This post covers the steps for Integration of Oracle Access Manager with Oracle Identity Manager.
The objective of this integration is to protect the Oracle Identity Manager User Administration Console using Oracle Access Manager.
The authentication scheme used in this Post is Form Based authentication. The other schemes such as Basic Over LDAP, Certificate and Custom are also possible but are not covered in this post.
In this case, OIM is deployed in Oracle Application Server and hence this post will cover only configurations required for OAS as part of this integration.
During the time of installation of Oracle Identity Manager, we would select Default Mode generally, wherein the OIM will handle the authentication by itself. The other option available is Single sign-on mode, wherein the OIM looks for a header variable passed by external authentication system (it is OAM in our case).
The architecture is as given below.
The integration flow is explained below:
<web-client> <Authentication>Default</Authentication> <AuthHeader>REMOTE_USER</AuthHeader> </web-client>
<web-client> <Authentication>SSO</Authentication> <AuthHeader>SSO_HEADER_NAME</AuthHeader> </web-client>
Test the integration:
Access the OIM console i.e., http://host:port/xlWebApp and you will notice the Form page is displayed for entering the credentials. Enter the login details and see if the logged in user shown on Right side is the actual user logged in.
You can observe that the Logout link vanishes after OAM-OIM integration. This is because OIM will be expecting the Logout page specification from OAM as it is already integrated for SSO configuration. I will cover this part in the next post.
I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com
Find Us On