Skip to main content
main-content

Über dieses Buch

This book presents a process-based approach to implementing Oracle’s Identity and Access Management Suite. Learn everything from basic installation through to advanced topics such as leveraging Oracle Virtual Directory and Identity Federation. Also covered is integrating with applications such as Oracle E-Business Suite and WebCenter Content. Pro Oracle Identity and Access Management Suite provides real world implementation examples that make up a valuable resource as you plan and implement the product stack in your own environment. The book and the examples are also useful post-installation as your enterprise begins to explore the capabilities that Identity Management Suite provides.

Implementing an identity management system can be a daunting project. There are many aspects that must be considered to ensure the highest availability and high integration value to the enterprise business units. Pro Oracle Identity and Access Management Suite imparts the information needed to leverage Oracle’s Identity and Access Management suite and provide the level of service your organization demands. Show results to leadership by learning from example how to integrate cross-domain authentication using identity federation, how to allow user self-service capabilities across multiple directories with Virtual Directory, and how to perform the many other functions provided by Oracle Identity and Access Management Suite.

Presents an example-based installation and configuration of the entire Oracle Identity and Access Management Suite, including high-availability and performance-tuning concepts.Demonstrates Identity Federation, Virtual Directory, Fusion Middleware Integration, and Integration with Oracle Access Manager.Introduces concepts such as Split Profiles for Identity Manager, MultiFactor authentication with Oracle Adaptive Access Manager, and Self Service Portals.

Inhaltsverzeichnis

Frontmatter

Chapter 1. Oracle Identity and Access Management Suite Overview

Abstract
Oracle Fusion Middleware products are deployed within WebLogic Server architectures. WebLogic Server provides a scalable environment, allowing the enterprise to deploy and manage Oracle products and Java applications with the ability to access database and messaging services. WebLogic Server operates as the application server tier. The capabilities delivered by WebLogic include clustering, high availability, manageability, monitoring, security, and database integration.
Kenneth Ramey

Chapter 2. Preinstallation Considerations and Prerequisites

Abstract
Implementing Oracle Identity and Access Management Suite or a part of the package to provide application security within an enterprise cannot be properly executed without proper analysis of the current environment and some planning for the future.
Kenneth Ramey

Chapter 3. User and Policy Stores

Abstract
Identity and access management systems are built around a core storage system capable of maintaining user information, roles, policies, and credentials.
Kenneth Ramey

Chapter 4. Oracle Directory Services Installation and Configuration

Abstract
Oracle offers multiple options for Lightweight Directory Access Protocol (LDAP) data storage. Oracle Internet Directory (OID) and Oracle Unified Directory (OUD) both provide storage, and Oracle Virtual Directory (OVD) allows multiple disparate LDAP stores to be presented as a single source.
Kenneth Ramey

Chapter 5. Directory Synchronization and Virtualization

Abstract
Oracle Internet Directory (OID), Oracle Virtual Directory (OVD), and the Directory Integration Platform (DIP) provide Oracle Directory Services with the ability to consolidate user management and integrate with other applications.
Kenneth Ramey

Chapter 6. Oracle Access Manager Installation

Abstract
Oracle Internet Directory (OID) has been installed, and is populated with users from Active Directory. You have configured a synchronization process to ensure account information changes in Active Directory are populated to OID. The benefit to this is that all applications that use OID for authentication and role information continually have the latest user information. Fusion Middleware applications and other Lightweight Directory Access Protocol (LDAP) compatible applications can be configured to authenticate using OID. However, many organizations wish to build on this capability by providing a single sign-on (SSO) environment.
Kenneth Ramey

Chapter 7. Identity Manager Installation

Abstract
In the previous two chapters, you were provided with the instructions for installing and configuring Oracle Internet Directory (OID) and Oracle Access Manager (OAM).
Kenneth Ramey

Chapter 8. Oracle HTTP Server and WebGate Installation and Configuration

Abstract
At this point, all of the required components of Oracle Identity and Access Management Suite that will be needed to provide single sign-on (SSO) with Oracle products and applications. The inclusion of Identity Manager provides the ability to manage users within the Oracle Internet Directory (OID) Lightweight Directory Access Protocol (LDAP) user store. Oracle HTTP Server (OHS) and the Oracle Access Manager (OAM) WebGate represent the web server front end for Oracle applications and products. At its core OHS is an Apache web server with Oracle’s WebLogic module. Combined with the OAM WebGate software, OHS becomes a central location that handles incoming requests, checks for authentication, and allows authenticated users to access the required resources after OAM performs its operations. This chapter covers the installation and deployment of Oracle HTTP Server and the OAM Webgate.
Kenneth Ramey

Chapter 9. Configuring Oracle Access Manager

Abstract
All required components have now been installed. You have created a domain for each of the components in separate Middleware Homes. This simplifies future upgrades and maintenance. After completing this set of operations, the actual components need to be configured and prepared for the actual integrations. The configuration process consists of setting up the components relative to your environment. The following pages discuss how to configure OAM to support single sign-on (SSO) in your environment.
Kenneth Ramey

Chapter 10. Oracle Identity Management Configuration

Abstract
On the Select Component screen, select the Oracle Platform Security Services check box.
Kenneth Ramey

Chapter 11. Oracle Identity and Access Manager Integration

Abstract
This integration provides several benefits, including increased user productivity, increased identity security, and fewer help calls for forgotten passwords or locked accounts.
Kenneth Ramey

Chapter 12. Oracle Identity Management and Identity Stores

Abstract
Many organizations have multiple identity stores to support various business units and processes. These identity stores might be in the form of Lightweight Directory Access Protocol (LDAP)-compatible directories, database tables, or other formats. In many cases, Oracle Identity Manager (OIM) can be used to manage these various directory formats using Oracle Virtual Directory (OVD). Although this book concentrates on using Oracle Internet Directory (OID) as the primary identity store using LDAP synchronization, it is important to consider this configuration as a possible solution when your environment necessitates it. You might also find it useful to configure the LDAP synchronization to use OVD to start with and prepare the environment for multiple data stores.
Kenneth Ramey

Chapter 13. Identity Manager Policy Administration

Abstract
Oracle Identity Manager (OIM) serves a large number of functions for managing an organization’s identity data. By providing a wide variety of tools to assist administrators, managers, help desk staff, and end users in maintaining a consistent and auditable identity, OIM has become a key tool within the enterprise. OIM policies such as password policies, access policies, and approval policies can assist organizations as they push toward increasing efficiency while maintaining tight security. Using the OIM policies, the system can be configured to allow many combinations of user privileges, including the ability to self-register, request new permissions, manage other users, and grant new privileges.
Kenneth Ramey

Chapter 14. Oracle Identity Manager Forms and Customization

Abstract
The use of these tools can eliminate help desk calls and allow faster, more efficient processing of permission requests and on- and off-boarding tasks. These also provide a higher level of security by removing the number of people that must process a request and removing steps in the processes managing accounts. These benefits can be a boon to many organizations, as they can see money saved and increased security. However, out of the box, the many forms available might not meet the look and feel or functionality needs of every organization.
Kenneth Ramey

Chapter 15. Integrating Access Manager with E-Business Suite

Abstract
In an effort to increase user productivity while maintaining a high level of security, Oracle Access Manager (OAM) enables single sign-on (SSO) capabilities, tying these products together so that users are not prompted to log in throughout the day as they move from one application to another.
Kenneth Ramey

Chapter 16. Troubleshooting and Common Issues

Abstract
You have followed Oracle’s documentation to ensure that your environment meets a certified environment. Your operating system (OS) is up to date and the system requirements have been met. You run the installation software and things are looking good. All of a sudden the installer seems to hang. In the words of Douglas Adams, “Don’t panic.”
Kenneth Ramey

Backmatter

Weitere Informationen

Premium Partner

    Bildnachweise