Integrating Oracle 10g Application Server with Oracle Access Manager -Overview
=========================
i) Oracle Application Server (OAS) can be integrated with Oracle Access
Manager (OAM, earlier called as Oblix COREid) for Authentication and
Authorization. Though Oracle Application Server has its own
Authentication and Single Sign-On feature but integrating OAS with OAM
provide more flexibility and security to Oracle Application Server and help in providing fine grained access control for protecting web and other resources.
ii) You also need OAM-OAS integration if you wish to integrate E-Business
Suite with Oracle Access Manager (Oblix COREid) for authentication and
authorization.
iii) If you wish to integrate (protect/authenticate/authorize) any oracle
product (like portal, Forms, BI, E-Business Suite) with Oracle Access
Manager (Oblix COREid) it should be done via Oracle Application Server.
iv) Integration of OAM with OAS will help you to provide identity management functionality to Web based application which run on Oracle Application server or any other Oracle product like Oracle E-Business Suite Self Service applications (iProc, iRec)
iv) While integrating Oracle Access Manager’s Authorization functionality, either Oracle Application Server or Oracle Access Manager Single Sign-On can act as authentication mechanism.
OAS (10g AS) - OAM (Oblix COREid) Integration Architecture
—————————————————————————–
As shown in diagram on top, you will have Oracle Access Manager installed and configured with any LDAP Server (AD, OID, iPlanet) and Oracle HTTP Server will be protected by WebGate (OAM web component).
Here is request flow when Oracle Application Server is protected by Oracle Access Manager (Oblix COREid)
i) User try to access web resource (http/https) on oracle application server which is protected by Oracle Access Manager (Oblix COREid), request is received by WebGate (access manager component on Web Server)
ii) Webgate request for policy from Access Server (another component in Oracle Access Manager) to check if resource (URL) is protected or not
iii) If resource/URL is not protected page is returned to user. If resource/URL is protected, webgate ask user to authenticate
iv) Credentials entered by user is validated against LDAP directory via access system.
v) After successful authentication, Oracle Access Manager Single Sign-On cookie (obSSOCookie) is sent to user browser
vi) After successful authorization (pre-defined at access server policy domains), access server executes actions specified in security policy and set HTTP Header variable that maps to Oracle Application Server 10g User ID
vii) Oracle AS Single Sign-On recognizes HTTP Headers set by Oracle Access Manager (HeaderVar), authenticates user and sets Oracle Single Sign-On Cookie.
If your LDAP store for Access is not same OID where Oracle Application Server users are stored then ensure that user data in two LDAP servers is in sync (up to date)
Implementation of 10g AS integration with Oracle Access Manager(Oblix COREid) coming soon …
Integration of Oracle Access Manager(COREid) with Siebel coming soon…
Related Posts for Access Manager
- Integration Steps - 10g AS with OAM (COREid)
- OAS - OAM (Access Manager / Oblix COREid) Integration Architecture
- Oblix COREid and Oracle Identity Management
- Installing Oracle Access Manager (Oblix COREid / Netpoint)
- Oracle Access Manager (Oblix COREid) 10.1.4.2 Upgrade
- Access Manager: WebGate Request Flow
- Introduction to Oracle Access manager : Identity and Access System - WebPass , Webgate, Policy Manager
- Certified Directory Server (AD, OID, Tivoli, Novell, Sun or OVD) and their version with Oracle Access Manager
- Install Oracle Access Manager (OAM) 10.1.4.3 Identity Server, WebPass, Policy Manager, Access Server, WebGate
- Multi-Language or multi-lingual Support/Documentation for Oracle Access Manager (OAM)
- OAM Policy Manager Setup Issue “Error in setting Policy Domain Root” : OAM with AD and Dynamic Auxiliary Class
- OAM 10.1.4.3 Installation Part II - Indentity Server Installation
- OAMCFGTOOL : OAM Configuration Tool for Fusion Middleware 11g (SOA/WebCenter) Integration with OAM
- Oracle Access Manager Installation Part III : Install WebPass
- OAM : Access Server Service Missing when installing Access Manager with ADSI for AD on Windows
- OAM : Create User Identity - You do not have sufficient rights : Create User Workflow
- Password Policy in Oracle Access Manager #OAM
- Changes in Oracle Access Manager 11g R1 (11.1.1.3)
Popularity: 18% [?]
Download R12 VMware
Documentation
Good hands-on exercises (installation, patching, cloning), very experienced trainer worth every penny
28 users commented in " OAS - OAM (Access Manager / Oblix COREid) Integration Architecture "
Follow-up comment rss or Leave a TrackbackHi Atul,
I am trying to protect MS Exchange Server with Oracle Access Manager (Oblix Netpoint). Do you have any idea how to do it?
I would appreciate an email on pandeypunit@yahoo.com.
Thanks & Regards,
Punit Pandey
Punit, Depending on way you are accessing MS exchange data you can protect using access policy on netpoint access server (Oracle Access manager now) and authentication plug-in on Exchange server.
Here is a scenario. We would like to use external apps e.g. .net asp as landing site for external users. After they are logged in, they can click on istore (EBS) and access it without having to provide the credentials again. I know OAM can handle heterogeneous environments. But the question is how will the credentials be handed over to EBS HTTP server once users have logged into .net app? I know OAM creates the SSO cookies, but will it work ? How can we “hand-over” the credentials to EBS HTTP….
Integrate EBS with 10g SSO/OID and further SSO/OID with OAM so OAM passes cookie to OAS and OAS inturn to EBS HTTP
When are you going to post Integration of Oracle Access Manager(COREid) with Siebel? Really looking forward to read it.
Hi PPatil,
Thanks for your interest, Are you looking for Oracle Access Manager Integration with Siebel Applications or Siebel Business Intelligence ?
Yes i am looking for Integration with OBIEE 10.1.3.3.3 or 10.1.3.3.2
ppatil,
As you know OBIEE consist of many components and you can deploy it on different application server so integration with OAM depends on all such factor. More over integration will depend on what you wish to protect in OBIEE (URL, services, users, sso ) using OAM …
Good starting point is integration guide for Oracle access Manager http://download.oracle.com/docs/cd/B28196_01/idmanage.1014/b25347/toc.htm
Your blog is excellent. Thanks. How would you best integrate Oblix/OAM with Sharepoint 2007 server? Do you have any diagrams/tips of how it would work in an HA environment?
To integrate Oracle Access Manager (earlier Oblix) with Sharepoint Portal server
check
Here
Atul, thanks very much!
Hi Atul and All,
Can u guide how to do the custom authentication plug-in by writing the C language code in OAM.I create a form based authuntication after that i want to do custom suthnetication plg-in which accept the username only and it has to login by getting the password from the OID or hardcoded values. Actually i thought writing in Java But we can write in C and C# only.
Can u help me regarding this one??
Thanks in Advance,
Vasavi
Could you give me a link on how to integrate Oracle Access Manager with Cognos 8 BI suite? I looked in the integration guide you posted but it does not mention Cognos BI.
Hi,
Thanks great guide. I would be interested in some more information on OAM integration with Cognos 8 BI suite too if anybody has some.
Cheers,
Damian
Is there an integration between OAM and EBS, except SSO? Please tell me in what other way can OAM interact with SSO?
mistake in previous question, In what other way can OAM interact with EBS?
Only supported and certified way of EBS integration with OAM (access maanger) is via Oracle AS SSO server which is now part of Oracle Identity Management under (AS infrastructure component)
Hi,
I want to know about the API used by OAM which it internally used while we click Lost Password or Forget password.
How OAM internally work for these two applications -
a). Lost Password.
b). Forget Password.
Thanks
Miit
Hi,
Can some one help in finding about Access SDK and IDXML in OAM.
I want to know how OAM sets the UserID and Password in OID.
Thanks
Miit
Hi,
I want to use the existing password setting functionality of OAM in my application.
I want to achieve it by either of the two ways-
1. Using Access Manager API
2. Access Manager SDK.
Can you please guide me in following -
1. Which is the better one in above mentioned ways in my case?
2. which is the method responsible for password setting in ObAuthenticationScheme of Access Manager API?
3. Also please provide me the details how can I use that method in my customized Authentication Scheme.
Your assistance will be highly appriciated.
Thanks in advance.
I would be interested in some more information on OAM integration with Oracle Universal Contnent Management(UCM)
Hi
We have the below scenario to implement, Can you please suggest me some ideas to implement this. Searched in Development and customization guide of OAM but could not get much help….your early response will be helpfull.
Problem : There is an requirement to Change Password for a user by his supervisor/admin in OAM / Core ID identity xml server programmatically (like Any administrator can reset the password for any OAM user in OAM Administrative Screen) .
I would like to achieve the Change Password functionality by invoking the OAM API to RESET USER PASSWORD by external JSP Application
If you have implemented this functionality from an third party call, please send responses. Or please let us know which is the OAM API which is called during default Password reset functionality.
Timely input will be greatly appreciated.
Hi Vani/ALL,
let me too know the solution for that issue plz.
We have the same requirement and we are at the initial stage. if you got any info please share with us.
Thanks & Regards,
Vasavi
HI,
I am need to configure reverse proxy for apache web server and weblogic app server could you please provide httpd.conf file for the same.
Thanks
Regulla
Hi Atul,
We are looking to integrate weblogic portal 10.3 with OAM 10.1.4.2 BP 06+. Unfortunately, we didnot find any document.
Do you have any pointer for this?
Please help me in this.
HI,
How do I handle Forgotten Password in Coreid OBlix screen programatically. I need to fetch a value from the database and eMail that to him once Forgotton password is clicked.
I would also like to redirect the user bypassing the login screen on clicking the forgotten password link.
please help me.
Hi Atul,
I want to authenticate the user based on the obssocookie in IDXML.can you send me the sample code for that.
Thanks In Advance,
Rajesh
Hi Atul,
Not sure is this the correct place to post this query. But is there any documentation for Integrating Sun Java Application Server with OAM for Authentication Services.
Regards
Kunal
Leave A Reply