The objective of integrating Oracle Access Manager with BPEL worklist is to provide Single Sign-On for BPEL worklist application. Thus the authentication and authorization part is handled by the Oracle Access Manager.
My environment has: OAM 10.1.4.3, BPEL 10.1.3.4, OSSO 10.14.1, OID 10.1.4.1
It is possible to integration OAM with BPEL worklist in two ways:
1. Direct integration of OAM with BPEL: Check this link.
2. Using OSSO component: First, the BPEL will be integrated with OSSO using the metalink note 753087.1 .
This will be followed by OAM and OSSO integration.
In my environment, OAM, OSSO and OID components are installed on one machine and BPEL is residing on different machine.
Integration Process:
This post does not cover BPEL-OSSO integration as it is straight forward if you follow the metalink note.
As part of the integration process, WebGate to be installed on WebServer (Oracle HTTP Server) where OSSO is running. When you integrate OAM-OSSO-BPEL, the integration flow happens as explained below.
Notes:
I had used this OSSO approach as the BPEL worklist is residing on AIX server and direct integration requires Access Server SDK component which is not present for AIX machine.
Observations:
The worklist application URL should ***NOT BE*** protected in OAM policy domain.
I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com