3 Configuring an Oracle Web Cache Invalidation-only Cluster

You must configure an Oracle Web Cache invalidation-only cluster that includes the Oracle Web Cache instances from both the internal and external computers. In this cluster configuration, invalidation requests are propagated across all cache cluster members. However, the Oracle Web Cache invalidation-only cluster does not forward other requests between the cluster members. While processing user requests, each cluster member acts as an individual cache and does not request objects from peer cluster members.

This configuration can be used to simplify the administration of many caches, especially in a cluster whose members are separated by a firewall. For example, a cluster can have two caches located on either side of a firewall that separates the intranet from the internet.

9.1.3.1 Preparing the Network Environment for the Oracle Web Cache Invalidation-only Cluster

Before configuring the Oracle Web Cache invalidation-only cluster between the external and internal Oracle Web Cache instances, perform the following checks:

Ensure that all external Oracle Web Cache instances can resolve and contact all internal Oracle Web Cache instances and vice versa. This can be done using the ping network command.
Ensure that the invalidation port (9401) is open in the firewall only in one direction. It must be open from the internal Oracle Web Cache instance to the external Oracle Web Cache instance.
Ensure that the administration port (9400) is open in the firewall in both directions.

Note:

After the configuration is complete, the administration port (9400) should be closed to traffic from the external middle tiers to the internal middle tiers.
Ensure that you can use telnet to send network packets from the internal to the external Oracle Web Cache ports.

9.1.3.2 Configuring the Caches

This section explains how to manage the caches as a cluster and segregate cache content, using the Oracle Web Cache Manager on APPHOST1 to configure settings for a cache cluster.

In the navigator frame, select Properties > Clustering.

The Clustering page appears. The General Cluster Information section displays the default clusterwide values for failover and invalidation propagation. The Cluster Members table displays the external middle tier cache.
In the General Cluster Information section of the Clustering page, click Edit.

The Edit General Cluster Information dialog box appears.
In the Propagate Invalidation field, select Yes to indicate that you want invalidation requests from cache cluster members to be propagated to other cache cluster members.
Click Submit.
In the Cluster Members table of the Clustering page, default values are displayed for the current cache. Select the APPHOST1 cluster member and click Edit Selected.

The Edit Cluster Member dialog box appears.
In the Capacity field, enter 0.

Note:

If you assign a capacity of 0 to all cluster members, no requests will be forwarded between cluster members. With this setup, you can propagate the configuration and invalidation across all cache cluster members, simplifying the administration of many caches.
Click Submit.

Before you can add APPHOST3 to the cluster, the following conditions must be in effect:

The cache must be started.
The administrator password of the cache to be added must be the same as the administrator password of the cache on APPHOST1. If it is different, you must connect to the cache's admin server and modify the administration password. For more information, refer to "Task 2: Modify Security Settings" in Chapter 8, "Setup and Configuration" in Oracle Fusion Middleware Administrator's Guide for Oracle Web Cache.

9.1.3.2.1 Adding Caches to the Invalidation-Only Cluster

You must now add the APPHOST3 cache to the cluster using Oracle Web Cache Manager on APPHOST1.

To add a cache to the cluster in OracleAS Web Cache Manager:

In the navigator frame, select Properties > Clustering.

The Clustering page appears.
In the Cluster Members section of the Clustering page, click Add.

The Add Cache to Cluster dialog box appears.
In the Host Name field, enter apphost3.abc.oracle.com as the host name of the cache to be added to the cluster.
In the Admin Port field, enter the web cache administration port (9400) for the cache to be added to the cluster.
In the Protocol for Admin Port field, select either HTTP to accept HTTP browser requests.
In the Cache Name field, enter apphost3.abc.oracle.com-webcache.
Click Submit.

The cache is now part of the cluster and is listed in the Cluster Members table.
Repeat Steps 2 through 7, substituting apphost4 in the Host Name and Cache Name fields.
Click Apply Changes.

OracleAS Web Cache adds the cache-specific information from the new cache cluster members to the cluster configuration.
For each cluster member, set the Capacity to 0. To do this, select Properties, then Clustering. Select a cluster member and click Edit. In the Edit Cluster Member dialog box, set the Capacity to 0.
Propagate the configuration to all cluster members.

When you modify the cluster and apply changes, OracleAS Web Cache adds the cache-specific information from the new cache cluster members to the configuration. For those changes to take affect in all cluster members, you must propagate the configuration and restart the cache server process of the cluster members.

To propagate the configuration to new cluster members in Oracle Web Cache Manager:
1. In the navigator frame, select Operations > Cache Operations.
  
  The Cache Operations page appears. The Operation Needed column indicates the caches to which the configuration should be propagated.
2. Propagate the configuration to all cache cluster members:
  - Select All caches in the Operate On field.
  - Select an Interval of Immediate. (No other interval is allowed for propagation.)
  - Click Propagate.
  When the operation completes, the Operation Needed column in the Cache Operations page indicates the cluster members that need to be restarted.
3. Stop and restart all cluster members:
  - Select All caches in the Operate On field.
  - Select an Interval to stagger the time that operation begins on the caches, and then click Restart.
    
    When the operation completes, the Operation Needed column in the Cache Operations page indicates that no operations are needed. The cache cluster is ready to use.
Ensure that the administration and invalidation ports are closed to traffic coming from outside the network.

9.1.3.3 Disabling External to Internal Communication Through the Firewall

To disable external to internal communication through the firewall, perform the following steps:

Disable the administration port from external middle tier to internal middle tier.
Ensure that the network packets cannot be sent from the external to the internal Oracle Web Cache administration and invalidation ports, using telnet.
Ensure that network packets can be sent from the internal to the external Oracle Web Cache for both the administration and invalidation ports.

The communication paths and ports should now be as listed in Table 9-1:

Table 9-1 Communication Path and Ports Used by Network Packets

Communication Path	Ports to be enabled
Internal WebCache 1 to External WebCache 1	Port 9400 and Port 9401
Internal WebCache 1 to External WebCache 2	Port 9400 and Port 9401

Note:

For network security reasons, you should perform any additional cluster configuration from a Web Cache instance on one of the internal middle tiers. Any Web Cache instance in the cluster can be used to administer the cluster, but if you want to use an external Oracle Web Cache instance, you must temporarily open the administration port in the firewall to allow external to internal traffic.

9.1.4 Configuring the First internal Middle Tier on APPHOST3 for Load Balancing Router

You must configure the Load Balancing Router to accept requests on port 7777 and forward them to the OracleAS Web Cache port 7777 APPHOST3.

You must also configure Oracle Portal middle tier on APPHOST3 to allow underlying components to construct URLs based on the Load Balancing Router host name (xmlns.oracle.com) and Load Balancing Router port number 7777, so that self-referential URLs rendered on Oracle Portal pages are valid for the browser. In order to do this, you must configure virtual hosts. To configure virtual hosts, perform the following steps:

Configure the Load Balancing Router to accept requests on port 80 and forward them to the Oracle Web Cache port (7777) running on APPHOST3. To do this:
1. Set up a group, or pool, on the Load Balancing Router, to which individual servers can be added. See the Load Balancing Router documentation for instructions on how to do this.
2. Add the desired servers' IP addresses and port numbers to the group.
3. Create a virtual server that listens on port 80, and balances requests among the members of the group. See the Load Balancing Router documentation for instructions on how to do this.
4. Ensure that the Load Balancing Router translates the port on which it is listening to forward requests to the port on which Oracle Web Cache is listening.
Configure the Oracle Portal middle tier on APPHOST3 to allow underlying components to construct URLs based on the Load Balancing Router host name (internal.mycompany.com) and Load Balancing Router port number (80), so that self-referential URLs rendered on Oracle Portal pages are valid for the browser. To do this, define a virtual host as follows:
1. Access the Oracle Enterprise Manager 11g console located at http://apphost3.abc.oracle.com:7001/em.
2. In the navigation panel on the left, expand Web Tier.
3. Select ohs1. The Oracle HTTP Server home page is displayed.
4. From the menu, select Administration and navigate to Advanced Configuration.
5. From the Select file menu, select httpd.conf. Click Go to edit the file.
6. Edit the httpd.conf file. Add a VirtualHost container, as shown in the following example:
```
NameVirtualHost *:7778

<VirtualHost *:7778>
     ServerName internal.mycompany.com
     Port 80
     ServerAdmin [email protected]
     RewriteEngine On
     RewriteOptions inherit
UseCanonicalName On
</VirtualHost>
```
7. Click Apply.
8. When prompted to restart Oracle HTTP Server, click No.
Define a second virtual host, using the same steps as for the first, with the following exceptions:
- Specify apphost3.mycompany.com as the Server Name.
- Specify 7777 for the Port directive in the VirtualHost container.
- When prompted to restart the Oracle HTTP Server, click Yes.
Define a site that matches the virtual host entry created in the previous step, using Oracle Web Cache Manager on APPHOST3, as follows:
1. Access the Oracle Web Cache Manager on APPHOST3, as described in the Oracle Fusion Middleware Administrator's Guide for Oracle Web Cache.
2. From Properties, click Sites.
3. Click Create under Named Sites Definitions.
4. On the Create Named Site page, specify internal.mycompany.com for the Host and 80 for Port. Keep the default values for all other fields.
5. Click OK. internal.mycompany.com now appears in the Named Sites Definitions table.

Use Oracle Web Cache Manager on the external middle tier to add APPHOST3 as an origin server to the Oracle Web Cache cluster. To add APPHOST3, perform the following steps:

Click Origin Server under Origin Servers, Sites, and Load Balancing.
In the Origin Server page, click Add under the Application Web Servers table.

In the Add Application Web Server page, provide the following information:

Property	Value
Hostname	`apphost3.abc.oracle.com`
Port	`7778` (APPHOST3 Oracle HTTP Server listening port)
Routing	`ENABLED`
Capacity	`100`
Failover Threshold	`5`
Ping URL	`/`
Ping Interval	`10`
Protocol	`HTTP`

Click Submit.
To verify that the origin server has been added properly, locate apphost3.mycompany.com in the Origin Server table.

Note:

Refer to the section "Map Sites to Origin Servers" in Oracle Fusion Middleware Administrator's Guide for Oracle Web Cache, for more information.

Use Oracle Web Cache Manager on the external middle tier to map the site internal.mycompany.com to the middle tier apphost3.mycompany.com.
1. In the navigation frame, select Site-to-Server Mapping under Origin Servers, Sites, and Load Balancing.
2. In the Site-to-Server Mapping page, select the first mapping in the table and click Insert Above.
3. In the Edit/Add Site-to-Server Mapping page, select the Select from Site definitions option and then select internal.mycompany.com.
4. In the Select Application Web Servers section, select the application server on APPHOST3 (apphost3.mycompany.com) specified in the Origin Servers page.
5. Click Submit.
6. Click Apply Changes on the top of the page.
7. In the Cache Operations page, click Restart to restart Oracle Web Cache on APPHOST3.
To verify that the site has been mapped correctly, navigate to the Site-to-Server Mapping page, and ensure that APPHOST3 is mapped to the site internal.mycompany.com.
Configure the apphost3.mycompany.com computer so that it can resolve the Load Balancing Router hostname to have the correct IP address. You can use DNS resolution, or create an entry in the /etc/hosts file as follows:

xxx.xxx.240 internal.mycompany.com
Note:

Ensure that the /etc/hosts file does not have an entry that points the local hostname to 127.0.0.1. For example:
```
127.0.0.1 apphost3.mycompany.com
```

9.1.5 Registering the Internal Middle Tier as a Partner Application

For the single sign-on component to work properly, it must always be referenced by a partner application with the same host name in the URL. This is because cookies are sent back only to the host that generated them.

You must register the internal middle tier as a partner application. To achieve this, perform the following steps from an internal middle tier, APPHOST3:

Set the ORACLE_HOME variable to the SSO ORACLE_HOME location.

Run the SSO registration script ORACLE_HOME/sso/bin/ssoreg.sh with the parameters as shown in Example 9-1.

Example 9-1 ssoreg Usage on UNIX

-site_name_internal.mycompany.com
-mod_osso_URL https://internal.mycompany.com
-config_mod_osso TRUE
-oracle_home_path ORACLE_HOME
-config_file /tmp/osso.conf
-admin_info cn=orcladmin
-virtualhost
-remote_midtier

On Windows, run the ssoreg.bat script.

Copy /tmp/osso.conf to the Portal mid-tier home located at MW_HOME/asinst_1/config/OHS/ohs1.
Restart Oracle HTTP Server by issuing the following command:

ORACLE_HOME/opm/bin/opmnctl restartproc process-type=OHS
Log in to the Single Sign-On Server using the following URL:

http://login.mycompany.com/pls/orasso
Go to the administration page and then navigate to Administer Partner applications. Delete the entry for apphost3.mycompany.com.
Restart Web Tier for the changes to take effect. Oracle Web Tier components can be restarted using the following commands:

opmnctl stopall

opmnctl startall

Note:

Before issuing these commands, ensure that the environment variable ORACLE_INSTANCE is set to the value that was entered during the install.

9.1.6 Changing Host Assertion in WebLogic

By default, certain CGI environment variables are not passed through to WebLogic because the Oracle HTTP Server acts as a proxy for WebLogic. These include the host and port. WebLogic needs to be aware it is using a virtual site name and port so that it can generate internal URLs appropriately. To achieve this, perform the following tasks:

Log into the WebLogic administration console using the following URL:

http://apphost1.abc.oracle.com:7001/console
Select Environment and navigate to Clusters.
Click Lock and Edit in the Change Center window to enable editing.
Select cluster_portal. Navigate to HTTP and enter the following values:

Parameter Value

Frontend Host

internal.mycompany.com

Frontend HTTP Port

80

Frontend HTTPS Port

Not required
Click Activate Changes in the Change Center window.
Restart WLS_PORTAL managed server. To restart WLS_PORTAL, perform the following steps:
1. Log in to http://apphost1.abc.oracle.com:7001/console.
2. Navigate to Servers and select the Control tab.
3. Select the WLS_PORTAL check box and click Shut down.
4. To restart WLS_PORTAL, select the WLS_PORTAL check box and click Start.
  
  The WLS_PORTAL starts.

Parameter	Value
Frontend Host	internal.mycompany.com
Frontend HTTP Port	80
Frontend HTTPS Port	Not required

9.1.6.1 Validate the Configuration

After the first internal middle tier on APPHOST3 is configured, you must restore the portal version number to its original version number. To do this, perform the following steps:

Query the Portal version by connecting to the database as portal schema as shown in the following example:
```
>sqlplus portal/portaldb_portal@portaldb
sql> select version from wwc_version$;
sql> 11.1.1.1.0
```

Change the Portal repository version to 11.1.1.4.0 as shown in the following example:

sql> update wwc_version$ set version = '11.1.1.4.0';
sql> commit;
sql> select * from wwc_version$;
sql> 11.1.1.4.0

In order to validate the configuration, perform the following tests:

Test	URL	Result
Test Load Balancer	http://myPortal.mycompany.com/	Home page displayed
Test Load Balancer via SSL	https://myPortal.mycompany.com/	Home page displayed
Test Load Balancer termination	http://myPortal.mycompany.com/portal/pls/portal/owa_util.print_cgi_env	REQUEST_PROTOCOL value of HTTPS

9.1.7 Installing the Second Internal Middle Tier on APPHOST4

Before installing the second internal middle tier on APPHOST4, ensure that the internal middle tier on APPHOST3 is running.To install the second internal middle tier on APPHOST4, perform the following tasks:

Follow the steps in Section 9.1.2, "Installing the First Internal Middle Tier on APPHOST3" to install the second internal middle tier, with the following exceptions:

Substitute APPHOST3 with APPHOST4 wherever applicable.
The portal version number must be changed only during the installation of the first internal middle tier on APPHOST3. Subsequently, when APPHOST4 or more middle tiers are set up, the portal version number must not be changed.

In the Install Oracle Portal section, replace Step 6 with the following step:

Select Expand Cluster. Enter the following values:

Parameter	Value
Host Name	Name of the host running WebLogic Admin Server: APPHOST3.mycompany.com
Port	Port that the Admin Server is using. For example, 7001
User Name	Admin Server administrator account name
Password	Admin Server password

Click Next. The Configure Components screen appears.

Note:

It is recommended that you use the same physical path for installing the second middle tier. This helps when you make configuration changes on one machine and want to transfer the changes to another machine.

9.1.8 Configuring an Oracle Web Cache Invalidation-only Cluster

After installing the second middle tier on APPHOST4, you must add the APPHOST4 cache to the cluster using Oracle Web Cache Manager on APPHOST1. To achieve this, perform the steps in Section 9.1.3, "Configuring an Oracle Web Cache Invalidation-only Cluster", replacing APPHOST3 with APPHOST4 wherever applicable.

9.1.9 Configuring the Second Internal Middle Tier on APPHOST4 for Load Balancing Router

Perform the following steps to configure the second internal middle tier on APPHOST4:

Introduce WLS_PORTAL1(APPHOST4) to ORACLE HTTP Server on APPHOST3.

After the managed server WLS_PORTAL has started, the Oracle HTTP Server (OHS) on the external middle tier needs to be made aware, so that it can route requests to it.
Update Oracle HTTP Server configuration to be cluster aware.

After the WebLogic cluster has been created, the WebLogic requests need to be directed to the cluster. To achieve this, you must edit the following in the portal.conf file located at ORACLE_INSTANCE/config/OHS/ohs1/moduleconf on APPHOST3:
- Change the following entries for the blocks beginning with the following:
  - /portal
  - /portalTools
  - /wsrp-tools
  - /portalHelp
  - /portalHelp2
- Edit the following:
```
<Location /portal>
SetHandler WebLogic-handler
WebLogicHost apphost3.mycompany.com
WebLogicPort 9001
</Location>
```
  to
```
<Location /portal>
SetHandler WebLogic-handler
WebLogicCluster apphost3.mycompany.com:9001,apphost4.mycompany.com:9001
</Location>
```
Restart the Oracle HTTP Server using the following command:

opmnctl restartproc process-type=OHS

Copy the configuration information from APPHOST3 to APPHOST4.

File	Location APPHOST3	Location APPHOST4
appConfig.xml portal_cache.conf portal_dads.conf portal_plsql.conf	MW_HOME/user_projects/domains/PortalDomain/config/fmwconfig/servers/WLS_PORTAL/applications/portal/configuration/	MW_HOME/user_projects/domains/PortalDomain/config/fmwconfig/servers/WLS_PORTAL1/applications/portal/configuration
mod_oradav.conf mod_osso.conf plsql.conf portal.conf virtual_hosts.conf	ORACLE_INSTANCE/config/OHS/ohs1/moduleconf	ORACLE_INSTANCE/config/OHS/ohs1/moduleconf
osso.conf	ORACLE_INSTANCE/config/OHS/ohs1	ORACLE_INSTANCE/config/OHS/ohs1
sqlnet.ora	ORACLE_INSTANCE/config/	ORACLE_INSTANCE/config/

Restart Oracle HTTP Server using the following commands:

ORACLE_HOME/opmn/bin/opmnctl stopall
ORACLE_HOME/opmn/bin/opmnctl startall

Configure virtual hosts.

You must configure Oracle Portal middle tier to allow underlying components to construct URLs based on the Load Balancing Router hostname (internal.mycompany.com) and Load Balancing Router port number 7777. In order to do this, you must configure virtual hosts. To configure virtual hosts, perform the following steps:
1. Edit the httpd.conf file located in $INSTANCE_HOME/config/OHS/ohs1.
2. Add the following entries to the file:
```
NameVirtualHost *:8888
<VirtualHost *8888>
ServerName http://internal.mycompany.com:7777
RewriteEngine On
RewriteOptions inherit
UseCanonicalName On
</VirtualHost>
```
```
<VirtualHost *:8888>
ServerName apphost4.abc.oracle.com:7777
RewriteEngine On
RewriteOptions inherit
UseCanonicalName On
</VirtualHost>
```
Create the following Portal directories on APPHOST4 to allow the storage of the Oracle Portal cache:

ORACLE_INSTANCE/portal/cache

ORACLE_INSTANCE/diagnostics/logs/portal
Update instance paths in the files located in the directory at $DOMAIN_HOME/config/fmwconfig/servers/WLS_PORTAL1/applications/portal/configuration.

Edit the following files as stated below:

portal_cache.conf – Change PlsqlCacheDirectory

portal_plsql.conf – Change PlsqlLogDirectory
Start WLS_PORTAL1 by logging into the Administration Server on APPHOST4 using the following URL:

http://apphost4.abc.oracle.com:7001/console

for more information about starting WLS_PORTAL1, see section Start WLS_PORTAL1 in Oracle Portal Enterprise Deployment Guide:11.1.1.2.

Validate the configuration

After the configuration is completed, you must validate the configuration. In order to validate the configuration, perform the following tests:

Test	URL	Result
Test Load Balancer	http://myPortal.mycompany.com/	Home page displayed
Test Load Balancer via SSL	https://myPortal.mycompany.com/	Home page displayed
Test Load Balancer Termination	https://myPortal.mycompany.com/portal/pls/portal/owa_util.print_cgi_env	REQUEST_PROTOCOL value of HTTPS

9.1.10 Configure Web Cache

Change Web Cache Passwords

The Web Cache invalidation and admin passwords are randomly generated. It is recommended that these passwords be changed from the default value to a new known value. To change the password, perform the following steps:

In the navigator window, expand the Web Tier tree.
Select wc1 in APPHOST4.
From the menu list at the top of the page, select Administration and navigate to Passwords.
Enter a new invalidation password and administration password. Confirm and click Apply.

Note:

Use the same passwords as used in the external middle tier.
Restart Web Cache, for the changes to take effect, by using the following command:

opmnctl restartproc ias-component=wc1

Use Oracle Web Cache Manager on APPHOST3 to add APPHOST4

To add APPHOST4 using Oracle Web Cache Manager, perform the following steps:

Click Origin Server under Origin Servers, Sites, and Load Balancing.
In the Origin Server page, click Add under the Application Web Servers table.

In the Add Application Web Server page, provide the following information:

Property	Value
Hostname	`apphost4.abc.oracle.com`
Port	`7778` (APPHOST4 Oracle HTTP Server listening port)
Routing	`ENABLED`
Capacity	`100`
Failover Threshold	`5`
Ping URL	`/`
Ping Interval	`10`
Protocol	`HTTP`

Click Submit.
To verify that the origin server has been added properly, locate apphost4.abc.oracle.com in the Origin Server table.

Use Oracle Web Cache Manager on APPHOST3 to map the Load Balancing Router site to the origin servers

To map the load balancing router site internal.mycompany.com to the two origin servers apphost3.mycompany.com and apphost4.mycompany.com using Web Cache Manager, perform the following steps:

In the navigation frame, select Site-to-Server Mapping under Origin Servers, Sites, and Load Balancing.
In the Site-to-Server Mapping page, select the mapping for the Load Balancing Router site in the table and click Edit Selected.
In the Select Application Web Servers section, select an application Web server specified in the Origin Servers page for APPHOST4 (apphost4.mycompany.com).
Click Submit.
To verify that the site has been mapped correctly, ensure that both APPHOST3 and APPHOST4 are mapped to internal.mycompany.com in the Site to Server Mappings table.
Click Apply Changes at the top of the page. Perform the following steps in the Cache Operations page:
1. Click Propagate to propagate changes to APPHOST4.
2. Click Restart to restart Web Caches on APPHOST3 and APPHOST4.

9.1.11 Configuring the Oracle Portal Schema in the Oracle Metadata Repository

Configure the Oracle Portal schema in the Oracle Metadata Repository to send host-independent invalidations. To do this, perform the following steps:

Log in to APPHost1 and run the script OH/portal/admin/plsql/wwc/cachhii.sql using SQL*Plus.
Specify on at the prompt to enable host-independent invalidations.

9.1.12 Validating the Completed Configuration

To verify that your configuration is complete and is working as expected, perform the following steps:

Test access to Oracle AS Portal through the Load Balancing Router by completing the following steps:
1. Access the OracleAS Portal home page at http://internal.mycompany.com:7777/pls/portal.
2. Click the Portal login link.
3. Click some links in the portal.
4. Confirm that content is getting cached in Oracle Web Cache. To do this, access the Oracle Web Cache Manager on APPHOST3 as described in Oracle Fusion Middleware Administrator's Guide for Oracle Web Cache.
  
  Under Monitoring, click Popular Requests. select Cached from the Filter Objects drop-down list, and click Update. If you accessed Oracle Portal, you will see portal content (For example, URLs that contain /pls/portal).
  
  Perform some basic page edits in Oracle Portal, such as adding a portlet to a page, and verify that the new content shows up. If the new content does not display properly, or errors occur, Oracle Web Cache invalidation is misconfigured.

9.2 Upgrading Oracle Portal 10g Intranet-Internet setup to 11g

This section includes the following topics:

Installing and Upgrading the External Middle Tier
Post Upgrade Configuration of the External Middle tier
Installing and Upgrading the First Internal Middle Tier on APPHOST3
Post Upgrade Configuration of the First Internal Middle Tier on APPHOST3
Installing and Upgrading the Second Middle Tier on APPHOST4
Post Upgrade Configuration of the Second Internal Middle Tier on APPHOST4
Validating the Configuration

9.2.1 Installing and Upgrading the External Middle Tier

Installing the External Middle Tier

To install the external middle tier, perform the following tasks:

Install WebLogic Server version 1034.
Install PS1 S/W bits.
Install PS3 Sparse patch.

Open the vi portal-deployment-sequence.xml file located at MW_HOME/oracle_home/install/config/deploy.

Comment the following lines in the file as shown below:

<!-- <Deploy name="portalHelp" file="portal/jlib/portalHelp.ear" description="Portal Help" stagingMode="nostage"/> -->
<!-- <Deploy name="portalHelp2" file="portal/jlib/portalHelp2.ear" description="Portal Help 2" stagingMode="nostage"/>-->

Run ./config.sh which is located at MW_HOME/$ORACLE_HOME/bin.

Upgrading the Repository and External Middle Tier

You must use the Upgrade Assistant to upgrade the repository and external middle tier. To upgrade the external middle tier and the required schemas and repository, see Section 3.6, "Task 6: Use the Upgrade Assistant to Upgrade the Required Schemas and Middle Tiers" in Oracle Fusion Middleware Upgrade Guide for Oracle Portal, Forms, Reports, and Discoverer

9.2.2 Post Upgrade Configuration of the External Middle tier

After upgrading the repository and the middle tier, you must configure the middle tier. The following configuration tasks must be performed:

Open the httpd.conf file located at MW_HOME/instance_name/config/OHS/ohs1. Edit the file as shown below:

NameVirtualHost*:7778
<VirtualHost*:7778>
ServerName portal.mycompany.com
#SecureHttps On
Port 443
UseCanonicalName On
RewriteEngine On
RewriteOptions inherit
</VirtualHost>

<VirtualHost*:7778>
ServerName apphost1.abc.oracle.com:7777
RewriteEngine On
RewriteOptions inherit
UseCanonicalName On
</VirtualHost>

Specify the Frontend host and port details.
1. Log into the upgraded WebLogic console using the following URL:
  
  http://apphost1.abc.oracle.com:7001/console
2. From the navigation panel on the left, navigate to Clusters and click Summary of Clusters.
3. Select cluster_portal. The Settings for cluster_portal page is displayed.
4. Select the HTTP tab from the Configuration section.
5. Enter the following frontend host and port details:
  
  Frontend Host: portal.mycompany.com
  
  Frontend HTTP Port: 80
  
  Frontend HTTPS Port: 443
6. Click Save. Click Activate Changes for the changes to take effect.
Restart WLS_PORTAL for the configuration changes to take effect. To restart WLS_PORTAL, perform the following steps:
1. Log in to http://apphost1.abc.oracle.com:7001/console.
2. Navigate to Servers and select the Control tab.
3. Select the WLS_PORTAL check box and click Shut down.
4. To restart WLS_PORTAL, select the WLS_PORTAL check box and click Start.
  
  The WLS_PORTAL starts.

Open the portal_dads.conf file located at. Edit the file as shown below:

<Location /pls/portal>
SetHandler pls_handler
Order allow,deny
Allow from All
AllowOverride None
PlsqlDatabaseUsername portal
PlsqlDatabasePassword CSFPassword
PlsqlDatabaseConnectString portalinfra.abc.oracle.com:1521:portaldb.abc.oracle.com  ServiceNameFormat
PlsqlNLSLanguage AMERICAN_AMERICA.WE8ISO8859P1
PlsqlAuthenticationMode SingleSignOn
PlsqlDocumentTablename portal.wwdoc_document
PlsqlDocumentPath docs
PlsqlDocumentProcedure portal.wwdoc_process.process_download
PlsqlDefaultPage portal.home
PlsqlPathAlias url
PlsqlPathAliasProcedure portal.wwpth_api_alias.process_download
PlsqlExclusionList "#None#"
PlsqlCGIEnvironmentList "REQUEST_PROTOCOL=HTTPS"
PlsqlCGIEnvironmentList "SERVER_PORT=443"
</Location>

Create a database wallet and store the certificate of the load balancer in this wallet. After storing the certificate inside the database wallet, it is also necessary to store the location of the wallet within the Portal repository.

To achieve these tasks, perform all the steps in the following sections of Oracle Portal Enterprise Deployment Guide:11.1.1.2:
- Create a Database Wallet
- Import Certificate into Database Wallet
- Identify the Wallet to Portal
You must register the external middle tier with SSO. For information about registering with SSO, see Oracle Portal Enterprise Deployment Guide:11.1.1.2.
Restart Web Tier (OHS and Web Cache).

Having made the above changes, the Web tier components must be restarted. This can be achieved by issuing the following commands:

opmnctl stopall

opmnctl startall

Validate the configuration.

In order to validate the configuration, perform the following tests:

Test	URL	Result
Test Load Balancer SSL Termination	https://myPortal.mycompany.com/portal/pls/portal/owa_util.print_cgi_env	REQUEST_PROTOCOL value of HTTPS
Test Portal via Load Balancer	https://myPortal.mycompany.com/portal/pls/portal	Portal home page displayed
Test Portal Login via Load Balancer	https://myPortal.mycompany.com/portal/pls/portal	Should be able to log in using account orcladmin

9.2.3 Installing and Upgrading the First Internal Middle Tier on APPHOST3

Install the First Internal Middle Tier on APPHOST3

To install the internal middle tier on APPHOST3, perform the following tasks:

Install WebLogic Server version 1034.
Install PS1 S/W bits.
Install PS3 Sparse patch.

Open the vi portal-deployment-sequence.xml file located at MW_HOME/oracle_home/install/config/deploy.

Comment the following lines in the file as shown below:

<!-- <Deploy name="portalHelp" file="portal/jlib/portalHelp.ear" description="Portal Help" stagingMode="nostage"/> -->
<!-- <Deploy name="portalHelp2" file="portal/jlib/portalHelp2.ear" description="Portal Help 2" stagingMode="nostage"/>-->

Connect to the database and change the version in the Portal schema as shown below:

>sqlplus portal/portaldb_portal@portaldb
sql> select version from wwc_version$;
sql> 11.1.1.4.0

Now change the version to 11.1.1.1.0 as shown below:

sql> update wwc_version$ set version = '11.1.1.1.0';
sql> commit;
sql> select * from wwc_version$;
sql> 11.1.1.1.0

Create Portlet schema using 11g RCU.
Run ./config.sh which is located at MW_HOME/$ORACLE_HOME/bin.

Upgrade the First Internal Middle Tier on APPHOST3

You must use the Upgrade Assistant to upgrade the internal middle tier on APPHOST3. To upgrade the internal middle tier on APPHOST3, see Section 3.6,"Task 6: Use the Upgrade Assistant to Upgrade the Required Schemas and Middle Tiers" in Oracle Fusion Middleware Upgrade Guide for Oracle Portal, Forms, Reports, and Discoverer.

Note:

The Repository is upgraded only for the external middle tier. You need not upgrade the repository for the Internal middle tiers on APPHOST3 and APPHOST4.

9.2.4 Post Upgrade Configuration of the First Internal Middle Tier on APPHOST3

After upgrading the internal middle tier, you must configure the middle tier. The following configuration tasks must be performed:

Specify the Frontend host and port details.
1. Log into the upgraded WebLogic console using the following URL:
  
  http://apphost3.abc.oracle.com:7001/console
2. From the navigation panel on the left, navigate to Clusters and click Summary of Clusters.
3. Select cluster_portal. The Settings for cluster_portal page is displayed.
4. Select the HTTP tab from the Configuration section.
5. Enter the following frontend host and port details:
  
  Frontend Host: internal.mycompany.com
  
  Frontend HTTP Port: 7777
  
  Click Save.
  
  Note:
  
  Leave the Frontend HTTPS port field blank.
6. Restart WLS_PORTAL, for the changes to take effect, by performing the following steps:
  1. Log in to WebLogic console.
  2. Navigate to Servers and select the Control tab.
  3. Select the WLS_PORTAL check box and click Shut down.
  4. To restart WLS_PORTAL, select the WLS_PORTAL check box and click Start.
    
    The WLS_PORTAL starts.
You must register the internal middle tier on APPHOST3 with SSO. For information about registering with SSO, see Oracle Portal Enterprise Deployment Guide:11.1.1.2. Copy the generated osso.conf file to the following directory:

$ORACLE_HOME/asinst_1/config/OHS/ohs1/osso.
Restart Web Tier (OHS and Web Cache).

Having made the above changes, the Web tier components must be restarted. This can be achieved by issuing the following commands:

opmnctl stopall

opmnctl startall

9.2.5 Installing and Upgrading the Second Middle Tier on APPHOST4

After the first internal middle tier on APPHOST3 is installed and upgraded, you must restore the portal version number to its original version number. To do this, perform the following steps:

Query the Portal version by connecting to the database as portal schema as shown in the following example:
```
>sqlplus portal/portaldb_portal@portaldb
sql> select version from wwc_version$;
sql> 11.1.1.1.0
```

Change the Portal repository version to 11.1.1.4.0 as shown in the following example:

sql> update wwc_version$ set version = '11.1.1.4.0';
sql> commit;
sql> select * from wwc_version$;
sql> 11.1.1.4.0

Note:

The portal version number must be changed only when the installing and upgrading the first internal middle tier on APPHOST3. Subsequently, when APPHOST4 or more middle tiers are set up, the portal version number must not be changed.

Install the Second Internal Middle Tier on APPHOST4

To install the second internal middle tier on APPHOST4, perform the following tasks:

Follow all the steps in Installing the External Middle Tier.
Install Oracle Portal 11g as mentioned in Section 9.1.7, "Installing the Second Internal Middle Tier on APPHOST4".

Upgrade the Second Internal Middle Tier on APPHOST4

You must use the Upgrade Assistant to upgrade the internal middle tier on APPHOST3. To upgrade the internal middle tier on APPHOST3, see Section 3.6, "Task 6: Use the Upgrade Assistant to Upgrade the Required Schemas and Middle Tiers" in Oracle Fusion Middleware Upgrade Guide for Oracle Portal, Forms, Reports, and Discoverer.

Note:

The Repository is upgraded only for the external middle tier. You need not upgrade the repository for the Internal middle tiers on APPHOST3 and APPHOST4.

9.2.6 Post Upgrade Configuration of the Second Internal Middle Tier on APPHOST4

To configure the WebLogic domain for APPHOST4, perform the following tasks:

Introduce WLS_PORTAL1(APPHOST4) to ORACLE HTTP Server on APPHOST3.

After the managed server WLS_PORTAL has started, the Oracle HTTP Server (OHS) on the external middle tier needs to be made aware, so that it can route requests to it.
Update Oracle HTTP Server configuration to be cluster aware.

After the WebLogic cluster has been created, the WebLogic requests need to be directed to the cluster. To achieve this, you must edit the following in the portal.conf file located at ORACLE_INSTANCE/config/OHS/ohs1/moduleconf on APPHOST3:
- Change the following entries for the blocks beginning with the following:
  - /portal
  - /portalTools
  - /wsrp-tools
  - /portalHelp
  - /portalHelp2
- Edit the following:
```
<Location /portal>
SetHandler WebLogic-handler
WebLogicHost apphost3.mycompany.com
WebLogicPort 9001
</Location>
```
  to
```
<Location /portal>
SetHandler WebLogic-handler
WebLogicCluster apphost3.mycompany.com:9001,apphost4.mycompany.com:9001
</Location>
```
Restart the Oracle HTTP Server using the following command:

opmnctl restartproc process-type=OHS

Copy the configuration information from APPHOST3 to APPHOST4.

File	Location APPHOST3	Location APPHOST4
appConfig.xml portal_cache.conf portal_dads.conf portal_plsql.conf	MW_HOME/user_projects/domains/PortalDomain/config/fmwconfig/servers/WLS_PORTAL/applications/portal/configuration/	MW_HOME/user_projects/domains/PortalDomain/config/fmwconfig/servers/WLS_PORTAL1/applications/portal/configuration
mod_oradav.conf mod_osso.conf plsql.conf portal.conf virtual_hosts.conf	ORACLE_INSTANCE/config/OHS/ohs1/moduleconf	ORACLE_INSTANCE/config/OHS/ohs1/moduleconf
osso.conf	ORACLE_INSTANCE/config/OHS/ohs1	ORACLE_INSTANCE/config/OHS/ohs1
sqlnet.ora	ORACLE_INSTANCE/config/	ORACLE_INSTANCE/config/

Configure virtual hosts. To achieve this, perform the following steps:

Edit the virtual_hosts.conf file located at ORACLE_INSTANCE/config/OHS/ohs1/moduleconf on APPHOST4.

Ensure that the file contains the UseCanonicalName On entry as shown below:

NameVirtualHost *:7778
<VirtualHost *7778>
ServerName http://internal.mycompany.com:7777
RewriteEngine On
RewriteOptions inherit
UseCanonicalName On
</VirtualHost>

<VirtualHost *:7778>
ServerName apphost4.abc.oracle.com:7777
RewriteEngine On
RewriteOptions inherit
UseCanonicalName On
</VirtualHost>

Restart Oracle HTTP Server using the following commands:

ORACLE_HOME/opmn/bin/opmnctl stopall
ORACLE_HOME/opmn/bin/opmnctl startall

Create the following Portal directories on APPHOST4 to allow the storage of the Oracle Portal cache:

ORACLE_INSTANCE/portal/cache

ORACLE_INSTANCE/diagnostics/logs/portal
Update instance paths in the files located in the directory at $DOMAIN_HOME/config/fmwconfig/servers/WLS_PORTAL1/applications/portal/configuration.

Edit the following files as stated below:

portal_cache.conf – Change PlsqlCacheDirectory

portal_plsql.conf – Change PlsqlLogDirectory
Before starting WLS_PORTAL1, perform the following steps:
1. Unzip the portal.ear file located at $ORACLE_HOME/archives/applications dir.
2. Open portal_dads.conf which is a zero byte file. Add content to the file to make it a non-zero byte file, and save it.
3. Rebuild the portal.ear file.
4. Restart WLS_PORTAL1.
5. Copy portal_dads.conf file from APPHOST3 instance to $DOMAIN_HOME/config/fmwconfig/servers/WLS_PORTAL1/applications/portal/configuration (APPHOST4).
6. Restart WLS_PORTAL1 server.
Start WLS_PORTAL1 by logging into the Administration Server on APPHOST4 using the following URL:

http://apphost4.abc.oracle.com:7001/console

for more information about starting WLS_PORTAL1, see section Start WLS_PORTAL1 in Oracle Portal Enterprise Deployment Guide:11.1.1.2.

9.2.7 Validating the Configuration

To validate the configuration, access the external Portal URL (http://portal.mycompany.com/portal/pls/portal) and internal Portal URL (http://internal.mycompany.com:7777/portal/pls/portal) in the following two scenarios and verify that they are working:

APPHOST3 is completely down (opmn services and WLS_PORTAL) and APPHOST4 is completely up (opmn services and WLS_PORTAL).

APPHOST3 is completely up (opmn services and WLS_PORTAL) and APPHOST4 is completely down (opmn services and WLS_PORTAL)