Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. Our compatriot Eric Leach over at the Oracle Access Management Blog wrote a post describing how SSO works in OAM 11g. It's a great post and fills in all sorts of details about the cookies used, how they're named and how all of the parts fit together. OAM 11g supports a few...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts...
Introduction I don't know about you, but I know I'd rather spend an hour writing a script to automate something than 30 minutes figuring out how to use an...
Introduction I don't know about you, but I know I'd rather spend an hour writing a script to automate something than 30 minutes figuring out how to use an existing but annoying/terrible tool. I do that not because I am a glutton for punishment, but because I know I'll have to use that terrible tool again in the future and I won't remember how to use it anyway. So when I needed certificates for a test environment I checked out OpenSSL's built in CA tool, quickly decided...
Introduction I don't know about you, but I know I'd rather spend an hour writing a script to automate something than 30 minutes figuring out how to use an existing but annoying/terrible tool. I do...
Introduction In order to have the ability to audit at all layers of your multi-tier architecture, it is important to have a Subject’s identity tied to all...
Introduction In order to have the ability to audit at all layers of your multi-tier architecture, it is important to have a Subject’s identity tied to all transactions. Many apps leverage JDBC connection pooling however, so a Subject’s identity is lost at the data layer, as everything appears to be coming from the system user configured in the connection pool. What isn’t well known is that the ability to propagate identity from an app container to the data tier is available...
Introduction In order to have the ability to audit at all layers of your multi-tier architecture, it is important to have a Subject’s identity tied to all transactions. Many apps leverage...
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. In the last post here we pointed to Olaf's blog on integrating your ADF app with OAM. That post covers taking an ADF app that was protected with Forms auth and switching it over to be protected in its entirety by OAM. In other words to access any part of the app you have to log...
Introduction Connecting to an LDAP ID store in OAM 11g over SSL (LDAPS) is a common scenario that many customers may need to implement. Unfortunately the...
Introduction Connecting to an LDAP ID store in OAM 11g over SSL (LDAPS) is a common scenario that many customers may need to implement. Unfortunately the documentation on this subject is scant and can be misleading. So as part of the OAM 11g Academy series, I'd like to discuss this commom scenario. To view the first post on the OAM 11g policy model, as well as the index to the entire OAM 11g Academy series, click here. The Issue The documentation to manage data sources can be...
Introduction Connecting to an LDAP ID store in OAM 11g over SSL (LDAPS) is a common scenario that many customers may need to implement. Unfortunately the documentation on this subject is scant and can...
Introduction I've been doing a LOT of writing recently. Unfortunately, or perhaps fortunately depending on how you feel about my writing, it's all been by email...
Introduction I've been doing a LOT of writing recently. Unfortunately, or perhaps fortunately depending on how you feel about my writing, it's all been by email to folks inside Oracle and directly with customers. One thing I wrote that is probably interesting for readers of this blog was an answer to a customer's questions about the crypto acceleration capabilities of the Sparc processor. This is a slight rewrite of that doc... The crypto acceleration of Sparc and Solaris...
Introduction I've been doing a LOT of writing recently. Unfortunately, or perhaps fortunately depending on how you feel about my writing, it's all been by email to folks inside Oracle and directly...
Introduction Hi everyone, this is my first posting so I wanted to first introduce myself. My name is Vinay Kalra and I'm also part of the A-team at Oracle. I...
Introduction Hi everyone, this is my first posting so I wanted to first introduce myself. My name is Vinay Kalra and I'm also part of the A-team at Oracle. I came to Oracle in 2005 as part of the Oblix acquisition that brought with it Oracle Access Manager (OAM).From Brian: Welcome Vinay! I'm adding this post to the OAM 11g Academy Series. To view the first post in the series which will be updated throughout to contain links to the entire series, click...
Introduction Hi everyone, this is my first posting so I wanted to first introduce myself. My name is Vinay Kalra and I'm also part of the A-team at Oracle. I came to Oracle in 2005 as part of the...
I got hit with an IM out of the blue this morning that kicked off a bunch of conversations about how Kerberos works with HTTP. As I was working my way around...
I got hit with an IM out of the blue this morning that kicked off a bunch of conversations about how Kerberos works with HTTP. As I was working my way around the org it became clear that lots of people say "and Kerberos happens here" and move on, but most didn't have a good understanding of how it actually worked "on the wire". If you want my description read on. If you want to see more authoritative info you should check out Wikipedia's page on SPNEGO. First a quick...
I got hit with an IM out of the blue this morning that kicked off a bunch of conversations about how Kerberos works with HTTP. As I was working my way around the org it became clear that lots of...
A question came in on one of the Oracle internal mailing lists with the following question: One of their partners achieves a single sign-on with them by means...
A question came in on one of the Oracle internal mailing lists with the following question: One of their partners achieves a single sign-on with them by means of our CoreId/web gate product. Do we have a CoreID/web gate product that works with Microsoft .Net 4.0? The short answer is that you don't need a .NET WebGate so no, there isn't one. The long answer is a bit more complicated. When people talk about .NET in the web world they're usually talking about ASP.NET which runs...
A question came in on one of the Oracle internal mailing lists with the following question: One of their partners achieves a single sign-on with them by means of our CoreId/web gate product. Do...
