Wednesday, June 8, 2011

Oracle Identity and Access Management patches are available NOW

flowers on my Kousa Dogwood tree
Each Spring I look forward to seeing my Kousa Dogwood tree bloom. The white flowers are beautiful in a way that pictures really can't convey and it's one of those things that cheers me up after the cold New England winter.

"Dogwood" also happens to be the code name for the Oracle Identity and Access Management product set and, like the flowers on my actual Dogwood tree, there's something pretty exciting happening to this Dogwood this spring.

Earlier today the press release went out announcing the availability second in a series of Dogwood releases. The first release, 11g R1 (version, came out in July 2010 and included the first 11g releases of Oracle Identity Manager, Oracle Access Manager, and Oracle Adaptive Access Manager. This release, known as 11g R1 PS1 (say that 3 times fast!) or as version includes some pretty dramatic new features and functionality for the 11g R1 products and includes the first 11g release of Oracle Entitlements Server.

We all want to extend a well deserved congratulations to the product teams on a job well done. We haven't been able to speak publicly about the internal betas and release candidates, but now that we can we get to say that engineering did a really good job extending the reach of the existing products and in creating an initial 11g release of OES that fits well with the rest of the product set.

There are a whole bunch of products in the Identity Management suite and though their names are pretty obvious to us inside the company we know it can be confusing the first time you encounter them. So I thought it might be a good idea to try to provide a list of the products and to sum up each product's purpose in a single sentence.

The products in the Identity Management suite are currently broken into two separate release trains - the first is Identity Management and the second is Identity and Access Management.

The Identity Management (IdM) products are:
  • Oracle Internet Directory - an enterprise-scale LDAP directory that stores its data in Oracle Database
  • Oracle Virtual Directory - a Virtual Directory that aggregates data from multiple sources (LDAP, Active Directory, databases and custom stores) and exposes it all to clients as a single unified LDAP directory.
  • Oracle Identity Federation - a federation server that supports SAML, Liberty ID FF, WS-Federation, OpenID and Infocard. 
The Identity and Access Management (IAM) products are:
  • Oracle Access Manager - provides web Single Sign-On and access management
  • Oracle Adaptive Access Manager - provides real time fraud detection and risk scoring plus web based strong authenticators
  • Oracle Identity Manager - automates user and account management, provides self-service account tools and will automatically provision accounts to other systems, like LDAP and applications, based on workflow administrators define.
  • Oracle Identity Navigator - a sort of portal providing a single place to go to access the consoles for all of the other IAM products.
The IAM products also include these new additions:
  • Oracle Entitlements Server - allows you to remove the authorization decision logic from your code and instead manage fine grained authorization policies centrally.
  • Oracle Secure Token Service - allows you to take one security token and exchange it for another to support identity propagation in your SOA architecture. For example you might present the STS with a Single Sign-On cookie and request a SAML Assertion in exchange.
You can find more information about all of these products from the Identity Management products page at

You can expect more posts on the new features over the coming month or so as we finally get to play with and talk about the final release.

Once again congratulations to the product teams!


  1. someone asked me for the patch numbers via Twitter. I normally get patches though a different interface, so let me know if these are wrong, but I think they're as follows:
    WebTier: 12395115.
    IdM: 12395123.
    IAM: 12575064 (server side), 12575078 (webgate).

  2. Hello there,
    Can anyone please confirm that is it safe to use version 5 for production?

    Many Thanks,

  3. Yes, is fully tested, certified and supported for production use.

  4. Has anyone tried to update OIF from to, any feedback please?

  5. Barry,
    I've done the upgrade myself. Are you asking because you're running into problems or just asking for more info?


Note: Only a member of this blog may post a comment.