Introduction OCI or Oracle Cloud Infrastructure, is Oracle’s latest cloud infrastructure that is replacing the older Oracle Cloud Infrastructure Classic. One...
Introduction OCI or Oracle Cloud Infrastructure, is Oracle’s latest cloud infrastructure that is replacing the older Oracle Cloud Infrastructure Classic. One feature it has is built-in Identity Management Governance. For example, you can add and manage users to grant who can access OCI resources among other features, please refer to this link for more information https://cloud.oracle.com/governance. This article is focused on customers who want to use their existing identity...
Introduction OCI or Oracle Cloud Infrastructure, is Oracle’s latest cloud infrastructure that is replacing the older Oracle Cloud Infrastructure Classic. One feature it has is built-in...
Introduction Audit events enable organization administrators to review the actions performed by members of your organization using details provided by the Audit...
Introduction Audit events enable organization administrators to review the actions performed by members of your organization using details provided by the Audit logs - who performed the action, performed it, and what the action was. Before getting into the article I want to mention this blog was written by Abhishek Juneja, a Principal Product Manager of Identity & FA Security - Cloud. This blog helps expand on some blogs I wrote on IDCS Audit --- Identity Cloud Services...
Introduction Audit events enable organization administrators to review the actions performed by members of your organization using details provided by the Audit logs - who performed the...
Introduction During provisioning of a new FA instance the passwords for FA AppIDUsers like FUSION_APPS_PROV_PATCH_APPID or similar users will expire after 120...
Introduction During provisioning of a new FA instance the passwords for FA AppIDUsers like FUSION_APPS_PROV_PATCH_APPID or similar users will expire after 120 days which is the standard value for normal OID users. This article is intended to describe how you can apply the no password expiry policy to all FA AppIDUsers in a newly provisioned R12 instance. Background The FA start/stop script fails and during the failed startup you observe error messages in the AdminServer.out...
Introduction During provisioning of a new FA instance the passwords for FA AppIDUsers like FUSION_APPS_PROV_PATCH_APPID or similar users will expire after 120 days which is the standard value for...
Introduction The purpose of this blog post is to describe how to use Sign-On Policies to restrict access to the OOTB Oracle Identity Cloud Service UI. One...
Introduction The purpose of this blog post is to describe how to use Sign-On Policies to restrict access to the OOTB Oracle Identity Cloud Service UI. One use-case could be that End-Users should not be able to view and update their own profile details using the OOTB UI. Overview IDCS comes with a Default Sign-On Policy that contains one Default Sign-On Rule which basically allows any authenticated user access to the IDCS "myconsole" application. We will update this policy to...
Introduction The purpose of this blog post is to describe how to use Sign-On Policies to restrict access to the OOTB Oracle Identity Cloud Service UI. One use-case could be that End-Users should...
Introduction When publishing data to Apache Kafka via the Oracle GoldenGate Big Data Kafka Handler, it is a good practice to establish secure connections in...
Introduction When publishing data to Apache Kafka via the Oracle GoldenGate Big Data Kafka Handler, it is a good practice to establish secure connections in order to protect sensitive data from un-authorized snooping. The Oracle Big Data Kafka Handler leverages encryption and authentication features built-in to Apache Kafka. In this article we shall detail the Oracle GoldenGate Big Data Apache Handler configuration settings to create secure connections. This document covers...
Introduction When publishing data to Apache Kafka via the Oracle GoldenGate Big Data Kafka Handler, it is a good practice to establish secure connections in order to protect sensitive data from...
OAuth2 has become increasingly popular for authorizing access to web services. Invoking these services is possible by applying Oracle Web Services Manager...
OAuth2 has become increasingly popular for authorizing access to web services. Invoking these services is possible by applying Oracle Web Services Manager (OWSM) policies to the component in the composite. OWSM actually acquires the OAuth Access Token and includes it in the HTTP request to the resource server for you automatically. This blog describes the steps needed to setup and utilize OAuth2 protected services from a BPEL composite. ** NOTE **: There is a known issue...
OAuth2 has become increasingly popular for authorizing access to web services. Invoking these services is possible by applying Oracle Web Services Manager (OWSM) policies to the component in...
Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all...
Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all to cloud for various reasons including security. That leads to the question, how do we integrate those on-prem applications to cloud Identity solution? There are a few common patterns to integrate an application to central IDAM (IDentity and Access Management) solution (not to suggest that these are the only possible...
Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all to cloud for various reasons...
Introduction This document will walk you through how to enable SSL SQLNet connection on GGCS to connect to an Oracle Database. Enabling SSL communication...
Introduction This document will walk you through how to enable SSL SQLNet connection on GGCS to connect to an Oracle Database. Enabling SSL communication between GGCS and the Oracle database is achieved by configuring credential wallet on both GGCS and the database which will store certificates and by modifying the configuration files used for SQLNet communication. The certificate to be used for SSL communication requires to be signed by a trusted certificate authority (CA),...
Introduction This document will walk you through how to enable SSL SQLNet connection on GGCS to connect to an Oracle Database. Enabling SSL communication between GGCS and the Oracle database...
Overview Last year at OOW, I conducted Hands On Lab on Fusion integration with IDCS. We had a full room of audience with loads of questions. That inspired me to...
Overview Last year at OOW, I conducted Hands On Lab on Fusion integration with IDCS. We had a full room of audience with loads of questions. That inspired me to write this blog. One of the most common requirements as Fusion is deployed in OPC is, how to centrally manage users and implement Single Sign-On between Fusion and rest of the OPC services. IDCS (IDentity Cloud Service) is security backbone for all the OPC services. It is Oracle's Identity service in the cloud. It can...
Overview Last year at OOW, I conducted Hands On Lab on Fusion integration with IDCS. We had a full room of audience with loads of questions. That inspired me to write this blog. One of the most common...
