Introduction Oracle Fusion-based SaaS Cloud environments can be extended in many ways. While customization is the standard activity to setup a SaaS environment...
Introduction Oracle Fusion-based SaaS Cloud environments can be extended in many ways. While customization is the standard activity to setup a SaaS environment for your business needs, chances are that you want to extend your SaaS for more sophisticated use cases. In general this is not a problem and Oracle Cloud offers a great number of possible PaaS components for this. However, user and login experience can be a challenge. Luckily, many Oracle Cloud PaaS offerings use a...
Introduction Oracle Fusion-based SaaS Cloud environments can be extended in many ways. While customization is the standard activity to setup a SaaS environment for your business needs, chances...
In a previous post, I discussed some general topics relating to the usage of HTTPS and certificates within Oracle Public Cloud. In this follow up piece, I will...
In a previous post, I discussed some general topics relating to the usage of HTTPS and certificates within Oracle Public Cloud. In this follow up piece, I will work through a concrete example and explain how to set up a Java Cloud Service instance in such a way that Integration Cloud Service can consume a service deployed to that platform over HTTPS. The use case we have in mind here is a simple one. A custom REST-based service is deployed to WebLogic on JCS (I'll use a...
In a previous post, I discussed some general topics relating to the usage of HTTPS and certificates within Oracle Public Cloud. In this follow up piece, I will work through a concrete example and...
table td { border-width: 0px; border-color: black; border-style: solid; border-spacing: 1px 1px; padding: 10px; background-color: white; } .cb11w1 ul li,...
table td { border-width: 0px; border-color: black; border-style: solid; border-spacing: 1px 1px; padding: 10px; background-color: white; } .cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Introduction Oracle Fusion Applications offers a number of WebServices to allow other applications to incorporate the Fusion Applications functionality. To prevent data leakage, these WebServices follow a common security pattern that requires access authentication and...
table td { border-width: 0px; border-color: black; border-style: solid; border-spacing: 1px 1px; padding: 10px; background-color: white; } .cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em;...
Introduction While working on my previous post "Configure SAML 2 for SSO with Oracle BAM Dashboard", I noticed an issue. After SSO to BAM happens from...
Introduction While working on my previous post "Configure SAML 2 for SSO with Oracle BAM Dashboard", I noticed an issue. After SSO to BAM happens from mywebapp1, if I reload the mywebapp1 page, I get prompted for login again. A little debugging pointed me to the session overwrite issue, in which I will get into more detail next. This issue puts a significantly limitation on WebLogic SAML SSO. While it has been documented several times out on the internet, a solution to this...
Introduction While working on my previous post "Configure SAML 2 for SSO with Oracle BAM Dashboard", I noticed an issue. After SSO to BAM happens from mywebapp1, if I reload the mywebapp1 page, I get...
Introduction In a recent customer POC, there is requirement for SSO between an OBIEE dashboard and an Oracle BAM dashboard. SAML is a potential candidate for...
Introduction In a recent customer POC, there is requirement for SSO between an OBIEE dashboard and an Oracle BAM dashboard. SAML is a potential candidate for this kind of point to point SSO. After some googling, I was able to find blogs on configuring SAML1.1 SSO by Vikrant Sawant and SAML 2.0 SSO by Puneeth, but nothing with BAM. So with the guidance of these blogs, I started my own tests with BAM. After several trial and error attempts, I managed to get SAML2 SSO working...
Introduction In a recent customer POC, there is requirement for SSO between an OBIEE dashboard and an Oracle BAM dashboard. SAML is a potential candidate for this kind of point to point SSO. After...
The shift to cloud computing offers a huge number of benefits, but also does introduce some potential risks; the most obvious of these is the need to enable...
The shift to cloud computing offers a huge number of benefits, but also does introduce some potential risks; the most obvious of these is the need to enable integrations - and by implication, the need to transmit sensitive data - across public networks. Fortunately, we already have a pretty good set of standards and techniques for doing this, with the HTTPS (Secure HTTP) protocol taking care of the grunt-work of encryption and server authentication at the transport layer. The...
The shift to cloud computing offers a huge number of benefits, but also does introduce some potential risks; the most obvious of these is the need to enable integrations - and by implication, the...
Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to...
Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to take advantage of it for securely propagating the end user identity from the client to the backend services. However, that post is written with the assumption that both the JavaScript code and the REST services are protected by the same WebGate. Speaking in HTTP protocol terms, we say they have same origin. Modern web...
Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to take advantage of it for securely...
Introduction When you look at the list of Technologies listed in ODI 12.2.1 Topology, you can see a new entry: SOAP Web Services. Prior to having this...
Introduction When you look at the list of Technologies listed in ODI 12.2.1 Topology, you can see a new entry: SOAP Web Services. Prior to having this Technology defined here, developers connecting to Web Services in ODI had to enter all the connectivity details in their packages when they designed the Web Service call. Now they can predefine the connection parameters and security policies, and then focus separately on the implementation of the Web Service call. We will see...
Introduction When you look at the list of Technologies listed in ODI 12.2.1 Topology, you can see a new entry: SOAP Web Services. Prior to having this Technology defined here, developers connecting to...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service integrations in Oracle Cloud Saas extensions has been published. See Transport Layer Security (TLS) and Web Service Connections in SaaS Integrations In the twenty-plus years of the Internet’s interaction with the Secure Sockets Layer (SSL) and Transport Level Security (TLS) protocols, there have been some rough...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service integrations in Oracle Cloud Saas...
