How to (correctly) make manual edits to oam-config.xml

Introduction

Occasionally, it is necessary to make changes to OAM 11g configuration by directly updating the oam-config,xml file, rather than using the OAM console.  In this post, we describe the correct way to make changes to this file. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available.

Editing oam-config.xml

Correctly making durable edits to oam-config,xml involves the following steps, which must always be followed exactly.

  1. 1. Shut down the entire domain, including the WebLogic Admin Server and all OAM Managed Servers
  2. 2. Locate the correct “oam-config.xml” file. This will be located on the Admin Server node in the following location: <DOMAIN_HOME>/config/fmwconfig/oam-config.xml
  3. 3. Make a backup of the existing file prior to editing
  4. 4. When editing the file, be sure to increment the version number by 1 to ensure that the changes are not overwritten by the console. See below for details on how to do this.
  5. 5. Once the change has been saved, restart the WebLogic Admin Server, followed by the OAM Managed Servers.
  6. 6. As a verification step, check <DOMAIN_HOME>/config/fmwconfig/oam-config.xml on each of the OAM Managed Server nodes to ensure that the updated version has propagated correctly.

Incrementing the version number

The location of the version number that needs to be incremented is highlighted in the following snippet from the oam-config.xml file. The version number will occur near the top of the file.

<Setting xmlns="http://www.w3.org/2001/XMLSchema" Name="NGAMConfiguration" Type="htf:map">
...
<Setting Name="Version" Type="xsd:integer">175</Setting>
...
</Setting>

In our case, we would need to increment the number from “175” to “176” prior to saving oam-config.xml.

Comments

  1. Jaseer Abubakar says:

    The previous comment stripped out the tag characters
    Setting Name=”PasswordExpiredURL” Type=”xsd:string”>/identity/faces/firstlogin
    Setting Name=”ChallengeSetupNotDoneURL” Type=”xsd:string”>/identity/faces/firstlogin
    Setting Name=”ForcedPasswordChangeURL” Type=”xsd:string”>/identity/faces/firstlogin

  2. Jaseer Abubakar says:

    Hi Rob,
    We want to replace the password expiry page with a custom built page. I can see that the oam-config.xml has properties for this

    /identity/faces/firstlogin
    /identity/faces/firstlogin
    /identity/faces/firstlogin

    Is editing the oam-config.xml the correct way to do this ?
    Is there another way to update this setting through the oam console ?

    thanks,
    Jaseer

Add Your Comment