We recently encountered an interesting requirement about taking decision within OAM Authorization policy based on the Risk-evaluation performed by OAAM during...
We recently encountered an interesting requirement about taking decision within OAM Authorization policy based on the Risk-evaluation performed by OAAM during Authentication flow. Considering the interesting nature of the requirement / use-case, I thought to share details about the implementation approach through this blog post. Before I go into details about the implementation approach, let me explain the requirement / use-case as example with a few bullet points:...
We recently encountered an interesting requirement about taking decision within OAM Authorization policy based on the Risk-evaluation performed by OAAM during Authentication flow. Considering the...
The OPSS User and Role API (oracle.security.idm) provides an application with access to identity data (users and roles), without the application having to know...
The OPSS User and Role API (oracle.security.idm) provides an application with access to identity data (users and roles), without the application having to know anything about the underlying identity store (such as LDAP connection details). For new development, we no longer recommend the use of the OPSS User and Role API - use the Identity Governance Framework (IGF) APIs instead. However, if you already have code which uses the User and Role API, that code is still supported...
The OPSS User and Role API (oracle.security.idm) provides an application with access to identity data (users and roles), without the application having to know anything about the underlying identity...
Introduction I have two goals with this post. To show how to setup Kerberos authentication for the Oracle Database and also demonstrate that the...
Introduction I have two goals with this post. To show how to setup Kerberos authentication for the Oracle Database and also demonstrate that the use/configuration of Kerberos is pretty straightforward. At least with the versions and OS I have used for this setup. The Kerberos functionality is provided by the Advanced Security Option of the DB and the Oracle client so it is important that this option has been select while creating the DB and while installing any Oracle...
Introduction I have two goals with this post. To show how to setup Kerberos authentication for the Oracle Database and also demonstrate that the use/configuration of Kerberos is...
Introduction The P2T - Prodution to Test - procedure is a very popular feature that FA customers utilize. It allows them to have their production data copied to...
Introduction The P2T - Prodution to Test - procedure is a very popular feature that FA customers utilize. It allows them to have their production data copied to another environment. Nowadays, P2T is a very common cloud SAAS and on-premise procedure. An important aspect that is not discussed frequently is the post-process of P2T. This approach is very important to avoid security issues, such as production passwords and emails being available in a different environment. Main...
Introduction The P2T - Prodution to Test - procedure is a very popular feature that FA customers utilize. It allows them to have their production data copied to another environment. Nowadays, P2T is a...
Introduction Single sign-on, or “SSO” as it’s commonly referred to, is an authentication method that allows a user access to multiple applications through a...
Introduction Single sign-on, or “SSO” as it’s commonly referred to, is an authentication method that allows a user access to multiple applications through a single, secure, point of entry. Rather than authenticate separately for each application, users authenticate once through a centralized service. The benefits of SSO to end users are obvious, but there are also many cost and compliance advantages that are of interest to large organizations, which is why Oracle’s enterprise...
Introduction Single sign-on, or “SSO” as it’s commonly referred to, is an authentication method that allows a user access to multiple applications through a single, secure, point of entry. Rather...
Intruduction Some of Oracle BPM 11g customers have reported performance issues when trying to login to BPM Workspace with an external LDAP as an identity store....
Intruduction Some of Oracle BPM 11g customers have reported performance issues when trying to login to BPM Workspace with an external LDAP as an identity store. While each customer could have a different issue that caused the slow down, the process of identifying the issue usually is the same. Having a good understanding of how the Workspace, libOVD, external LDAP and WLS embedded LDAP work together will help quickly identify the problematic area. This is the first of a...
Intruduction Some of Oracle BPM 11g customers have reported performance issues when trying to login to BPM Workspace with an external LDAP as an identity store. While each customer could have a...
Introduction One of the great features that customers need to be aware of and it could be used, as post-process, on many different situations such as: P2T, T2P...
Introduction One of the great features that customers need to be aware of and it could be used, as post-process, on many different situations such as: P2T, T2P and clone is the ability to reset multiple passwords simultaneously. Imagine the customer is scaling out their environment because they need an additional UAT environment. This customer has a new requirement: Replace all end-user passwords on an entire FA-IDM REL8 solution. This kind of scenario is growing naturally...
Introduction One of the great features that customers need to be aware of and it could be used, as post-process, on many different situations such as: P2T, T2P and clone is the ability to...
Introduction Since the introduction of MDC support in OAM 11g, Customers have been asking for Automated Synchronization between Master and Clone OAM...
Introduction Since the introduction of MDC support in OAM 11g, Customers have been asking for Automated Synchronization between Master and Clone OAM Environments. It is supported in OAM R2PS2. Thanks to the development team! Before R2PS2, It required T2P process to keep all the data centers in synch which is manual process or customer had to write crone jobs to run T2P process at frequent intervals. Please note that T2P process is still supported with R2PS2 if that is the...
Introduction Since the introduction of MDC support in OAM 11g, Customers have been asking for Automated Synchronization between Master and Clone OAM Environments. It is supported in OAM R2PS2. Thanks...
Fellow A-Team blogger Andre Correa recently posted an article about integrating native IOS Apps with the OAM Mobile & Social SDK in order to do social identity...
Fellow A-Team blogger Andre Correa recently posted an article about integrating native IOS Apps with the OAM Mobile & Social SDK in order to do social identity federation within these apps. To expand on that post - and present a potential alternative to developers who wish to use Oracle's Mobile Application Framework - I'd like to draw attention to a post by UK-based Access Management guru Paul Toal. Paul is a Master Principal Sales Consultant and key member of the UK InfoSec...
Fellow A-Team blogger Andre Correa recently posted an article about integrating native IOS Apps with the OAM Mobile & Social SDK in order to do social identity federation within these apps. To...
