Introduction This post is the fourth and last one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the...
Introduction This post is the fourth and last one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case and talked about the Kerberos authentication part. In the second post we talked about Role Based Access Control. In the third post we described how to propagate the authenticated user through a SAML token and also covered OWSM configuration in OSB and SOA. Here we talk about the client, how we actually submit...
Introduction This post is the fourth and last one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case and talked about the Kerberos...
Introduction This post is the third one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case...
Introduction This post is the third one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case and talked about the Kerberos authentication part. In the second post we talked about Role Based Access Control. In this one we describe how to build a SAML token out of the authenticated user and sign it so it properly interoperates with an OWSM server-side policy applied to OSB proxy service. We also cover the...
Introduction This post is the third one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). In the first post we introduced the use case and talked about the...
Oracle has released a set of patches to address some performance issues in OIM 11g R2 self-service interface. Information about these patches is available in...
Oracle has released a set of patches to address some performance issues in OIM 11g R2 self-service interface. Information about these patches is available in the following Oracle support note: Document 1557879.1 OIM 11gR2: Patches for Performance Issues Related to Self-service UI The note contains the details for each specific R2 release. Any customer who is running OIM or implementing OIM at this point should plan to apply the patches. Just a reminder, the recommendation is...
Oracle has released a set of patches to address some performance issues in OIM 11g R2 self-service interface. Information about these patches is available in the following Oracle support...
This post walks you through the fun of customizing OIM and adding a CAPTCHA solution to the self-registration page. Captcha solutions are largely used in web...
This post walks you through the fun of customizing OIM and adding a CAPTCHA solution to the self-registration page. Captcha solutions are largely used in web sites to try to prevent automated robots from registering, filling forms, sending messages and many other things. The captcha solution used is Simple Captcha and it is available here. It is easy to use and easy to hook into applications. This is another post of the Oracle Identity Manager Academy. To check other tricks,...
This post walks you through the fun of customizing OIM and adding a CAPTCHA solution to the self-registration page. Captcha solutions are largely used in web sites to try to prevent automated...
Introduction When ODI developers connect to the ODI studio, they can edit the connection parameters. In particular, they can manually select the Work Repository...
Introduction When ODI developers connect to the ODI studio, they can edit the connection parameters. In particular, they can manually select the Work Repository that they will connect to. Repository access can be password protected, but for security reasons it is best to not even list repositories that users should not have access to. This post will detail the necessary steps to make sure that only authorized repositories are listed in the ODI login detail window. Restricting...
Introduction When ODI developers connect to the ODI studio, they can edit the connection parameters. In particular, they can manually select the Work Repository that they will connect to. Repository...
Introduction The Catalog is one of the most fundamental features of OIM 11g R2 request based provisioning. All requests for Resources/Accounts, Entitlements and...
Introduction The Catalog is one of the most fundamental features of OIM 11g R2 request based provisioning. All requests for Resources/Accounts, Entitlements and Roles are accomplished through the Catalog. Roles in OIM 11g R2 can be defined within a given category. There are two main out-of-the-box categories: OIM Roles and Default. The category affects the visibility of the Role in the Catalog. Sometimes, customers may require to change the category of an existing Role in...
Introduction The Catalog is one of the most fundamental features of OIM 11g R2 request based provisioning. All requests for Resources/Accounts, Entitlements and Roles are accomplished through the...
Back in December I started putting together a White Paper on OAM 11g R2's new Mobile and Social capabilities. The paper covered the work we did for a Proof of...
Back in December I started putting together a White Paper on OAM 11g R2's new Mobile and Social capabilities. The paper covered the work we did for a Proof of Concept for a bank's new mobile banking application. Between the end of year holidays, a bunch of other projects and a long vacation the whole process of getting it all down on paper, reviewed and published took much longer than I expected to, but the paper is finally ready. If you're interested in writing iOS apps that...
Back in December I started putting together a White Paper on OAM 11g R2's new Mobile and Social capabilities. The paper covered the work we did for a Proof of Concept for a bank's new mobile...
Introduction This post is the second one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). The first post is found here. Check it out...
Introduction This post is the second one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). The first post is found here. Check it out for use case background and the Kerberos authentication part. Main Article As mentioned, one of the requirements in our exercise was to authorize the user against a ROLE X URI matrix, called “Authorization Matrix”. In this post we’re looking at the second policy (Call ‘Perform Authorization’) in the overall flow:...
Introduction This post is the second one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). The first post is found here. Check it out for use case background and the Kerberos...
Introduction This post is the first one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). Throughout the series, we are going to talk...
Introduction This post is the first one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). Throughout the series, we are going to talk about Kerberos authentication, Role Based Access Control (RBAC) and SAML identity propagation in OAG 11g, formerly known as OEG (Oracle Enterprise Gateway). What follows has been implemented as part of a larger exercise involving the SOA suite, OSB, OTD (Oracle Traffic Director) and the Exalogic platform. The kind of...
Introduction This post is the first one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). Throughout the series, we are going to talk about Kerberos authentication, Role Based...
