Index to the Oracle Access Manager Series from the Fusion Security Blog Team
OAM 11g was released last summer and constitutes a major upgrade/rewrite of OAM, which happens to be one of the more popular Oracle IAM products. Our goal with this series is to help everyone attempting to use and deploy the product at various stages by explaining major OAM 11g concepts, making architectural recommendations, pointing out potential pain points, and walking you through common yet non-trivial tasks such as setting up authentication to an external custom login form.
The OAM 11g Policy Model
OAM 11g was released last summer and constitutes a major upgrade/rewrite of OAM, which happens to be one of the more popular Oracle IAM products. Our goal with this series is to help everyone attempting to use and deploy the product at various stages by explaining major OAM 11g concepts, making architectural recommendations, pointing out potential pain points, and walking you through common yet non-trivial tasks such as setting up authentication to an external custom login form.
The OAM 11g Policy Model
- Part 1: Policy Model Overview
- Part 2: Application Domains and Host Identifiers
- Part 3: Resources
- Part 4: Protection Levels and Excluded Resources
- Configuring Data Sources
- Understanding OAM Authentication Schemes, Modules, Step Orchestration, and Plug-ins
- A Little Trick for HTTP Basic Authentication and OAM 11g
- x.509 Certificate Authentication
- External Custom Login Form
- Windows Native Authentication (WNA)
- R2: Detached Credential Collector Configuration - OAM 11GR2
- R2: X509 Fallback to Form
- R2: Unsolicited Logins in OAM 11g R2
- Part 1: Under the Covers of OAM11g WNA integration with Multiple AD Forests
- Part 2: How to Configure OAM11g WNA for Multiple AD Forests
- Part 3: OAM11g WNA Identity Store Considerations and Configurations
- OAM 11g Custom Authentication Plugins: Collecting additional credentials
- OAM 11g, Oracle Forms, and a Little ADF
- OAM and ADF Applications with Anonymous Access
- OBIEE 10g SSO Integration with OAM 11g
- OAM 11g Single Sign-On and OAM 11g Cookies
- OAM 11g Single Sign-On and OAM 10g Cookies
- OAM Session management
- Logout (part 1 of 2)
- OAM 11g and LDAP over SSL
- Deploying OAM Correctly Part 1: Web Tiers
- Deploying OAM Correctly Part 2: Logins and SSL
- Protecting Intranet and Extranet Applications with a Single OAM 11g Deployment
- OAM/OVD JVM Tuning
- R2: Password Policy in OAM 11g R2
- How to (correctly) make manual edits to oam-config.xml
- OAM WebGate connections through firewalls
- OAM LDAP connections through firewalls
- OAM 11g Webgate Tuning
Posts
Thanks for posting these blogs. Is there a good discussion or blog somewhere about the relationship between the authorization policies in OAM and those in OIM? There seems to be a bit of overlap and may be in the long run make sense to put them all in in OIM. From the way I read it OIM is used to provision 'IT resources' like databases, folders, applications etc. (See chapters 7-10 in this Oracle press book on Identity and Access Management for example: http://www.mhprofessional.com/product.php?isbn=0071741372&cat=112)
ReplyDeleteHi Brian,
ReplyDeleteThis is a wonderful blog. Thanks for sharing much valuable informations. I have a question about OAM 11g.
Does the Oracle Access Manager 11g (OAM 11g) supports the multiple cookie domain configuration in it.
For example, I have the applications to be protected in following domains in my customer environments are .abcsolutions.com;.abc.com;.abc-travel.com;.abc-solutions.com would all these domains be configured in the same OAM 11g server ? Is it possible. If not what would be the best approach to deal with it.
Your response is much appreciated.
Thanks.
Ashok,
ReplyDeleteOAM 11g inherently supports cross cookie domain SSO. Unlike with OAM 10g, there really isn't any additional configuration required. Chris did an excellent post a while back explaining how SSO in 11g works and from that post you'll see what I mean.
http://fusionsecurity.blogspot.com/2011/04/oam-11g-single-sign-on-and-oam-11g.html