OAuth2 has become increasingly popular for authorizing access to web services. Invoking these services is possible by applying Oracle Web Services Manager...
OAuth2 has become increasingly popular for authorizing access to web services. Invoking these services is possible by applying Oracle Web Services Manager (OWSM) policies to the component in the composite. OWSM actually acquires the OAuth Access Token and includes it in the HTTP request to the resource server for you automatically. This blog describes the steps needed to setup and utilize OAuth2 protected services from a BPEL composite. ** NOTE **: There is a known issue...
OAuth2 has become increasingly popular for authorizing access to web services. Invoking these services is possible by applying Oracle Web Services Manager (OWSM) policies to the component in...
Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all...
Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all to cloud for various reasons including security. That leads to the question, how do we integrate those on-prem applications to cloud Identity solution? There are a few common patterns to integrate an application to central IDAM (IDentity and Access Management) solution (not to suggest that these are the only possible...
Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all to cloud for various reasons...
Introduction This document will walk you through how to enable SSL SQLNet connection on GGCS to connect to an Oracle Database. Enabling SSL communication...
Introduction This document will walk you through how to enable SSL SQLNet connection on GGCS to connect to an Oracle Database. Enabling SSL communication between GGCS and the Oracle database is achieved by configuring credential wallet on both GGCS and the database which will store certificates and by modifying the configuration files used for SQLNet communication. The certificate to be used for SSL communication requires to be signed by a trusted certificate authority (CA),...
Introduction This document will walk you through how to enable SSL SQLNet connection on GGCS to connect to an Oracle Database. Enabling SSL communication between GGCS and the Oracle database...
Overview Last year at OOW, I conducted Hands On Lab on Fusion integration with IDCS. We had a full room of audience with loads of questions. That inspired me to...
Overview Last year at OOW, I conducted Hands On Lab on Fusion integration with IDCS. We had a full room of audience with loads of questions. That inspired me to write this blog. One of the most common requirements as Fusion is deployed in OPC is, how to centrally manage users and implement Single Sign-On between Fusion and rest of the OPC services. IDCS (IDentity Cloud Service) is security backbone for all the OPC services. It is Oracle's Identity service in the cloud. It can...
Overview Last year at OOW, I conducted Hands On Lab on Fusion integration with IDCS. We had a full room of audience with loads of questions. That inspired me to write this blog. One of the most common...
Introduction In Part 3 of 4 – SSSD Linux Authentication: Implementation Step-by-Step Guideline I covered all the necessary step-by-step details on deploying...
Introduction In Part 3 of 4 – SSSD Linux Authentication: Implementation Step-by-Step Guideline I covered all the necessary step-by-step details on deploying SSSD, but nothing ever seems to go perfect the first time does it. This is why I have included a final Part 4 that covers known problems I came across, though there could be more, and then troubleshooting tips I learned. These are all things I learned and want to share with you so that your SSSD implementation is...
Introduction In Part 3 of 4 – SSSD Linux Authentication: Implementation Step-by-Step Guideline I covered all the necessary step-by-step details on deploying SSSD, but nothing ever seems to go perfect...
Introduction In Part 2 of 4 – SSSD Linux Authentication: LDAP Identity Store Requirements all the aspects of the LDAP Identity Store requirements were covered....
Introduction In Part 2 of 4 – SSSD Linux Authentication: LDAP Identity Store Requirements all the aspects of the LDAP Identity Store requirements were covered. And before that in article Part 1 of 2 - SSSD Linux Authentication: Introduction and Architecture I covered an introduction and high-level architecture of SSSD, which will be very important for this article. Finally, in Part 3, I will cover all the necessary steps to implement SSSD in order to support the goals pointed...
Introduction In Part 2 of 4 – SSSD Linux Authentication: LDAP Identity Store Requirements all the aspects of the LDAP Identity Store requirements were covered. And before that in article Part 1 of 2 -...
Introduction In Part 1 of 4 - SSSD Linux Authentication: Introduction and Architecture I covered an introduction on SSSD and an architecture overview with...
Introduction In Part 1 of 4 - SSSD Linux Authentication: Introduction and Architecture I covered an introduction on SSSD and an architecture overview with details on the flow of how it all works. In this part I am going to cover the LDAP Identity Store details required for SSSD. LDAP Identity Store Schema Requirements for SSSD A UNIX user account typically requires a uid, a gid, a home directory, a login shell, and a password. Minimally, a uid (User ID) and gid (Group ID)...
Introduction In Part 1 of 4 - SSSD Linux Authentication: Introduction and Architecture I covered an introduction on SSSD and an architecture overview with details on the flow of how it all works. In...
Introduction This article provides the details needed to solve a real use case used to allow a user to authenticate to an Oracle Public Cloud Linux server in...
Introduction This article provides the details needed to solve a real use case used to allow a user to authenticate to an Oracle Public Cloud Linux server in SaaS using a single or multiple LDAP Identity store that could be Active Directory 2012R2 (AD) or better, Oracle Internet Directory (OID), Oracle Unified Directory (OUD), Oracle Directory Services Enterprise Edition (ODSEE), or OpenLDAP. The use case stems from the need to authenticate and authorize users to OPC Linux...
Introduction This article provides the details needed to solve a real use case used to allow a user to authenticate to an Oracle Public Cloud Linux server in SaaS using a single or multiple...
Introduction OK, maybe "Ultimate" could be stretching it, but it caught your eye so you can be the judge. This post is part of a larger series on Oracle Access...
Introduction OK, maybe "Ultimate" could be stretching it, but it caught your eye so you can be the judge. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available here. Though OAM11g is in the title, this article should also apply to OAM12c(12.2.1.3.0.) since it still uses 11g Webgates. In my previous post OAM 11g Webgate Tuning, I covered a...
Introduction OK, maybe "Ultimate" could be stretching it, but it caught your eye so you can be the judge. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager...
