Introduction It is a very common requirement from customers to have a delegated administration model that is not tied to the organizations where the...
Introduction It is a very common requirement from customers to have a delegated administration model that is not tied to the organizations where the administrators are placed. Historically, OIM only supports a one-to-one relationship between Users and Organizations. However, starting with OIM 11g R2 and the introduction of the Catalog, it is possible to publish resources to one or more Organizations. This allows to limit the visibility of the resources to only the users who...
Introduction It is a very common requirement from customers to have a delegated administration model that is not tied to the organizations where the administrators are placed. Historically, OIM only...
Introduction The OAM 11g release includes a powerful authentication plugin framework, which can be used to extend the out-of-the-box authentication schemes, or...
Introduction The OAM 11g release includes a powerful authentication plugin framework, which can be used to extend the out-of-the-box authentication schemes, or to implement something completely custom. In this post, we explore how an authentication plugin can interact with the underlying LDAP Identity Store, via a simple example. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to...
Introduction The OAM 11g release includes a powerful authentication plugin framework, which can be used to extend the out-of-the-box authentication schemes, or to implement something...
Introduction This guide is meant for existing FA customers who have deployed FA without OIF and who now wish to add this security component to the deployment to...
Introduction This guide is meant for existing FA customers who have deployed FA without OIF and who now wish to add this security component to the deployment to provide federated SSO to FA. Customers who have not yet begun their deployment can and should follow the Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition) for the FA Release that they are deploying. The content of this article was generated using...
Introduction This guide is meant for existing FA customers who have deployed FA without OIF and who now wish to add this security component to the deployment to provide federated SSO to FA. Customers...
Introduction This is the second part of a two-part article. Click here to view Part 1. This guide is meant for existing FA customers who have deployed FA...
Introduction This is the second part of a two-part article. Click here to view Part 1. This guide is meant for existing FA customers who have deployed FA without OIF and who now wish to add this security component to the deployment to provide federated SSO to FA. Customers who have not yet begun their deployment can and should follow the Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management (Oracle Fusion Applications Edition) for the FA Release...
Introduction This is the second part of a two-part article. Click here to view Part 1. This guide is meant for existing FA customers who have deployed FA without OIF and who now wish to add this...
Introduction The purpose of this post is to provide some tips when planning a policy migration from Oracle Access Manager (OAM) 10g to OAM 11g. Before you...
Introduction The purpose of this post is to provide some tips when planning a policy migration from Oracle Access Manager (OAM) 10g to OAM 11g. Before you begin, I recommend that you install the latest Bundle Patch (BP). At the time of this writing, the latest BP for OAM 11gR2PS1 is patch 16872730. Installing this patch will save you lots of time as there has been a few important bugs fixed in this release. Secondly, take a look at the documentation link here; within the...
Introduction The purpose of this post is to provide some tips when planning a policy migration from Oracle Access Manager (OAM) 10g to OAM 11g. Before you begin, I recommend that you install...
This post presents a list of configuration points in OIM. Such list definitely must be taken into account whenever a customer is planning an OIM go-live. This...
This post presents a list of configuration points in OIM. Such list definitely must be taken into account whenever a customer is planning an OIM go-live. This list is not intended to replace the OIM documentation, instead, the idea is to complement it. It provides tips on a few topics that are not part of the documentation. Let's go for them: A visit to the OIM Performance Tuning guide is mandatory step before a go-live. The guide for the 11.1.2.1.0 release can be found here,...
This post presents a list of configuration points in OIM. Such list definitely must be taken into account whenever a customer is planning an OIM go-live. This list is not intended to replace the OIM...
Introduction Using Oracle Identity Manager's bulk load tool is a great way to load large numbers of user records into OIM in an efficient and performant way....
Introduction Using Oracle Identity Manager's bulk load tool is a great way to load large numbers of user records into OIM in an efficient and performant way. The standard and documented usage of the tool does not make provision for the loading of unique user passwords, though. This article describes an approach that can be used to achieve that requirement. This post is also part of the OIM 11g Academy Series. How does OIM bulk load work? The tool uses the SQL Loader...
Introduction Using Oracle Identity Manager's bulk load tool is a great way to load large numbers of user records into OIM in an efficient and performant way. The standard and documented usage of the...
Introduction This post is the fourth and last one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the...
Introduction This post is the fourth and last one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case and talked about the Kerberos authentication part. In the second post we talked about Role Based Access Control. In the third post we described how to propagate the authenticated user through a SAML token and also covered OWSM configuration in OSB and SOA. Here we talk about the client, how we actually submit...
Introduction This post is the fourth and last one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case and talked about the Kerberos...
Introduction This post is the third one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case...
Introduction This post is the third one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case and talked about the Kerberos authentication part. In the second post we talked about Role Based Access Control. In this one we describe how to build a SAML token out of the authenticated user and sign it so it properly interoperates with an OWSM server-side policy applied to OSB proxy service. We also cover the...
Introduction This post is the third one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case and talked about the...
