Clik here to view.
Configuring OAM SSO for ATG BCC and Endeca XM
Introduction Single sign-on, or “SSO” as it’s commonly referred to, is an authentication method that allows a user access to multiple applications through a single, secure, point of entry. Rather than...
View ArticleClik here to view.
OAM Federation: Identity Provider & Service Provider Management
In this blog post I want to clarify a point of initial confusion some people experience with OAM Federation 11.1.2.3. If we go to the “Federation” tab of the OAM Console, we see: Now the two main...
View ArticleClik here to view.
OAM Federation 11.1.2.3: Performing a Loopback Test
In this blog post I will share steps for performing a loopback test of OAM Federation 11.1.2.3. In a loopback test, we configure OAM’s SP to point to OAM’s IdP. This enables you to confirm the basic...
View ArticleClik here to view.
OAM Federation 11.1.2.3: Example Message Processing Plugin
SAML is an extensible protocol. Since it is based on XML, through the use of XML namespaces, custom elements and attributes can be inserted into the SAML messages at the appropriate places. Sometimes...
View ArticleClik here to view.
OAM Federation 11.1.2.3: Performing a loopback test with WS-Federation
In a previous post I gave steps for performing a loopback test with SAML. This is where we configure OAM Federation to talk to itself, to act as both IdP and SP. This is useful in development and test...
View ArticleClik here to view.
Implementing OAuth 2 with Oracle Access Manager OAuth Services (Part I)
Introduction This post will explain the basics of OAuth 2.0 and how it can be used to protect resources by implementing some of the most common OAuth use cases. OAM provides out of the box OAuth...
View ArticleClik here to view.
Implementing OAuth 2 with Oracle Access Manager OAuth Services (Part II)
Introduction This post is part of a series of posts about OAM’s OAuth implementation. Other posts can be found here: Part I – explains the proposed architecture and how to enable and configure OAM...
View ArticleClik here to view.
Implementing OAuth 2 with Oracle Access Manager OAuth Services (Part III)
Introduction This post is part of a serie of posts about OAM’s OAuth implementation. Other posts can be found here: Part I – explains the proposed architecture and how to enable and configure OAM OAuth...
View ArticleClik here to view.
Implementing OAuth 2 with Oracle Access Manager OAuth Services (Part IV)
Introduction This post is part IV of a series of posts about OAM’s OAuth implementation. Other posts can be found here: Part I – explains the proposed architecture and how to enable and configure OAM...
View ArticleImplementing OAuth 2 with Oracle Access Manager OAuth Services (Part V)
Introduction This post is part of a series of posts about OAM’s OAuth implementation. Other posts can be found here: Part I – explains the proposed architecture and how to enable and configure OAM...
View ArticleClik here to view.
Retrieving the OAM SessionID for Fun and Profit!
Introduction I recently worked with a customer who needed to do some OAM session manipulation via custom code in order to implement a complex use case. While the focus of this post is not to go into...
View ArticleClik here to view.
Multiple authentication mechanism chaining in OAM
Authentication mechanism chaining Since the inception of OAM 11g, we have been talking about authentication scheme chaining and being able to invoke multiple authentication schemes in sequence or...
View ArticleClik here to view.
MDC Switch – Configuring Multi-Data Center Types
INTRODUCTION This post discusses the steps required to configure a “master” data center to a “clone” data center and visa-versa. If you are not familiar with Multi-Data Center (MDC) implementation and...
View ArticleClik here to view.
OAM 11g Webgate Tuning
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available....
View ArticleClik here to view.
Exploring OAM’s SAML Identity Assertion
Introduction OAM (Oracle Access Manager) has an interesting feature that often goes unnoticed to a considerable number of people wishing to tackle the problem of identity propagation. It’s OAM’s...
View ArticleClik here to view.
OAM Protected SPAs and Same-Origin Policy
Introduction On a previous post, I described the usage of OAM’s SAML Identity Assertion in the context of SPA (Single Page Applications) and how easy it is to take advantage of it for securely...
View ArticlePart 2: Advanced Apache JMeter Stress Testing OAM and LDAP
Introduction In “Part 1: How To Load Test OAM11g using Apache JMeter” I talked about an example plan that could be used to load test OAM11g, which included some common configuration elements, some...
View ArticlePresenting the new IDM Deployment Wizard
Introduction With the recent IDM 11gR2PS2 release Oracle has developed a new deployment tool that aims to automate and reduce the time required to install and configure Oracle Identity and Access...
View ArticleHow To Display A Custom Error Page When the Access Server Is Down?
I have been asked several times over the years if there is a way to customize the following error message a User is presented in their Internet browser when the WebGate fails to contact any of the...
View ArticleIdentity Propagation from OAG to REST APIs protected by OWSM
Introduction This post describes the necessary configuration for propagating an end user identity from OAG (Oracle API Gateway) to REST APIs protected by OWSM (Oracle Web Services Manager). The...
View ArticleOAG/OES Integration for Web API Security: skin and guts
Introduction When it comes to defining a strategy for web API security, OAG (Oracle API Gateway) and OES (Oracle Entitlements Server) together present a very interesting choice and are a very powerful...
View ArticleChained LDAP Authentication in OAM 11g
Introduction In this post, we look at a simple way to configure a chained LDAP authentication scheme in OAM 11g R2. This post is part of a larger series on Oracle Access Manager 11g called Oracle...
View ArticleUnderstanding OAM 11g ASDK Configuration and Cert Requirements
Introduction Oracle provides documentation on developing an Access Client for the OAM 11g ASDK http://docs.oracle.com/cd/E40329_01/dev.1112/e27134/as_api.htm#autoId0, but getting it to work can be...
View ArticleLogging made easy in OAM 11g with this simple trick!
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is...
View ArticlePart 1: Getting under the covers of Detached Credential Collector (DCC)
Introduction This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available....
View ArticleOAM11g — The Redirect Infinite Loop
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available....
View ArticlePart 2: Custom Login and Logout with Detached Credential Collector (DCC)
INTRODUCTION This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager Academy. An index to the entire series with links to each of the separate posts is available....
View ArticleA Beginner’s HowTo on Social Federation with OAM Mobile & Social
Introduction Social Federation: a somewhat fancy name for a simple concept. We want to leverage identities in Social Network providers in our own applications. For example, granting access to either...
View ArticleOracle Access Manager Post Authentication Operation
Since OAM 10g days, keeping track of Protected Resource that user wanted to access throughout custom authentication process has been a challenge. In OAM 10g, it was possible to create custom...
View ArticleMonitoring OAM Environment
Introduction Security systems, including OAM, reside in a dynamic environment where the parameters that affect system performance are ever changing. On top of that, access management Infrastructure...
View ArticleSocial Federation with OAM Mobile & Social in Native iOS Applications
Introduction I’ve already posted an article about Social Federation with Mobile & Social (M&S) for web applications protected by Oracle Access Manager (OAM), showing users being authenticated...
View ArticleIntegrating Oracle Access Management platform with Mobile Application Framework
Fellow A-Team blogger Andre Correa recently posted an article about integrating native IOS Apps with the OAM Mobile & Social SDK in order to do social identity federation within these apps. To...
View ArticleAutomated Policy Synchronization (APS) for OAM Cloned Environment
Introduction Since the introduction of MDC support in OAM 11g, Customers have been asking for Automated Synchronization between Master and Clone OAM Environments. It is supported in OAM R2PS2. Thanks...
View ArticleThe Ultimate Apache/OHS11g Tuning Guide for OAM11g WebGate
Introduction OK, maybe “Ultimate” could be stretching it, but it caught your eye so you can be the judge. This post is part of a larger series on Oracle Access Manager 11g called Oracle Access Manager...
View ArticleIDCS Integrations Series Part II:Integrating Fusion Application with IDCS
Overview Just like every other application, Fusion applications have also moved to cloud. So far large number of fusion deployments in the cloud are OMCS (Oracle Managed Cloud Services) deployments...
View ArticleIDCS Integrations Series Part III: Integrating on-prem applications to IDCS
Overview As more and more customers move Identity to the cloud, we will run into applications that cannot be migrated in short term or cannot be migrated at all to cloud for various reasons including...
View ArticleUnder the hood: Oracle Identity Cloud Service Audits
Introduction Audit events enable organization administrators to review the actions performed by members of your organization using details provided by the Audit logs – who performed the action,...
View ArticleUsing SSSD with Kerberos and Active Directory to Terminal into an OCI Linux...
Introduction OCI or Oracle Cloud Infrastructure, is Oracle’s latest cloud infrastructure that is replacing the older Oracle Cloud Infrastructure Classic. One feature it has is built-in Identity...
View ArticleCustom Login Widget for Oracle Identity Cloud Services
Introduction Identity Cloud Services (IDCS) 18.2.4 introduced an all new authentication API that allows customers to build their own login application. Those new APIs allow you to do username and...
View ArticlePart 1: Automate getting an Identity Cloud Service Access Token in Postman
Introduction If you have spent enough time working with web services you have probably heard of Postman. If not, then let me say it is a great tool to test REST APIs against Identity Cloud Service...
View ArticlePart 2: Using Postman Runner with Identity Cloud Service
Introduction In the last article, Part 1: Automate getting an Identity Cloud Service Access Token in Postman, I explained how using a Pre-request Script can automate getting an access token so when a...
View ArticlePart 3: Automate Requests against Identity Cloud Service using Newman
Introduction In Part 1: Automate getting an Identity Cloud Service Access Token in Postman I covered using a Pre-request script to automate getting an Access Token from Identity Cloud Service in order...
View ArticleIntegrating APEX with Oracle Identity Cloud Service
Introduction The purpose of this blog post is to describe how to do the Integration of APEX(on-premise) with Oracle Identity Cloud Service(IDCS). The integration described in this Post relies on APEX...
View ArticleImplement Social Login with Oracle Identity Cloud Service
Overview Social login is an important use case for B2C applications be it marketing or eCommerce. It is a form of sign-in/login where a user uses social network services like Facebook, Twitter or...
View ArticleIDCS Integrations Series Part I: Integrating WebLogic Hosted Application with...
Overview As you implement IDCS (Oracle IDentity Cloud Service) use cases, you would have started thinking, “how do you integration application X with IDCS?”, Specially the applications running...
View ArticleRestricting Access to Oracle Analytics Cloud by IP Range
For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for instance to only allow connections coming...
View ArticleMulti-Data Center Implemenation in Oracle Access Manager
For obvious reasons, there is a high demand for Multi-Data Center (MDC) topology; which is now supported in Oracle Access Manager (OAM) 11g. This post discusses some of the features of MDC as well as...
View ArticleOracle Access Manager – What’s new in PS2
Introduction Oracle Access Manager 11gR2 – PS2 is now out! This post will cover some of the new features in PS2. There are six new features I will discuss: Dynamic Authentication Persistent Login...
View ArticleStrategies for managing OAAM to OAM connections in production
Many Oracle Access Management 11g customers opt to deploy a combination of Oracle Access Manager and Oracle Adaptive Access Manager using the Advanced Integration option. This combination of product...
View ArticleIntegrating Okta as Identity Provider to IDCS
IDCS (IDentity Cloud Service) is Oracle’s next-gen Identity solution built in the cloud for the cloud. It is fully standards compliant and implements various standards like SAML (Security Assertion...
View Article