Oracle Adaptive Access Manager (OAAM) for beginners

Oracle Adaptive Access Manger  is an Access Management product from Oracle Access Management Suite Plus (other products from Access Management Suite plus are OAM, OES, OIF, eSSO, OpenSSO Fedlet, OWSM, and STS ).  To know more about OAAM check Mahendra’s post and for OAAM version 11.1.1.5 my previous post here. For list of all Oracle Identity and Access Management products click here

This post covers OAAM 11g R1 (11.1.1.*) for beginners and highlight overview of OAAM installation, configuration, and accessing OAAM for first time .

 

1. OAAM 11g is a J2EE application deployed on Oracle WebLogic Server. If you are new to Oracle WebLogic Server then check  WebLogic Domain, Admin Server and Managed Server

2. OAAM 11g includes two components
a) OAAM Online : For Real-time risk analysis
b) OAAM Offline : For offline risk analysis

3. OAAM is part of Identity and Access Management software (IAM) same software that contains OAM, OIM, OES, and OIN .

4. OAAM’s deployed applications for OAAM 11g are

a) OAAM Server: OAAM Server is a run-time component that includes rules engine and end user interface flows deployed on WebLogic Managed Server. OAAM server provides Adaptive Risk Manager, Adaptive Strong Authenticator, Web Services etc.

b) OAAM Admin Console : Administration console (Web Application aka OAAM Admin) that contains customer service and security analyst case management functionality.

 

High Level Installation Steps for OAAM 11g:

1. Install Database for OAAM schema
2. Use RCU  to load OAAM schema


3. Install WebLogic Server, for 64 bit O.S. use steps mentioned here

4. Install Identity and Access Management Software as mentioned here  (Steps here are for 11.1.1.3. Use same steps but install version 11.1.1.5 Note: 11.1.1.5 is latest OAAM version as of May 2012)

5. Configure OAAM by running $MW_HOME/oracle_common/common/bin/config.sh

  • when prompted for schema name, provide schema details creating using RCU

 

  • OAAM configuration in online mode will create Admin Server and two Managed Servers (one for OAAM Admin Server and second for OAAM Server)


6. Start Node Manager, Admin Server, and Managed Servers (Do Not forget to set StartScriptEnabled=true in nodemanager.properties)

7. Create User for OAAM and add user in OAAM* group (to grant OAAM Role) using WebLogic Console

8. Access OAAM Admin Console http://host:OAAMAdmin_ManagedServer_port/oaam_admin


9. Access OAAM Server http://host:OAAMServer_ManagedServer_port/oaam_server

 

About the Author Masroof Ahmad

Leave a Comment:

6 comments
avinash says May 30, 2012

Hi Atul, I have installed/configured the OAAM admin server and OAAM server. I creatd the users as mentioned but oaamadmin just lets me log in the oaam_admin server and not on the oaam_server server. It keeps me showing the same login page time and time again.

Any inputs ?

Reply
David Richardson says August 12, 2012

Reply to Avinash’s Question:

On the initial login to the OAAM Server for any user, one must first register by entering the password “test” and then you will be walked thru a series of configuration steps to setup your “virtual authentication device” and to create and answer 3 authentication challenge questions.

hth,
David

Reply
avinash says August 13, 2012

Thanks for the reply David. You mean to say that the oaam_server also lets us log in ? I have the users created in the weblogic ldap as oaamadmin. This helps me log into oaam_admin server to manage policies and all.

what you’ve said above is the series of steps that I would have to encounter while I am accessing an application protected by OAM enabled OAAM. isnt it ?

Reply
» OIM 11g Challenge Questions – Everything you must know Online Apps DBA: One Stop Shop for Apps DBA’s says October 16, 2012

[…] & Access Management Suite) also provides rich set of challenge questions, more on OAAM here, Knowledge Based Authentication (KBA) in OAAM here […]

Reply
Heena Bansal says June 11, 2017

I am getting invalid sign in for new users in oaam admin console.
I have given all the rights as mentioned above yet i am facing the issue.
Kindly suggest.

Reply
    Atul Kumar says August 22, 2017

    If you have enabled OAAM policies then it must be one of them, best is to check OAAM managed server log file.

    Reply
Add Your Reply