Introduction While working on my previous post "Configure SAML 2 for SSO with Oracle BAM Dashboard", I noticed an issue. After SSO to BAM happens from...
Introduction While working on my previous post "Configure SAML 2 for SSO with Oracle BAM Dashboard", I noticed an issue. After SSO to BAM happens from mywebapp1, if I reload the mywebapp1 page, I get prompted for login again. A little debugging pointed me to the session overwrite issue, in which I will get into more detail next. This issue puts a significantly limitation on WebLogic SAML SSO. While it has been documented several times out on the internet, a solution to this...
Introduction While working on my previous post "Configure SAML 2 for SSO with Oracle BAM Dashboard", I noticed an issue. After SSO to BAM happens from mywebapp1, if I reload the mywebapp1 page, I get...
Introduction In a recent customer POC, there is requirement for SSO between an OBIEE dashboard and an Oracle BAM dashboard. SAML is a potential candidate for...
Introduction In a recent customer POC, there is requirement for SSO between an OBIEE dashboard and an Oracle BAM dashboard. SAML is a potential candidate for this kind of point to point SSO. After some googling, I was able to find blogs on configuring SAML1.1 SSO by Vikrant Sawant and SAML 2.0 SSO by Puneeth, but nothing with BAM. So with the guidance of these blogs, I started my own tests with BAM. After several trial and error attempts, I managed to get SAML2 SSO working...
Introduction In a recent customer POC, there is requirement for SSO between an OBIEE dashboard and an Oracle BAM dashboard. SAML is a potential candidate for this kind of point to point SSO. After...
The shift to cloud computing offers a huge number of benefits, but also does introduce some potential risks; the most obvious of these is the need to enable...
The shift to cloud computing offers a huge number of benefits, but also does introduce some potential risks; the most obvious of these is the need to enable integrations - and by implication, the need to transmit sensitive data - across public networks. Fortunately, we already have a pretty good set of standards and techniques for doing this, with the HTTPS (Secure HTTP) protocol taking care of the grunt-work of encryption and server authentication at the transport layer. The...
The shift to cloud computing offers a huge number of benefits, but also does introduce some potential risks; the most obvious of these is the need to enable integrations - and by implication, the...
Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to...
Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to take advantage of it for securely propagating the end user identity from the client to the backend services. However, that post is written with the assumption that both the JavaScript code and the REST services are protected by the same WebGate. Speaking in HTTP protocol terms, we say they have same origin. Modern web...
Introduction On a previous post, I described the usage of OAM's SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to take advantage of it for securely...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service integrations in Oracle Cloud Saas extensions has been published. See Transport Layer Security (TLS) and Web Service Connections in SaaS Integrations In the twenty-plus years of the Internet’s interaction with the Secure Sockets Layer (SSL) and Transport Level Security (TLS) protocols, there have been some rough...
Know Which Versions of TLS are Supported in Recent Java Versions NOTE: A more comprehensive examination of TLS and what to examine when setting up web service integrations in Oracle Cloud Saas...
Introduction This article is applicable to Oracle GoldenGate Classic installations, version 19c and prior. At any given time, organizations are gathering,...
Introduction This article is applicable to Oracle GoldenGate Classic installations, version 19c and prior. At any given time, organizations are gathering, storing, and transferring millions of records about their customers across multiple enterprise environments. There are various operational settings within Oracle GoldenGate (OGG) that should be set to ensure Personally Identifiable Information (PII), or Sensitive Personal Information (SPI) is not compromised. This article...
Introduction This article is applicable to Oracle GoldenGate Classic installations, version 19c and prior. At any given time, organizations are gathering, storing, and transferring millions of records...
Introduction Having access to a VM in the Cloud via VNC can be very useful in many situations – e.g. most customers want to install software using GUI based...
Introduction Having access to a VM in the Cloud via VNC can be very useful in many situations – e.g. most customers want to install software using GUI based installer, e.g. Oracle Database etc. Using VNC the installation can continue, even without being connected. The easiest way to achieve this with a reliable and secure mechanism is to use VNC via a SSH Tunnel. In this example a simple Oracle Compute Cloud VM is used to configure a Gnome Desktop & VNC Server. It has been...
Introduction Having access to a VM in the Cloud via VNC can be very useful in many situations – e.g. most customers want to install software using GUI based installer, e.g. Oracle Database etc....
In a previous post previous post I provided a brief introduction to SCIM. In this post I'm going to dive right in and give an example of using the OIM SCIM...
In a previous post previous post I provided a brief introduction to SCIM. In this post I'm going to dive right in and give an example of using the OIM SCIM services and securing them with OAM. Why would you want to use OIM SCIM services? There are many reasons, however I will focus on one particular use case in this post – building a custom UI to access OIM. OIM's out-of-the-box UI provides a broad set of features to cover most use cases, and includes a customisation facility...
In a previous post previous post I provided a brief introduction to SCIM. In this post I'm going to dive right in and give an example of using the OIM SCIM services and securing them with OAM....
Introduction OAM (Oracle Access Manager) has an interesting feature that often goes unnoticed to a considerable number of people wishing to tackle the problem...
Introduction OAM (Oracle Access Manager) has an interesting feature that often goes unnoticed to a considerable number of people wishing to tackle the problem of identity propagation. It's OAM's ability to generate a secure token embedding user information as a result of successful authentication or authorization. My colleagues Rob Otto and Simon Kissane have talked about it in "Retrieving the OAM SessionID for Fun and Profit" and "Authenticating to OIM SCIM server using an...
Introduction OAM (Oracle Access Manager) has an interesting feature that often goes unnoticed to a considerable number of people wishing to tackle the problem of identity propagation. It's...
