Introduction Fusion Applications Security is designed based on Role-Based Access Control (RBAC). It is an approach to restricting access to authorized users....
Introduction Fusion Applications Security is designed based on Role-Based Access Control (RBAC). It is an approach to restricting access to authorized users. In general, RBAC is defined based on the primary rules as per this wiki page. RBAC normalizes access to functions and data through user roles rather than only users. User access is based on the definition of the roles provisioned to the user. RBAC secures access in a "Who can do what on which functions or sets of data...
Introduction Fusion Applications Security is designed based on Role-Based Access Control (RBAC). It is an approach to restricting access to authorized users. In general, RBAC is defined based on the...
Introduction Oracle provides documentation on developing an Access Client for the OAM 11g...
Introduction Oracle provides documentation on developing an Access Client for the OAM 11g ASDK http://docs.oracle.com/cd/E40329_01/dev.1112/e27134/as_api.htm#autoId0, but getting it to work can be challenging when running the Access Servers in Simple or Cert Mode. In this article I will not explain how to create an Access Client, there are already good examples out there for that. What I want to cover is the correct structure of the Access Client configuration including...
Introduction Oracle provides documentation on developing an Access Client for the OAM 11g ASDK http://docs.oracle.com/cd/E40329_01/dev.1112/e27134/as_api.htm#autoId0, but getting it to work can be...
The OIM R2 PS2 (11.1.2.2.0) release provides a great new feature: monitoring of OIM orchestration processes through Enterprise Manager console. Such feature...
The OIM R2 PS2 (11.1.2.2.0) release provides a great new feature: monitoring of OIM orchestration processes through Enterprise Manager console. Such feature provides the capability of querying orchestration data to check orchestration processes details. For example, you can check what happened during a user modification operation, or you can get details of failed orchestration processes, such details can help you to fix issues in your environment. It is also possible to check...
The OIM R2 PS2 (11.1.2.2.0) release provides a great new feature: monitoring of OIM orchestration processes through Enterprise Manager console. Such feature provides the capability of querying...
Introduction Many customers have expressed the requirement of filtering catalog searches based on Catalog Item’s Metadata (CIM) including User Defined Fields...
Introduction Many customers have expressed the requirement of filtering catalog searches based on Catalog Item’s Metadata (CIM) including User Defined Fields (UDFs) added to the Catalog’s schema. Whereas this functionality is not offered out of the box by OIM 11g, it can be achieved in a relatively easy manner via custom code and UI customizations. This article will discuss the details of the API’s that can be used to retrieve the metadata from a Catalog Item and set the user...
Introduction Many customers have expressed the requirement of filtering catalog searches based on Catalog Item’s Metadata (CIM) including User Defined Fields (UDFs) added to the Catalog’s...
Proper logging is one of the main considerations during custom development. This is no different in OIM projects in which custom code is being developed and...
Proper logging is one of the main considerations during custom development. This is no different in OIM projects in which custom code is being developed and deployed to OIM. Proper logging is fundamental part of development, helping in finding issues, fixing them and also in reporting relevant runtime conditions. This post shows how to leverage the Oracle Fusion Middleware infrastructure in which OIM runs in order to create proper logging information from custom code. It is...
Proper logging is one of the main considerations during custom development. This is no different in OIM projects in which custom code is being developed and deployed to OIM. Proper logging...
Introduction In this post, we look at a simple way to configure a chained LDAP authentication scheme in OAM 11g R2. This post is part of a larger series on...
Introduction In this post, we look at a simple way to configure a chained LDAP authentication scheme in OAM 11g R2. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. The problem we are trying to solve Consider a situation where the users that need to be authenticated by Oracle Access Manager do not all reside within the same LDAP...
Introduction In this post, we look at a simple way to configure a chained LDAP authentication scheme in OAM 11g R2. This post is part of a larger series on Oracle Access Manager 11g called...
Introduction One of the key aspects of Fusion Applications operations is the Users and Roles management. Fusion Applications uses the Oracle Identity management...
Introduction One of the key aspects of Fusion Applications operations is the Users and Roles management. Fusion Applications uses the Oracle Identity management for its Identity store and policy store by default.This article explains how user and roles flows work from different poin of views, using 'key' IDM products for each flow in detail. With a clear understanding of the workings of the Fusion Applications with Identity Management for user provisioning and roles...
Introduction One of the key aspects of Fusion Applications operations is the Users and Roles management. Fusion Applications uses the Oracle Identity management for its Identity store and policy store...
Introduction When it comes to defining a strategy for web API security, OAG (Oracle API Gateway) and OES (Oracle Entitlements Server) together present a very...
Introduction When it comes to defining a strategy for web API security, OAG (Oracle API Gateway) and OES (Oracle Entitlements Server) together present a very interesting choice and are a very powerful combination indeed. In this post we're going to take a look at what each component brings in (the skin) and then get our hands on actually describing the integration in detail (the guts). OAG is designed to inspect and act on various types of messages that are delivered to it or...
Introduction When it comes to defining a strategy for web API security, OAG (Oracle API Gateway) and OES (Oracle Entitlements Server) together present a very interesting choice and are a very powerful...
I recently worked with a customer to help them resolve some issues they were having with configuring client certificate authentication (2-way SSL) for an Http...
I recently worked with a customer to help them resolve some issues they were having with configuring client certificate authentication (2-way SSL) for an Http Business Service in Oracle Service Bus (OSB). This blog is to discuss a common issue encountered and how to fix it. The customer's use case was to invoke a service provided by an external provider that required 2-way SSL. The provider issued a client certificate to the customer to be used as its client credentials...
I recently worked with a customer to help them resolve some issues they were having with configuring client certificate authentication (2-way SSL) for an Http Business Service in Oracle Service...
