installed when OracleAS is installed. To install additional languages, click the Product Languages button on the Select a Product to Install screen. If you forget to install additional languages during the installation of OracleAS, you can still enable the single sign-on UI for additional languages by running the ossoca.jar tool. To enable the single sign-on server for additional languages after installation: 1. Copy the desired language files from the CD home for the Repository
Configuration Assistant (REPCD_HOME) to the Oracle home for OracleAS Single Sign-On:
cp REPCD_HOME/portal/admin/plsql/nlsres/ctl/lang/*.* ORACLE_ HOME/sso/nlsres/ctl/lang/
wherelang is the desired language code. For example, this value would beja for Japanese. Note that you must create thelang directory in the single sign-on home before running ossoca.jar.
2. Add $ORACLE_HOME/lib to the library path environment variable. 3. Issue the following command:
$ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoca.jar langinst lang
make_lang_avail $ORACLE_HOME
For the variablelang, substitute the code for the language to be installed. For the variablemake_lang_avail, substitute1if you want to make the language available. Substitute0 if you want to make the language unavailable.
In the following example, the Korean language is installed:
$ORACLE_HOME/jdk/bin/java -jar $ORACLE_HOME/sso/lib/ossoca.jar langinst ko 1 $ORACLE_HOME
For a complete list of the language codes supported, see Appendix A in Oracle Application Server 10g Globalization Guide.
Configuring the Global User Inactivity Timeout
Before reading this section, read"Global User Inactivity Timeout" in Chapter 1, "Components and Processes: an Overview."
The global user inactivity timeout is applicable to one domain only. This means that computers enabled for the timeout must reside within the same cookie domain. The applications on these computers use the domain cookie to track user activity. If, for
Configuring the Global User Inactivity Timeout
the system must have the .acme.com domain in their host name. One of these computers might be host1.acme.com. Another might be host2.acme.com. In addition, clocks on all of these computers, including the single sign-on server computer, must be synchronized with one another.
The global user inactivity timeout is not configured by default. You must enable it by running the ssogito.sql script, located at $ORACLE_HOME/sso/admin/ plsql/sso. The steps that follow include an example of ssogito.sql.
To configure the global user inactivity timeout:
1. Log in to SQL*Plus, using the single sign-on schema name and password. The default schema name isorasso. To obtain the password, seeAppendix B. 2. Run ssogito.sql by entering the following command:
SQL> @ssogito.sql
A list of fields appears.
3. In the Enter value for timeout_cookie_domain field, enter a domain name that is common to all of the applications enabled by the single sign-on server. Be sure to prepend a period before the domain name.
4. In the Enter value for inactivity period field, enter the length of the desired inactivity period—say, 15 minutes.
5. To enable the new settings, press the Return or Enter key. To cancel the transaction, press the Return or Enter key twice.
Once you have completed a transaction, the script provides you with a summary of the new timeout settings. Here is an example of ssogito.sql:
Note: If this field is left blank, the domain name defaults to the host name for the single sign-on server.
Configuring the Global User Inactivity Timeout
SQL> @ssogito
============================================= SSO Server Inactivity Timeout Configuration ============================================= Timeout : DISABLED
Cookie name : OSSO_USER_CTX Cookie domain :
Inactivity period: 15 minutes Encryption key : 093D678526DAA66D
Note: timeout cookie domain will be defaulted to the SSO Server hostname
---
To disable timeout set inactivity period to 0, (zero) Press return key twice if you do not want
to change timeout configuration.
PL/SQL procedure successfully completed.
Enter value for timeout_cookie_domain: .oracle.com Enter value for inactivity_period: 15
Timeout : ENABLED New timeout cookie domain: .oracle.com New inactivity period : 15 minutes PL/SQL procedure successfully completed. No errors.
6. Restart the single sign-on middle tier. See"Stopping and Starting the Single Sign-On Middle Tier".
7. On the application middle tiers where the inactivity timeout is to be enabled, edit the mod_osso.conf file. Make sure that theOssoIdleTimeout parameter exists and that it is set toon. The file is in $ORACLE_
HOME/Apache/Apache/conf. Here is an example file with the correct setting:
LoadModule osso_module libsexec/mod_osso.so <IfModule mod_osso.c>
OssoIpCheck off OssoIdleTimeout on
OssoConfigFile /u01/oracleas10g/Apache/Apache/conf/osso/osso.conf #
#Insert Protected Resources #
Obtaining the Sample Files
. . .
</IfModule>
8. Restart the Oracle HTTP Server on the application middle tiers. See"Stopping and Starting the Oracle HTTP Server".
If Oracle Delegated Administration Services and the single sign-on server are located on the same middle tier, and you want the global user inactivity timeout to apply to the former, perform steps eight and nine on the single sign-on middle tier.
Obtaining the Sample Files
The ipassample.jar file contains sample code for single sign-on features such as certificate-enabled sign-on and deployment-specific pages. Use this command to extract the file: