Introduction This post is the second one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). The first post is found here. Check it out...
Introduction This post is the second one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). The first post is found here. Check it out for use case background and the Kerberos authentication part. Main Article As mentioned, one of the requirements in our exercise was to authorize the user against a ROLE X URI matrix, called “Authorization Matrix”. In this post we’re looking at the second policy (Call ‘Perform Authorization’) in the overall flow:...
Introduction This post is the second one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). The first post is found here. Check it out for use case background and the Kerberos...
Introduction This post is the first one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). Throughout the series, we are going to talk...
Introduction This post is the first one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). Throughout the series, we are going to talk about Kerberos authentication, Role Based Access Control (RBAC) and SAML identity propagation in OAG 11g, formerly known as OEG (Oracle Enterprise Gateway). What follows has been implemented as part of a larger exercise involving the SOA suite, OSB, OTD (Oracle Traffic Director) and the Exalogic platform. The kind of...
Introduction This post is the first one of a series by Andre Correa and Paulo Pereira on OAG (Oracle API Gateway). Throughout the series, we are going to talk about Kerberos authentication, Role Based...
Introduction One of the things that OAM 11g does a very good job of is enabling LDAP-based user authentication, based on collecting username and password from a...
Introduction One of the things that OAM 11g does a very good job of is enabling LDAP-based user authentication, based on collecting username and password from a login form. I've seen a lot of questions from the field relating to how to handle more complex, multi-step or multi-factor authentication scenarios and while this post is certainly not intended to be exhaustive regarding this topic, I will go through a fairly common scenario on which most multi-factor authentication...
Introduction One of the things that OAM 11g does a very good job of is enabling LDAP-based user authentication, based on collecting username and password from a login form. I've seen a lot...
Introduction In my previous post I discussed split profile set up scenario with AD and OID in Fusion Applications IDM Environment and how to create Adapters in...
Introduction In my previous post I discussed split profile set up scenario with AD and OID in Fusion Applications IDM Environment and how to create Adapters in OVD for consolidating the two directory servers AD and OID.However configuring adapters alone is not sufficient to allow split profile to function.Configuration of rest of the IDM Components in the integration needs update to communicate with directory layer. In this post i will try to highlight the configuration...
Introduction In my previous post I discussed split profile set up scenario with AD and OID in Fusion Applications IDM Environment and how to create Adapters in OVD for consolidating the two directory...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. This is the final post of a three part series. In "Part 1: Under the Covers of OAM11g WNA integration with Multiple AD Forests", I covered the flow of how WNA works and what was going on behind the scenes, and in "Part 2: How to Configure OAM11g WNA for Multiple AD Forests", I...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. This is the second post of a three part series. In "Part 1: Under the Covers of OAM11g WNA integration with Multiple AD Forests", I covered the flow of how WNA (Windows Native Authentication) works and what was going on behind the scenes. This article will cover the...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. This is the first post of a three part series that expands on a great article Matt wrote --- “The (Windows) Natives Are Restless”. Matt’s article covered some configurations, browser settings, and some examples of role mapping, but I want to dive into this whole WNA solution a...
Introduction In Fusion Applications, users are not directly assigned access to individual functions and data. Instead, access is provided through roles. Roles...
Introduction In Fusion Applications, users are not directly assigned access to individual functions and data. Instead, access is provided through roles. Roles group users for a specific purpose and define their access privileges. During the provisioning and installation of Fusion Application, a Super User (FAADMIN, by default) is setup with the following roles, to administer the underlying technical stack (Fusion Middleware) and to act as a Functional Setup Manager....
Introduction In Fusion Applications, users are not directly assigned access to individual functions and data. Instead, access is provided through roles. Roles group users for a specific purpose and...
Introduction This is the second post of a two-post series about pre-populating requests in OIM 11g R2. The first post is available here. This post is also part...
Introduction This is the second post of a two-post series about pre-populating requests in OIM 11g R2. The first post is available here. This post is also part of OIM 11g Academy Series. The approach describe in this post is more sophisticated when compared to the pre-populate plug-in described in Part - 1 of this post. Main Article The emphasis here is UI interaction. It is also important to mention that this approach does not work for requests created through the APIs, it...
Introduction This is the second post of a two-post series about pre-populating requests in OIM 11g R2. The first post is available here. This post is also part of OIM 11g Academy Series. The approach...
