OAM- Oracle Access Manager is recommended Single Sign-On solution for Fusion Middleware products (SOA, WebCenter, OSB, UCM ….)

ObSSOCookie – is cookie generated by OAM for users authenticated via OAM.

.
What is Authentication Provider in WebLogic Server ?
WebLogic Server includes numerous Authentication security providers: given a username and password credential pair, the provider attempts to find a corresponding user in the provider’s data store (LDAP, Database or other data store). In addition to these username/password based security providers, WebLogic Server includes identity  assertion Authentication providers, which use certificates or security tokens, rather than username/password pairs, as credentials.

More on authentication providers in WebLogic server here . For steps on how to configure Authentication Providers in  WebLogic Server check Configure Authentication and Identity Assertion providers in  Administration Console Online Help for weblogic here

  • To configure OID (Oracle Internet Directory) as Authentication Provider in WebLogic click here

.

OAM Authentication Provider for WebLogic

Oracle Access Manager Authentication Provider (oamAuthnProvider.jar – part of OAM 10.1.4.3) provides two features/functions (“Identity Assertion for Single Sign-On” and  “Authenticator“) which can be integrated with WebLogic Server.

a) OAM Identity Assertion for Single Sign-On - This authentication provider in WebLogic Server, uses OAM authentication service and also validate already-authenticated (users with ObSSOCookie) users and creates a WebLogic-authenticated session. This function (OAM Identity Assertion) also provides single sign-on between WebGates and portals (webcenter, soa…)

b) OAM Authenticator – This authentication provider in WebLogic Server, uses OAM authentication service to authenticate users who access applications deployed in WebLogic Server.

  • If you have Oracle Fusion Middleware 11g of type WebCenter, SOA or Identity Management then “OAM Identity Assertion for Single Sign-On” and “OAM authenticator” should already be available in your weblogic authentication providers.
  • If you have standalone weblogic server (NO – SOA, WebCenter or Identity Management) then you can get these two providers (“OAM Identity Assertion for Single Sign-On” and “OAM authenticator“) by downloading oamAuthnProvider.jar from OTN (Oracle Technology Network)

.

a) oamAuthnProvider.jar: Includes files for both the Oracle Access Manager Identity Asserter for single sign-on and the Authenticator for Oracle WebLogic Server 10.3.1
b) oamauthenticationprovider.war: (optional component) Restricts the list of providers that you see in the Oracle WebLogic Server Console to only those needed for use with Oracle Access Manager. (This application is required “only if” you wish to restrict weblogic console to see only two authentication provider in weblogic)
 

c) oamcfgtool.jar: (optional component) – is script that automates creation of the Oracle Access Manager form-based authentication scheme, policy domain, access policies, and WebGate profile for the Identity Asserter for single sign-on.  For more information on oamcfgtool.jar click here  – You can configure all steps (as done by oamcfgtool.jar) manually too.

.

More on OAM Identity Assertion for Single Sign-On   &  OAM Authenticator  coming soon.

Related Posts for Learn WebLogic with Us


  1. Oracle WebLogic Installation Steps
  2. Domain , Administration & Managed Server, Cluster in Oracle WebLogic
  3. Create Domain in Oracle WebLogic
  4. Oracle WebLogic Server – Startup/Shutdown
  5. Oracle WebLogic Server 10g R3 10.3 is out now
  6. Deploy Application on Oracle WebLogic Server
  7. Cluster Architecture : Oracle WebLogic Server
  8. Start WebLogic Server on Linux on port 80, 443 <= 1024
  9. JDBC (Java DataBase Connectivity ) in Oracle WebLogic – Overview
  10. WebLogic Server JDBC for Database connection : Step by Step
  11. Security in Oracle WebLogic : Realm, Security Provider, Authentication, Authorization, Users
  12. Deploy ADF application to Oracle WebLogic Server
  13. Node Manager in Oracle WebLogic Server
  14. Configure Oracle HTTP Server infront of Oracle WebLogic Server mod_wl_ohs
  15. How to install weblogic server on 64 bit O.S. (Linux /Solaris) ?
  16. Oracle WebLogic Login Issue : Password is not correct (Password Lock Policy)
  17. Oracle WebLogic Server : Node Manager in nutshell
  18. Certification : 1Z0-108 Oracle WebLogic Server 10g System Administrator Certified Expert
  19. How to integrate WebLogic with Oracle Internet Directory for Login : Authentication
  20. opatch, adpatch and now “smart update” (BSU) to apply weblogic patches
  21. Disater Recovery documentation for Oracle WebLogic Server 11g (Fusion Middleware)
  22. Authentication Providers in #WebLogic – Oracle Access Manager Identity Assertion for Single Sign-On and OAM Authenticator
  23. Error while starting WebLogic Server : java.lang.NumberFormatException: null
  24. #WebLogic startup prompting from username password : boot.properties
  25. BEA-000286 : Failed to invoke startup class “JRF Startup Class” oracle.jrf.wls.JRFStartup
  26. WebLogic Kerberos (SSO) Authentication Issue : Error 401 Forbidden : No Configuration was registered that can handle the configuration named com. sun. security. jgss. krb5. accept
  27. How to reset Lost Oracle WebLogic Password for Fusion Middleware Applications
  28. Oracle WebLogic Server Certification : 1Z0-108 Practice Question and Dumps
  29. WebLogic Startup fails with Unable to obtain lock on Server may already be running
  30. Oracle Weblogic 12c Launch : Attend online on 1 Dec 2011
  31. Oracle WebLogic 12c (12.1.1) is now available to download
  32. How to Install WebLogic 12C (12.1.1) on Mac
  33. Oracle #WebLogic Server 12c : SE vs EE vs Suite License Options
  34. SSL in WebLogic (CA, KeyStore, Identity & Trust Store) : Things you must know – Part I
  35. SSL in WebLogic Server – Part II : Create KeyStore, generate CSR, Import CERT and configure KeyStore with WebLogic
  36. WebLogic Admin Server Start-up hanging at “Initializing self-tuning thread pool”
  37. Error in WebLogic Clustering : socket MaxMessage Size Exceeded Exception
  38. Changed or New Features in WebLogic 12.1.2
  39. WebLogic SSL configuration : Inconsistent security configuration Cannot convert identity certificate
  40. Dynamic Cluster in WebLogic 12.1.2 : New Features in WebLogic 12c
  41. Identity Propagation between two WebLogic Domains : Cross Domain Security VS Global Trust
  42. WebLogic Admin Server Start Up hangs at ‘Log Management’ BEA-170019 IIOP subsystem enabled
  43. Security:090294 could not get connection javax. net. ssl. SSLKeyException FATAL Alert BAD_CERTIFICATE – A corrupt or unuseable certificate was received
  44. WLST connecting to WebLogic Admin Server failed : Bootstrap to [IP:Port] failed. It is likely that the remote side declared peer gone on this JVM