OIF is a federation product from Oracle which can act as both Identity Provider (IdP) or Service Provider (SP). More on Federation basics IdP/SP here

  • OIF come with authentication engine (LDAP, OAM, OSSO, Database, InfoCard, JAAS… ) and is used when OIF acts as Identity Provider
  • OIF also comes with Service Provider Integration Modules ( OSSO, OAM, Custom SP Engine…)

OAM is a web Single Sign-On product from Oracle and also comes with its own authentication engine and can be integrated with OID for authentication (For OAM 11.1.1.3 integration with OID click here and for OAM 11.1.1.5 integration with OID click here ).

  • OAM and OIF can be implemented on their own alone or integrated with each other.

OAM can be integrated with OIF in one of two mode

1. OAM acting as authentication Engine with OIF: In this OAM-OIF integration, unauthenticated users are redirected to OAM for authentication. OAM authenticates user against its configured LDAP server and creates session in both OAM and OIF. In this mode OIF delegates authentication to OAM and OAM acts as Authentication Provider. To configure this type of integration follow steps here or here

2. OIF acting as authentication Engine (IdP) with OAM: In this integration, unauthenticated users are redirected to Identity Provider of OIF for authentication. OIF (acting as IdP) authenticates user against its configured authentication engine and creates session in both OIF and OAM. In this mode OIF acts as Identity Provider for OAM. To configure this type of integration follow steps here or here

Note : In this type of OAM-OIF integration where OIF acts as authentication engine for OAM, steps are slightly different between OIF 11.1.1.5 and OIF 11.1.1.6 (OIF 11.1.1.6 uses OAM 11g SP Module where as OIF 11.1.1.5 uses OSSO SP Module)

 

More on OAM 11g in my Book at Amazon or Packt Publication