Introduction I've already posted an article about Social Federation with Mobile & Social (M&S) for web applications protected by Oracle Access Manager (OAM),...
Introduction I've already posted an article about Social Federation with Mobile & Social (M&S) for web applications protected by Oracle Access Manager (OAM), showing users being authenticated against social network providers, like Google and Linkedin. My coworker Chris Johnson also blogged about using Mobile & Social in a native iOS application. In his post, user authentication happens against OAM identity store. In this post, we have both worlds. We're going to explore how...
Introduction I've already posted an article about Social Federation with Mobile & Social (M&S) for web applications protected by Oracle Access Manager (OAM), showing users being authenticated against...
Earlier I posted about the performance impact of last login tracking in Oracle Internet Directory (OID). I was asked, do the same performance concerns apply to...
Earlier I posted about the performance impact of last login tracking in Oracle Internet Directory (OID). I was asked, do the same performance concerns apply to Oracle Unified Directory (OUD)? Well, OUD also supports last login tracking, and enabling it will have some performance impact. However, OUD does last login tracking in a smarter way than OID does, so the performance impact of enabling it for OUD is potentially substantially less. OID stores the last login time to the...
Earlier I posted about the performance impact of last login tracking in Oracle Internet Directory (OID). I was asked, do the same performance concerns apply to Oracle Unified Directory (OUD)? Well,...
Introduction Security systems, including OAM, reside in a dynamic environment where the parameters that affect system performance are ever changing. On top of...
Introduction Security systems, including OAM, reside in a dynamic environment where the parameters that affect system performance are ever changing. On top of that, access management Infrastructure like OAM serve as the front door or gate to every application/system in an organization. Therefore continuous monitoring of such key components is mandatory to ensure continuous success of not just your access and SSO solution but indeed your very applications themselves. Effective...
Introduction Security systems, including OAM, reside in a dynamic environment where the parameters that affect system performance are ever changing. On top of that, access management...
Since OAM 10g days, keeping track of Protected Resource that user wanted to access throughout custom authentication process has been a challenge. In OAM 10g, it...
Since OAM 10g days, keeping track of Protected Resource that user wanted to access throughout custom authentication process has been a challenge. In OAM 10g, it was possible to create custom OBFormLoginCookie to overcome that challenge. With the introduction of Encrypted OAM_REQ cookie in OAM 11g, it is not feasible. That makes it difficult to do post Authentication operations or any customizations in Authentication process. OAM 11gR2 introduced a feature where you can...
Since OAM 10g days, keeping track of Protected Resource that user wanted to access throughout custom authentication process has been a challenge. In OAM 10g, it was possible to create...
Introduction Social Federation: a somewhat fancy name for a simple concept. We want to leverage identities in Social Network providers in our own applications....
Introduction Social Federation: a somewhat fancy name for a simple concept. We want to leverage identities in Social Network providers in our own applications. For example, granting access to either cloud or on-premise applications to end users using their Google identities. In this post we're going to take a close look at the necessary configuration in OAM M&S (Oracle Access Manager Mobile & Social) server to have Java Web applications leveraging Google and LinkedIn...
Introduction Social Federation: a somewhat fancy name for a simple concept. We want to leverage identities in Social Network providers in our own applications. For example, granting access to...
Overview There are times when you are in the midst of testing where you need to reset things back to the way they were; to be able to quickly restart your...
Overview There are times when you are in the midst of testing where you need to reset things back to the way they were; to be able to quickly restart your testing at from a previous point. This is technologically quite easy with current storage infrastructures supporting snapshot mechanisms. This is equally easy in those databases systems, like Oracle, that support advanced recovery capabilities or flashback mechanisms, analogous to storage snapshots. Thus technology is not a...
Overview There are times when you are in the midst of testing where you need to reset things back to the way they were; to be able to quickly restart your testing at from a previous point. This...
This is a cheat-sheet for installing Oracle Unified Directory (OUD) including the graphical administration tool (Oracle Directory Services Manager - ODSM)....
This is a cheat-sheet for installing Oracle Unified Directory (OUD) including the graphical administration tool (Oracle Directory Services Manager - ODSM). While the core of OUD does not require an application server such as WebLogic, ODSM does, so you need to install that too (unless you want to do all administration from the command line). All of this information can be found in the documentation and the Oracle Technology Network (OTN) website - all I’m doing here is...
This is a cheat-sheet for installing Oracle Unified Directory (OUD) including the graphical administration tool (Oracle Directory Services Manager - ODSM). While the core of OUD does not require...
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to...
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. In Part 1: Getting under the covers of Detached Credential Collector (DCC), I spent time talking about DCC in general and walked through a sequence diagram explaining what is happening with DCC, to try and explain how it works including contrasting it with ECC. So in this blog,...
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts...
Introduction In an enterprise environment it is very common that regulations require regular security audits of the computer systems. The company's security...
Introduction In an enterprise environment it is very common that regulations require regular security audits of the computer systems. The company's security officer is responsible for facilitating these and may request many reports from the administrators of the respective systems. Very often these reports include user activities for log in, log out, entering wrong passwords, resetting passwords, etc. Fusion Applications provides a number of reports for many industries out of...
Introduction In an enterprise environment it is very common that regulations require regular security audits of the computer systems. The company's security officer is responsible for facilitating...