How to authenticate OAM 11g resource against OVD 11g

A common requirement that many of the customers would ask for is to Protect ApplicationA against OID, Protect ApplicationB against Sun LDAP and so on. OAM 11g provides the flexibility allowing authentication for multiple resources against different repositories.I conceive this as greatest advantage of OAM 11g over 10g. In case if you are asked to integrate OVD 11g with OAM 11g then you come up with following scenarios:

  1. Whether to authenticate a specific set of resources against OVD or
  2. Protect the OAM application itself against the OVD.

Both of them are two different requirements and I would like to explain the procedure to implement 1st scenario.

The process is as follows:

  1. In my case the OVD has OID as backend. So I have created OID Adapter  in OVD Console as shown in series of screenshots below.
  2. At this point we now have all the OID users visible in OVD too.
  3. Create a new User Identity Store with Store Type as OVD: Oracle Virtual Directory as shown below.
  4. Create OVD Authentication Module pointing the newly OVD created user identity store as shown below.
  5. Create a new Form Authentication Scheme pointing OVD authentication module as shown below.
  6. Specify the OVD Authentication scheme in Authentication Policy as shown below.

The process is complete. Now we are good to go with testing http://apache_hostname:8444/private/protected.html protected resource which gets authenticated against OVD.

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

4 comments
Add Your Reply