Introduction When it comes to defining a strategy for web API security, OAG (Oracle API Gateway) and OES (Oracle Entitlements Server) together present a very interesting choice and are a very powerful combination indeed. In this post we’re going to take a look at what each component brings in (the skin) and then get our […]
↧
OAG/OES Integration for Web API Security: skin and guts
↧
Chained LDAP Authentication in OAM 11g
Introduction In this post, we look at a simple way to configure a chained LDAP authentication scheme in OAM 11g R2. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. The […]
↧
↧
Understanding OAM 11g ASDK Configuration and Cert Requirements
Introduction Oracle provides documentation on developing an Access Client for the OAM 11g ASDK http://docs.oracle.com/cd/E40329_01/dev.1112/e27134/as_api.htm#autoId0, but getting it to work can be challenging when running the Access Servers in Simple or Cert Mode. In this article I will not explain how to create an Access Client, there are already good examples out there for that. What […]
↧
Logging made easy in OAM 11g with this simple trick!
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. Logging is extremely helpful when trying to troubleshoot issues and normally when you see instructions to log in OAM 11g […]
↧
Part 1: Getting under the covers of Detached Credential Collector (DCC)
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. The Detached Credential Collector (DCC) feature was introduced with the release of OAM 11gR2 — 11.1.2.0.0. DCC brought some very […]
↧
↧
OAM11g — The Redirect Infinite Loop
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. I recently was working on one of my virtual environments that had three servers, which included OAM 11gR2PS2, though this […]
↧
Part 2: Custom Login and Logout with Detached Credential Collector (DCC)
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available. In Part 1: Getting under the covers of Detached Credential Collector (DCC), I spent time talking about DCC in general […]
↧
A Beginner’s HowTo on Social Federation with OAM Mobile & Social
Introduction Social Federation: a somewhat fancy name for a simple concept. We want to leverage identities in Social Network providers in our own applications. For example, granting access to either cloud or on-premise applications to end users using their Google identities. In this post we’re going to take a close look at the necessary configuration […]
↧
Oracle Access Manager Post Authentication Operation
Since OAM 10g days, keeping track of Protected Resource that user wanted to access throughout custom authentication process has been a challenge. In OAM 10g, it was possible to create custom OBFormLoginCookie to overcome that challenge. With the introduction of Encrypted OAM_REQ cookie in OAM 11g, it is not feasible. That makes it difficult to […]
↧
↧
Monitoring OAM Environment
Introduction Security systems, including OAM, reside in a dynamic environment where the parameters that affect system performance are ever changing. On top of that, access management Infrastructure like OAM serve as the front door or gate to every application/system in an organization. Therefore continuous monitoring of such key components is mandatory to ensure continuous success of […]
↧
Social Federation with OAM Mobile & Social in Native iOS Applications
Introduction I’ve already posted an article about Social Federation with Mobile & Social (M&S) for web applications protected by Oracle Access Manager (OAM), showing users being authenticated against social network providers, like Google and Linkedin. My coworker Chris Johnson also blogged about using Mobile & Social in a native iOS application. In his post, user […]
↧
Integrating Oracle Access Management platform with Mobile Application Framework
Fellow A-Team blogger Andre Correa recently posted an article about integrating native IOS Apps with the OAM Mobile & Social SDK in order to do social identity federation within these apps. To expand on that post – and present a potential alternative to developers who wish to use Oracle’s Mobile Application Framework – I’d like […]
↧
Automated Policy Synchronization (APS) for OAM Cloned Environment
Introduction Since the introduction of MDC support in OAM 11g, Customers have been asking for Automated Synchronization between Master and Clone OAM Environments. It is supported in OAM R2PS2. Thanks to the development team! Before R2PS2, It required T2P process to keep all the data centers in synch which is manual process or customer had to […]
↧
↧
Decoding JWT using the API Platform Groovy Policy
Introduction With the explosion of APIs; most of the today’s computing challenges are being driven by it and therefore, new standards had to emerge to make sure that APIs can be used securely, while allowing developers to avoid having to reinvent the wheel every time they implement aspects such as authorization. One good example is […]
↧
The Ultimate Apache/OHS11g Tuning Guide for OAM11g WebGate
Introduction OK, maybe “Ultimate” could be stretching it, but it caught your eye so you can be the judge. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available here. Though OAM11g is […]
↧
SSO “like” functionality with Oracle Fusion JWT Tokens
Introduction There are many instances where customers want to extend Oracle’s Fusion SaaS applications with PaaS components. Depending on the Oracle PaaS components being used, they may get SSO with Fusion Applications pre-configured OOTB however sometimes this is not the case and they will need to manually setup SSO federation to achieve their needs. If […]
↧
IDCS Integrations Series Part II:Integrating Fusion Application with IDCS
Overview Just like every other application, Fusion applications have also moved to cloud. So far large number of fusion deployments in the cloud are OMCS (Oracle Managed Cloud Services) deployments where fusion environment is running in Oracle data center, managed by Oracle resources. With the introduction of OPC (Oracle Public Cloud), some of the OMCS […]
↧
↧
IDCS Integrations Series Part III: Integrating on-prem applications to IDCS
Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all to cloud for various reasons including security. That leads to the question, how do we integrate those on-prem applications to cloud Identity solution? There are a […]
↧
OAAM Admin Console Dashboard Update Frequency
There are three sections in the dashboard in OAAM Admin Console. The refresh time in section 1 and section 2 shown above can be configured by selecting the appropriate duration from the dropbox. There is no provision to select the update frequency of the items in section 3. This is actually controlled by different monitors […]
↧
A first look at POST data preservation in OAM 11g R2 PS1
Introduction In this post, we have a quick look at POST data preservation, a new feature introduced in the 11g R2 PS1 (or 11.1.2.1) version of Oracle Access Manager. We’ll explain the problem that this feature solves and walk through a simple example explaining how to configure and use the feature. This post is part […]
↧