Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. The Detached Credential Collector (DCC) feature was introduced with the release of OAM 11gR2 --- 11.1.2.0.0. DCC brought some very interesting changes in the authentication model that in my opinion are very welcome; more on that later. There is already Oracle documentation...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts...
Introduction Sometimes, using OSB, it may be necessary to attach credentials, such as username and password, on an outbound SOAP request to a remote server for...
Introduction Sometimes, using OSB, it may be necessary to attach credentials, such as username and password, on an outbound SOAP request to a remote server for authentication. While the OWSM policy store available with WebLogic Server provides policies that can inject username and password (e.g. “oracle/wss_username_token_over_ssl_client_policy”), OSB causes OWSM policies to be enforced on the outbound request message as well as the inbound response. This article will...
Introduction Sometimes, using OSB, it may be necessary to attach credentials, such as username and password, on an outbound SOAP request to a remote server for authentication. While the OWSM policy...
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links...
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. Logging is extremely helpful when trying to troubleshoot issues and normally when you see instructions to log in OAM 11g there is documentation on using WLST commands with several steps or Enterprise Manager that can be used to set various log levels, but in both cases this...
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is...
Introduction Oracle Fusion Applications (FA) uses Oracle Identity Management (IDM) capabilities to implement the “change password” and “forgot password”...
Introduction Oracle Fusion Applications (FA) uses Oracle Identity Management (IDM) capabilities to implement the “change password” and “forgot password” functions. These functions, in turn, are enabled using capabilities provided by Oracle Access Management (OAM) and Oracle Identity Management (OIM). Frequently, in development and test environments, for the sake of convenience, the change password and forgot password functions are seen as redundant due to the non-production...
Introduction Oracle Fusion Applications (FA) uses Oracle Identity Management (IDM) capabilities to implement the “change password” and “forgot password” functions. These functions, in turn,...
Introduction Doing a default database installation will install a feature that all passwords will expire after 180 days. Not being aware of that can cause...
Introduction Doing a default database installation will install a feature that all passwords will expire after 180 days. Not being aware of that can cause problems in applications as they cannot connect to the database after that time period. Especially if you are working in test or development environment you will mostly not care about security concerns. That will mean that there is no real need that passwords should expire automatically. The purpose of this post is to show...
Introduction Doing a default database installation will install a feature that all passwords will expire after 180 days. Not being aware of that can cause problems in applications as they...
Introduction Fusion Applications Security is designed based on Role-Based Access Control (RBAC). It is an approach to restricting access to authorized users....
Introduction Fusion Applications Security is designed based on Role-Based Access Control (RBAC). It is an approach to restricting access to authorized users. In general, RBAC is defined based on the primary rules as per this wiki page. RBAC normalizes access to functions and data through user roles rather than only users. User access is based on the definition of the roles provisioned to the user. RBAC secures access in a "Who can do what on which functions or sets of data...
Introduction Fusion Applications Security is designed based on Role-Based Access Control (RBAC). It is an approach to restricting access to authorized users. In general, RBAC is defined based on the...
Introduction Oracle provides documentation on developing an Access Client for the OAM 11g...
Introduction Oracle provides documentation on developing an Access Client for the OAM 11g ASDK http://docs.oracle.com/cd/E40329_01/dev.1112/e27134/as_api.htm#autoId0, but getting it to work can be challenging when running the Access Servers in Simple or Cert Mode. In this article I will not explain how to create an Access Client, there are already good examples out there for that. What I want to cover is the correct structure of the Access Client configuration including...
Introduction Oracle provides documentation on developing an Access Client for the OAM 11g ASDK http://docs.oracle.com/cd/E40329_01/dev.1112/e27134/as_api.htm#autoId0, but getting it to work can be...
The OIM R2 PS2 (11.1.2.2.0) release provides a great new feature: monitoring of OIM orchestration processes through Enterprise Manager console. Such feature...
The OIM R2 PS2 (11.1.2.2.0) release provides a great new feature: monitoring of OIM orchestration processes through Enterprise Manager console. Such feature provides the capability of querying orchestration data to check orchestration processes details. For example, you can check what happened during a user modification operation, or you can get details of failed orchestration processes, such details can help you to fix issues in your environment. It is also possible to check...
The OIM R2 PS2 (11.1.2.2.0) release provides a great new feature: monitoring of OIM orchestration processes through Enterprise Manager console. Such feature provides the capability of querying...
Introduction Many customers have expressed the requirement of filtering catalog searches based on Catalog Item’s Metadata (CIM) including User Defined Fields...
Introduction Many customers have expressed the requirement of filtering catalog searches based on Catalog Item’s Metadata (CIM) including User Defined Fields (UDFs) added to the Catalog’s schema. Whereas this functionality is not offered out of the box by OIM 11g, it can be achieved in a relatively easy manner via custom code and UI customizations. This article will discuss the details of the API’s that can be used to retrieve the metadata from a Catalog Item and set the user...
Introduction Many customers have expressed the requirement of filtering catalog searches based on Catalog Item’s Metadata (CIM) including User Defined Fields (UDFs) added to the Catalog’s...
