Skip to content

WAM Audit Configuration Service

ARTICLE TYPE
How to

TITLE
WAM Audit Configuration Service

ANSWER

Securtiy Gateway

Installation

With following commands we can check WAM installation verification such as installation successfull , file customization , file ownership and mode.

Info

verify: to verify a WAM installation

[root@oracle bin]# ./lpfsetuputil -u verify

[root@oracle bin]# ./lpfsetuputil -u verify
-<I>-| The dbaapi initialization with the WAM Directory ldap://oracle.evidian.local:390/o=lpfRoot is successful
-<I>-| Verifying WAM installed under '/usr/evidian/lpf' ...
-<I>-| Loading checksum file '/usr/evidian/lpf/data/installed.txt' ...
-<I>-| There is no rollback file
-<I>-| Checking file existence ...
-<I>-| Checking checksum for files that are not customizable ...
-<I>-| Checking checksum for files that are customizable ...
-<I>-| Checking file ownership and mode ...
-<I>-| Processing files that need to be removed ...
-<I>-| All files have been successfully verified

Info

endinstall: to perform other operations done at the end of the installation

[root@oracle bin]# ./lpfsetuputil -u endinstall

-<I>-| Migrating Apache specific directives on WAM Authentication Servers ...
-<I>-| The WAM Authentication Server 'Built-in Authentication Server' already contains Apache specific directives for CORS
-<I>-| WARNING: You must check the specific directives for CORS for Authentication Server 'Built-in Authentication Server'
-<I>-| WARNING: New Specific directives for CORS should be:
-<I>-| WARNING:   ## CORS directives
-<I>-| WARNING:   Header  unset  Access-Control-Allow-Origin
-<I>-| WARNING:   # adapt this directive in order to take into account the domains allowed in CORS
-<I>-| WARNING:   # Example: SetEnvIf Origin "http(s)?://(.*.)?(test-pxp.frec.bull.fr)(:.*)?$" AccessControlAllowOrigin=$0
-<I>-| WARNING:   # to allow all domains: http or https, any domain, any port :
-<I>-| WARNING:   SetEnvIf Origin "http(s)?://(.*.)?(.*)(:.*)?$" AccessControlAllowOrigin=$0
-<I>-| WARNING:   Header always set  Access-Control-Allow-Origin %{AccessControlAllowOrigin}e  env=AccessControlAllowOrigin
-<I>-| WARNING:   Header always set Access-Control-Allow-Methods "*"
-<I>-| WARNING:   Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding, access-control-allow-origin, access-control-allow-credentials,Access-Control-Allow-Origin "
-<I>-| WARNING:   Header always set Access-Control-Allow-Credentials true
-<I>-| WARNING:
-<I>-| WARNING:   ## CIAM directives
-<I>-| WARNING:   Header always set X-Frame-Options SAMEORIGIN
-<I>-| WARNING:   # CIAM allowed domains must be identified, others must be rejected
-<I>-| WARNING:   # adapt this directive in order to take into account the allowed  domains
-<I>-| WARNING:   # by default all domains are allowed
-<I>-| WARNING:   # Example: SetEnvIf Referer "http(s)?://(.*.)?(test-pxp.frec.bull.fr)(.*)?" ALLOWEDORIGIN=1
-<I>-| WARNING:   # Comment the two following lines if you do not use the CIAM Connect JS SDK
-<I>-| WARNING:   SetEnvIf Referer "http(s)?://(.*.)?(.*)?" ALLOWEDORIGIN=1
-<I>-| WARNING:   Header always unset X-Frame-Options env=ALLOWEDORIGIN

info

WAM Version Check

[root@oracle bin]# ./lpfversion
WAM 9.0.10.8 (10359/240709163727) installed on oracle.evidian.local:/usr/evidian/lpf
LDAP schema version is 2.109
Provisioning Web Service version is 8.6.6
Portal JSP Welcome Server is Apache Tomcat/8.5.35
Welcome page server version is 4.1
Authentication server version is Apache/2.4.58
Security gateway version is Apache/2.4.58

Administration Server

Management of WAM Security Gateway administration server

Usage: ./lpfadmin <action> [Options]
action: -create, -delete, -start, -stop, -restart, -status

Options:
        -f: never check peer certificate with LDAPS
        -d <trace level>: the trace level
        -w <password>: old password for certificate database
        -l: for a deferred operation
        -b: for a background process
        -t <tempo>: temporization in seconds
        -p <ppid>: the parent process id
        -u <admin server URL>: the URL of the Admin Server
        -i [yes|no]>: does use IP listen ?

[root@oracle bin]# ./lpfadmin -status
http://oracle.evidian.local:9119 started
[root@oracle bin]#

Product Version
WAM 9.0.9 , WAM 9.0.10

Keywords
Evidian WAM

Related articles: