Introduction Code source grants are policies governing the rights of code running in a JVM (Java Virtual Machine). In this article, I talk about 3 common...
Introduction Code source grants are policies governing the rights of code running in a JVM (Java Virtual Machine). In this article, I talk about 3 common implementation issues when dealing with code source grants in a Weblogic/OPSS (Oracle Platform Security Services) environment. Code requiring grants are one of the protection mechanisms offered in the Java platform since Java SE 1.2. Java SE 1.2 improved the previous versions by allowing a fine-grained authorization model,...
Introduction Code source grants are policies governing the rights of code running in a JVM (Java Virtual Machine). In this article, I talk about 3 common implementation issues when dealing with...
I recently said the following to someone in an IMversation: ldapsearch and ldapmodify are about 10 times better than a stupid GUI because you can script...
I recently said the following to someone in an IMversation: ldapsearch and ldapmodify are about 10 times better than a stupid GUI because you can script everything. it's like the difference between knowing SQL and having to use TOAD or Access (*shudder*) to add rows to a db table I think if I had a personal motto it would be something like "if I can't script it then I'm not interested." (well that or "oh look, shiny!") I recently had to extend my LDAP schema of an OID 11g...
I recently said the following to someone in an IMversation: ldapsearch and ldapmodify are about 10 times better than a stupid GUI because you can script everything. it's like the difference between...
This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the...
This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. Yesterday's post on OAM 11g SSO and Cookies discussed how login works in OAM and the HTTP Cookies you will see. There is one little detail that I left out so as to not make the discussion too complicated. Specifically I left out the OAM server side session tracking. In OAM 10g and other...
This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available....
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. Our compatriot Eric Leach over at the Oracle Access Management Blog wrote a post describing how SSO works in OAM 11g. It's a great post and fills in all sorts of details about the cookies used, how they're named and how all of the parts fit together. OAM 11g supports a few...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts...
Introduction I don't know about you, but I know I'd rather spend an hour writing a script to automate something than 30 minutes figuring out how to use an...
Introduction I don't know about you, but I know I'd rather spend an hour writing a script to automate something than 30 minutes figuring out how to use an existing but annoying/terrible tool. I do that not because I am a glutton for punishment, but because I know I'll have to use that terrible tool again in the future and I won't remember how to use it anyway. So when I needed certificates for a test environment I checked out OpenSSL's built in CA tool, quickly decided...
Introduction I don't know about you, but I know I'd rather spend an hour writing a script to automate something than 30 minutes figuring out how to use an existing but annoying/terrible tool. I do...
Introduction In order to have the ability to audit at all layers of your multi-tier architecture, it is important to have a Subject’s identity tied to all...
Introduction In order to have the ability to audit at all layers of your multi-tier architecture, it is important to have a Subject’s identity tied to all transactions. Many apps leverage JDBC connection pooling however, so a Subject’s identity is lost at the data layer, as everything appears to be coming from the system user configured in the connection pool. What isn’t well known is that the ability to propagate identity from an app container to the data tier is available...
Introduction In order to have the ability to audit at all layers of your multi-tier architecture, it is important to have a Subject’s identity tied to all transactions. Many apps leverage...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. In the last post here we pointed to Olaf's blog on integrating your ADF app with OAM. That post covers taking an ADF app that was protected with Forms auth and switching it over to be protected in its entirety by OAM. In other words to access any part of the app you have to log...
Introduction Connecting to an LDAP ID store in OAM 11g over SSL (LDAPS) is a common scenario that many customers may need to implement. Unfortunately the...
Introduction Connecting to an LDAP ID store in OAM 11g over SSL (LDAPS) is a common scenario that many customers may need to implement. Unfortunately the documentation on this subject is scant and can be misleading. So as part of the OAM 11g Academy series, I'd like to discuss this commom scenario. To view the first post on the OAM 11g policy model, as well as the index to the entire OAM 11g Academy series, click here. The Issue The documentation to manage data sources can be...
Introduction Connecting to an LDAP ID store in OAM 11g over SSL (LDAPS) is a common scenario that many customers may need to implement. Unfortunately the documentation on this subject is scant and can...
Introduction I've been doing a LOT of writing recently. Unfortunately, or perhaps fortunately depending on how you feel about my writing, it's all been by email...
Introduction I've been doing a LOT of writing recently. Unfortunately, or perhaps fortunately depending on how you feel about my writing, it's all been by email to folks inside Oracle and directly with customers. One thing I wrote that is probably interesting for readers of this blog was an answer to a customer's questions about the crypto acceleration capabilities of the Sparc processor. This is a slight rewrite of that doc... The crypto acceleration of Sparc and Solaris...
Introduction I've been doing a LOT of writing recently. Unfortunately, or perhaps fortunately depending on how you feel about my writing, it's all been by email to folks inside Oracle and directly...
