CA SSO with Oracle RAC ODBC Setup

Document ID : KB000009567
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

Open Database Connectivity (ODBC) is a standard application programming interface (API) for accessing database management systems (DBMS). And, the designers of ODBC aimed to make it independent of database systems and operating systems. Configuring a single Oracle database to function as an audit store or any other type of CA Single Sign-On (CA SSO) data store requires specific database information. This article focuses on Oracle RAC.

Background:

The way to configure ODBC for Oracle RAC hasn’t changed over the versions of CA SSO (Formerly known as SiteMinder).

Environment:
Audit Store, Policy Server
Instructions:

Key points to note for connecting to Oracle RAC based Store for CA SSO:

- It is similar to connecting to a single instance of an Oracle database.
- In addition to the SID or ServiceName for each Oracle instance, a ServiceName exists for the entire Oracle RAC system.
- When an application uses Oracle RAC system’s ServiceName, the Oracle RAC system appears to be a single Oracle instance to the application.
- The instance which is connected depends on number of factors, – availability of instance, load, etc.
- Oracle RAC instances can be configured Policy Server as a single data source name similar to that of a single instance Oracle database.

Take a look below at the excerpts from an example of the tnsnames.ora (which is typically controlled by the Oracle administrator) and (CA SSO’s) system_odbc.ini file examples. Tnsnames.ora is a file which is used by oracle client to connect to oracle server. And, the system_odbc.ini file contains all of the names of the available CA SSO ODBC data sources as well as the attributes that are associated with these data sources. This file must be customized to work for each site.

(This is just an example. Enter appropriate version for NSoraXX,so where XX is the version for the release of the driver you’re using; also, appropriate IP addresses and port numbers.)

A*) ServiceName example in tnsnames.ora file for:
- Oracle Client
- RAC Environment

----------------------------------------------------
MyRAC11g =
(DESCRIPTION=
(LOAD_BALANCE=on) 
(FAILOVER=on) 
(ADDRESS=(PROTOCOL=tcp) (HOST=10.22.218.112) (PORT=1521)) 
(ADDRESS=(PROTOCOL=tcp) (HOST=10.22.218.113) (PORT=1521)) 
(ADDRESS=(PROTOCOL=tcp) (HOST=10.22.218.114) (PORT=1521)) 
(CONNECT_DATA= (SERVICE_NAME=CASSODB) 
(FAILOVER_MODE= (TYPE=select) (METHOD=basic) (RETRIES=5)(DELAY=1)))

-----------------------------------------------------
Note: In this case, CASSODB is RAC system’s ServiceName.


B*) Next, continuing onto (renamed out-of-the-box oraclewire.ini to ) system_odbc.ini for Unix based policy server example with:
- Data Direct Oracle Wire Protocol
- Oracle RAC Environment for Audit Store

----------------------------------------------------------------
[SiteMinder Audit Data Source]
Driver=/PSinstall/R12/odbc/lib/<NSoraXX.so>
Description=DataDirect 6 Oracle Wire Protocol
HostName=10.22.218.112
PortNumber=1521
ServiceName=CASSODB 
AlternateServers=(HostName=10.22.218.113:PortNumber=1521:ServiceName=CASSODB, HostName=10.22.218.114:PortNumber=1521:ServiceName=CASSODB)
LoadBalancing=1
CatalogOptions=0
ProcedureRetResults=0
EnableDescribeParam=0
EnableStaticCursorsForLongData=0
ApplicationUsingThreads=1
------------------------------------------------------------------
Note: As a best practice, user name and password should be defined in Policy Server Management Console; so it's not shown above.

Additional Information:

For Oracle based store installation details, refer to the Policy Server installation sections of the docops.ca.com documentation for the CA SSO release you’re using.