I’ve got an opportunity to integrate Cisco Prime Service Catalog application 10.1 with Oracle Access Manager 10g. FYI: OAM 10g is not certified with Cisco Prime Service Catalog product for SSO integration.
Here is the requirement:
There are lot of applications in the organizations which are integrated with OAM 10g for SSO. Cisco Prime Service Catalog is another application added to SSO applications spectrum.
Background of Cisco Prime Service Catalog:
Service Catalog Directory Integration simplifies security administration and enhances user convenience and productivity by implementing centralized user authentication and synchronization with an enterprise directory.
This product is capable of talking to External directories for authentication purpose and external products for Single Sign-On purpose. However for SSO, it expects header variables or cgi variables.
Integration Process:
This completes the SSO configuration changes at Cisco Prime Service Catalog application.
Testing:
Access the application URL http://host:port/RequestCenter/ which prompts for authentication configured in policy. Submit the credentials and it will redirect to application home page.
Observations:
While working on this integration, Cisco product was honoring OAM_REMOTE_USER header variable and not REMOTE_USER which was interesting. It may be possible that this header variable name was specified in one of the product configuration files or it is how the product is configured.
Helpful links:
Documentation is here.
I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com