Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to...
Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to take advantage of it for securely propagating the end user identity from the client to the backend services. However, that post is written with the assumption that both the JavaScript code and the REST services are protected by the same WebGate. Speaking in HTTP protocol terms, we say they have same origin. Modern web...
Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to take advantage of it for securely...
Introduction When you look at the list of Technologies listed in ODI 12.2.1 Topology, you can see a new entry: SOAP Web Services. Prior to having this...
Introduction When you look at the list of Technologies listed in ODI 12.2.1 Topology, you can see a new entry: SOAP Web Services. Prior to having this Technology defined here, developers connecting to Web Services in ODI had to enter all the connectivity details in their packages when they designed the Web Service call. Now they can predefine the connection parameters and security policies, and then focus separately on the implementation of the Web Service call. We will see...
Introduction When you look at the list of Technologies listed in ODI 12.2.1 Topology, you can see a new entry: SOAP Web Services. Prior to having this Technology defined here, developers connecting to...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service integrations in Oracle Cloud Saas extensions has been published. See Transport Layer Security (TLS) and Web Service Connections in SaaS Integrations In the twenty-plus years of the Internet’s interaction with the Secure Sockets Layer (SSL) and Transport Level Security (TLS) protocols, there have been some rough...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service integrations in Oracle Cloud Saas...
Introduction At any given time, organizations are gathering, storing, and transferring millions of records about their customers across multiple enterprise...
Introduction At any given time, organizations are gathering, storing, and transferring millions of records about their customers across multiple enterprise environments. There are various operational settings within Oracle GoldenGate (OGG) that should be set to ensure Personally Identifiable Information (PII), or Sensitive Personal Information (SPI) is not compromised. This article will discuss OGG configuration settings you should employ when replicating data to ensure...
Introduction At any given time, organizations are gathering, storing, and transferring millions of records about their customers across multiple enterprise environments. There are various operational...
Introduction Having access to a VM in the Cloud via VNC can be very useful in many situations – e.g. most customers want to install software using GUI based...
Introduction Having access to a VM in the Cloud via VNC can be very useful in many situations – e.g. most customers want to install software using GUI based installer, e.g. Oracle Database etc. Using VNC the installation can continue, even without being connected. The easiest way to achieve this with a reliable and secure mechanism is to use VNC via a SSH Tunnel. In this example a simple Oracle Compute Cloud VM is used to configure a Gnome Desktop & VNC Server. It has been...
Introduction Having access to a VM in the Cloud via VNC can be very useful in many situations – e.g. most customers want to install software using GUI based installer, e.g. Oracle Database etc....
In a previous post previous post I provided a brief introduction to SCIM. In this post I'm going to dive right in and give an example of using the OIM SCIM...
In a previous post previous post I provided a brief introduction to SCIM. In this post I'm going to dive right in and give an example of using the OIM SCIM services and securing them with OAM. Why would you want to use OIM SCIM services? There are many reasons, however I will focus on one particular use case in this post – building a custom UI to access OIM. OIM's out-of-the-box UI provides a broad set of features to cover most use cases, and includes a customisation facility...
In a previous post previous post I provided a brief introduction to SCIM. In this post I'm going to dive right in and give an example of using the OIM SCIM services and securing them with OAM....
Introduction OAM (Oracle Access Manager) has an interesting feature that often goes unnoticed to a considerable number of people wishing to tackle the problem...
Introduction OAM (Oracle Access Manager) has an interesting feature that often goes unnoticed to a considerable number of people wishing to tackle the problem of identity propagation. It's OAM's ability to generate a secure token embedding user information as a result of successful authentication or authorization. My colleagues Rob Otto and Simon Kissane have talked about it in "Retrieving the OAM SessionID for Fun and Profit" and "Authenticating to OIM SCIM server using an...
Introduction OAM (Oracle Access Manager) has an interesting feature that often goes unnoticed to a considerable number of people wishing to tackle the problem of identity propagation. It's...
In this post I'm going to give an overview of the steps involved in upgrading to Oracle Identity Manager 11.1.2.3. This is just a high-level overview, with...
In this post I'm going to give an overview of the steps involved in upgrading to Oracle Identity Manager 11.1.2.3. This is just a high-level overview, with pointers to the documentation you need to read to get the detailed steps. Classification of OIM environments For the purpose of OIM upgrade, environments can be classified as follows: LCM vs non-LCM: an LCM environment is installed using the LCM (Lifecycle Management) provisioning tools shipped in 11.1.2.x and later. All...
In this post I'm going to give an overview of the steps involved in upgrading to Oracle Identity Manager 11.1.2.3. This is just a high-level overview, with pointers to the documentation you need...
Introduction To get you easily started with Oracle Cloud offerings, they come with their own user management. You can create users, assign roles, change...
Introduction To get you easily started with Oracle Cloud offerings, they come with their own user management. You can create users, assign roles, change passwords, etc. However, real world enterprises already have existing Identity Management solutions and want to avoid to maintain the same information in many places. To avoid duplicate identities and the related security risks, like out of sync passwords, outdated user information, or rogue user accounts of locked accounts,...
Introduction To get you easily started with Oracle Cloud offerings, they come with their own user management. You can create users, assign roles, change passwords, etc. However, real world enterprises...
