This post covers everything you must know about Auditing in Oracle Entitlement Server (OES) . With auditing enabled ON in OES, you can get information like who did what, when, how (Policy Modification, GRANT/DENY of resource etc ) 1. Auditing in OES is based on Fusion Middleware Audit Framework and is DISABLED by default. 2. OES consists of OES Administration […]
Read MoreOracle Entitlement Server (OES) is a fine grained Authorization Server from Oracle (acquired from BEA’s Aqualogic Entitlement Server) where you define Policy for an application that covers all application resources that must be protected. OES Security Module (OESSM) acts as Policy Enforcement Point (PEP) and can also act as Policy Decision Point (PDP) . How to identify […]
Read MoreWhen you install Oracle Entitlement Server (OES) and login to OES Policy Administration Console (http://WebLogicAdminHost:AdminPort/apm), you use user weblogic created during OES domain configuration. OES by default uses WebLogic’s Servers embedded LDAP Server to login to OES Administration Console (/apm). This post covers steps to integrate OES with external LDAP server (OID) so that user […]
Read MoreAfter installing OES Server, configuring OES Server, and installing OES client next task is to configure OES client (Security Module). This post covers things you must know before you configure OES Security Module (SM). To know more about OES Security Modules click here Things you must know before you configure Security Module (Client Software) 1. OES […]
Read MoreThis is part III of Oracle Entitlement Server & Client (Security Module) 11gR2 installation and Configuration, For Part I Install OES Server click here , For Part II Configure OES Server click here After installing & configuring OES Server (server side component), next step is to install & configure OES client side component i.e. Security Modules (SM) . This […]
Read MoreOracle Entitlement Server (OES) is a fine grained autorization software from Oracle. For OES there is server side component (installation steps here ) and client side component called as Security Module. OES server component is part of Oracle Identity & Access Management (IDAM) software where as OES Security Module (client side component) is available as separate installer […]
Read MoreThis is part II of Oracle Entitlement Server & Client (Security Module) 11gR2 installation and Configuration,For Part I of this series click here After installing software (JDK, WebLogic, Identity & Access Management), next step is to configure WebLogic domain that will host Oracle Entitlement Server (OES) Administration Console (a.k.a. Authorization Policy Manager – APM) . Note: […]
Read MoreThis is part I of Oracle Entitlement Server/Client (Security Module) 11gR2 (11.1.2) installation and Configuration Series. Oracle Entitlement Server (OES) is a fine grained authorization engine from Oracle and is part of Oracle Identity Management Suite. For High Level installation Steps of Identity Management 11gR2 click here For Oracle Identity Management 11gR2 documentation click here and for […]
Read MoreIn our OES 10g environment there is an application policy xml which is around 2 MB size containing around 35k lines. So it is a nightmare to edit the xml for any attributes or policies for syntax issues. However there are editors such as Eclipse to validate the xml document which may not produce expected […]
Read MoreThe requirement is to add an authorization policy for permissions (containing Roles + LDAP Groups) for a resource against an action. I have exported the policy XML from the OES using policyIX.sh and tried updating the authorization policy. The ATZ policy XML block will be as shown below: <xb:authorization_policy_entry> <xb:policy_effect value=”grant”/> <xb:policy_actions> <xb:policy_action_entry value=”MyAction”/> </xb:policy_actions> […]
Read More