• Home
• App Integrations
• Setup JD Edwards via miniOrange access gateway

A step-by-step guide to setting up Oracle JD Edwards via miniOrange Access Gateway for secure authentication and seamless access.

Follow the Step-by-Step Guide given below for Oracle JD Edwards Setup

1. SSO in JDE using miniOrange Access Gateway

• Download and Install miniOrange Access Gateway.
• Open the browser and go to http://localhost:8181/login. You will see the following login page.



• Login using your miniOrange Customer Admin Account credentials
• After successful login you will see the following Dashboard. Click on Upstreams in the right sidebar or the Add Upstream button.



• Click on Add Upstream Server Group button in the top right corner:



• Configure Upstream Group:

  Note: Upstream Group contains the details of servers on which your application is deployed.

  
  
  • Enter the Upstream Group Name.
  • Click on the Add Server button.
  • Enter the Server Details.
  • Click on Save.
  
  

  Upstream Group Details:

  Group Name	Enter a unique name for the Group of Upstream Servers
  Load Balancing	Disabled by default Can be enabled only if more than one active (enabled) server is present in the group. Select Load Balancing Policy from the dropdown

  
  

  Server Details:

  Scheme	Select the scheme/protocol used to access the JD Edwards Server. This field can only have one value either HTTP or HTTPS
  Host	The FQDN or IP Address of JD Edwards Server
  Port	The Port on which the JD Edwards Server is listening




• Go to Authentication Providers and click Add Authentication Provider.



• Select SAML Authentication Provider.



• Configure Authentication Provider Details:

  Note: Authentication Providers contain IDP configurations used for user authentication.

  
  
  • Enter a unique Provider Name.
  • Click on Save.

Note: Don’t upload any metadata file right now, we will come back to this in the upcoming steps.





• Go to Apps >> click on Add Application.



• Select Oracle JD Edwards Application from the list.



• Configure Application Details.
• Basic Details:

  Application Name	Enter a unique name to identity Application
  Hostname	FQDN on which the Access Gateway will be accessed
  Port	Port on which the Access Gateway will listen for HTTP requests





Note: The Hostname entered above must have a DNS entry pointing to the server on which miniOrange Access Gateway is deployed.



• Advanced Details:

  Enable SSL	Enable this button if you want to allow Access Gateway to run on HTTPS
  SSL Port	Enter the SSL Port number that the Access Gateway will listen on for HTTPS Requests
  Keystore Type	Type of keystore used to SSL Certificates ( JKS, PKCS12, PEM )
  Upload Keystore	If Keystore Type is JKS / PKCS12, then upload keystore files with extensions .jks, .p12, .pfx
  Upload PEM Certificate	If Keystore Type is PEM, then upload file with .pem extension
  Upload Private Key	If Keystore Type is PEM, then upload private key with .pem extension




• Route Details:
  • Select the Authentication Provider Name that was configured earlier from the dropdown list.
  • Select the Upstream Group that we configured earlier from the dropdown list.
  • Click on Save.




Path	Defines the request URL pattern (e.g. /jde/owhtml, /*) that this route will handle. Supports exact paths or wildcards.
Interceptors	A list of interceptors that process the request before it's forwarded. You can add, remove, or reorder them.
Authentication Provider Name	Select the name from the list of configured Authentication Providers. This option will be enabled only if the SAMLAuth interceptor is present.
Upstream Group	Select the name from the list of configured Upstream Groups where the request should be forwarded.

• In the Apps Section, you will be able to see the configured application. Click on the Menu ( ⋮ ) and click on Download Metadata button. A .xml file will be downloaded.
• Now, login to miniOrange Admin Console.
• Go to Apps and click on Add Application button in the top right corner.



• Search for Custom SAML application using the search bar. Now, select the Custom SAML App card that appears below:



• Creating a SAML App in miniOrange IAM and Downloading IDP Metadata.
• Click on the Import SP Metadata button in the top right corner.



• Now, enter a unique application name, select File using the radio button, and upload the metadata you previously downloaded.



• Click on Import and then Save.
• Now, download the Metadata of the application created in miniOrange IAM.
• Click on Menu (⋮) and then Metadata.



• Based on whether External IDP is configured or not, select and download the Metadata.
• Go to miniOrange Access Gateway‘s Admin Console (http://localhost:8181/dashboard)
• Select Authentication Provider, locate the authentication provider which we configured earlier and click on Edit.



• Upload the Metadata File which we downloaded in the previous step and click on Save.



• Go to Apps, locate the Application which we created earlier and click on Redeploy.



• The Application can now be accessed using the Hostname and Port configured in the Basic Details section of application.

2. Configure JDE Logout in miniOrange Access Gateway

• Login to miniOrange Admin Console.
• Similar to what we did in Step 1 of the above section, go to the download metadata section, and
• If using miniOrange as IDP
• Copy the IDP Logout URL if using miniOrange as IDP.



• In the above url replace “sp-initiated-url-of-SP-application” with the url of access gateway. Suppose, the access gateway is accessible on “https://mag.xecurify.com”, then the IDP Logout URL will be “https://login.xecurify.com/moas/logout?redirectUrl=https://mag.xecurify.com”
• If using miniOrange as Broker
• Copy SAML Logout URL.
• Login to miniOrange Access Gateway Admin Console.
• Go to Interceptors and click on Add Interceptor.

Note: Interceptors are components which act like filters, that process incoming requests before they are forwarded to the Upstream Server.




Interceptor Type	Function
SAML	Forces SAML Authentication before forwarding the request to the upstream server.
Catch Cookies	Fetches cookies from the request and adds them to the corresponding response from the upstream server.
Session Logout	Destroys the session of the user in Access Gateway.
Clear Cache	Disables caching.
Header	Adds headers to the request as specified in the configuration.
Redirect	Redirects to the specified URL instead of forwarding the request to the upstream server.
Request Verification	Checks for a specific parameter in the request body. If present, the request is forwarded. If missing, it redirects to a configured URL.




• Choose Redirect Interceptor.



• Configure Redirect Interceptor:
• Enter a unique Interceptor Name.
• Paste the URL from the previous step into Redirect URL field.



• Go to Apps, edit the application that we created in the previous section and go to “Add Routes” tab.
• Click on Add Path.



• In the Path field, enter the path that is configured in JD Edwards as Oracle Access Manager Sign Off URL.
• In the Interceptors:
• Select Session Logout Interceptor and click on Add button.
• Select the interceptor that we configured in the previous step from the dropdown list and click on Add button.
• In the Upstream Group, select the configured upstream group.
• The final configuration would be similar to the following:



• Click on Save.