How to integrate Oracle identity Federation with Oracle Access Manager

Similar Messages

• Integrating Oracle Identity Federation with homegrown SSO solutions

  Hello,
  We are trying to integrate Oracle Identity Federation with a home grown SSO solution.
  The OIF FAQ document mentioned that Oracle provides programmatic interfaces to achieve this.
  But I did not find any javadocs / samples on how this can be done.
  Can anybody throw some insight into this..
  Thanks

  Hi Easwaran,
  You need to upload the SAML 2.0 IdP/SP metadata for the peers you want to federate with. OIF will verify the metadata and add the peers in its Circle of Trust as IdP or SP depending on the metadata upoaded. If the peer is going to play both IdP and SP roles, you need to upload both the metadata files.
  Similarly, in case you need to provide the peer your metadata, OIF makes this available at http(s)://host:port/fed/idp/metadatav20 (SAML 2.0 IdP metadata) or http(s)://host:port/fed/sp/metadatav20 (SAML 2.0 SP metadata) as required.
  -Vinod

• How to integrate Microsoft Exchange Server with Oracle 11i EBS

  Hello
  Can Microsoft Exchange Server be integrated with Oracle??
  If yes then HOW ??
  Regards
  Fahad

  I have been with 2 clients that have used Exchange Server 2003 for processing Workflow Notifications for multiple 11.5.10.2 with ATG.H RUP 4 instances. I have found that Exchange will frequently take 4 hours to send notifications and 2-4 hours to process notifications that are replied back to it. Outbound messages generally fail with 451 Timeout waiting for client input errors, but finally send after about 4 hours. If you doing a live demo that needs to make use of Workflow Notifications, plan on waiting and waiting and waiting...

• How do I connect to internet with vz access manager for iphone 4S?

  I have VZ Access Manager on my laptop and want to use it to connect to internet on my new iphone 4S.  How do I do this?

  If you can set up an Ad Hoc wireless network from your laptop, you could use it that way. Once again VZ Access Manager will not enter into the sharing part.
  Plug these search terms into Google:
  set up an ad hoc network
  You'll find lots of instructions.
  Best of luck.

• How to integrate crystal report(CR4E) with oracle JDeveloper 10

  Hi All,
        I was made crystal report in crystal report for eclipse in that i implemented .rpt & .JSP file it is working fine in CR4E
  .I was Copied that  file in JDeveloper 10 with its Library from JRC component while, running this page with passing parameter showing error in the page and without passing parmeter it is running it shows report
  can any one  please help me in this matter how to integarte crystal report in oracle JDeveloper 10 .or give me any Tutorial link that can help to solve these problem
  ITS URGENT PLZ help me
  Sinceraly,
  Amol

  It might help if you indicate what error you're seeing.
  Note that the JRC isn't Eclipse specific - it's a 100% pure Java solution.
  Sincerely,
  Ted Ueda

• How to integrate Microsoft Active Dirdcotry with Oracle Intennet Directory

  Hi ,
  We have Microsoft Internet Directory. For new application user want to authenrticate using Windows UserId and Password instead of having a new set of password. How can we set up Micsofot Active Directory and OID so that user don't have to login using Signle Sign On. It will automatically access the windows userid and password. Also implement the expired password and that kind of stuff ?
  Database is On Hp-UN Oracle 9i
  Apps server on windows 2000 Oracle 9iAS 9.0.2 with infracsturuture
  Microsoft Active Directory.
  What needs to be set up in orader to set up OID ?
  Any help greatly appreciated.
  Thanks.

  Chetan,
  please, please, please read the OID doucumentation on this. Don't give me the impression that I am supposed to save you from reading ;-). Also, there is an OID forum here on OTN that answers OID specific questions.
  Frank

• How to deploy Portal to Oracle identity Federation 10.2.0.4 ?

  AIX5.3 Oracle iAS 10.2.0.2, 10.2.0.4
  Oracle Identity Federation 10.2.0.4 was installed successfully.
  How can i deploy portal of 10.2.0.2 to it`s instance ?
  Simple installation of Portal into instance has no result.
  Help please.

  AIX5.3 Oracle iAS 10.2.0.2, 10.2.0.4
  Oracle Identity Federation 10.2.0.4 was installed successfully.
  How can i deploy portal of 10.2.0.2 to it`s instance ?
  Simple installation of Portal into instance has no result.
  Help please.

• Oracle Identity Federation or Microsoft ADFS

  Hi,
  There are two companies A & B having an isolated infrastructure. Currently we have an architecture where Company A is providing OAM-IWA based SSO functionality for its own users and not for Company B users. If Company B also wants to avail the benefits of IWA/SSO for an application hosted in Company AS what should they do? Please advise-
  1. Implement Microsoft ADFS? Company B may not like it because they think ADFS might expose confidential attributes to Company A?
  2. Implement Oracle Identity Federation? How will that fit in if we have OAM in place? Can OAM authenticate half of the user base and OIF do the rest? Pls advise
  3. Implement OVD? I am not sure if OVD can authenticate userbase against AD credentials?
  Pls let me know.
  Thanks,

  Since company A and B have isolated infrastructures, I assume they are separate companies and on separate networks, with the internet as the network that will allow users from company B to access the application hosted by company A. And I assume the application is a web application.
  First, IWA is a function of the IIS web server and suppported browsers (IE and Firefox) and is independent of OAM or OIF. OAM 10g supports IWA when running a webgate on the IIS web server that is configured to accept IWA authentication. IWA will work on the Intranet, so employees of company A can use IWA to SSO to OAM in their environment. Likewise, if company B has their own deployment of OAM, they can use IWA to SSO their users to their instance of OAM.
  If you deploy OAM 11g, there is no longer a dependency on IIS because OAM 11g support Windows Native Authentication. You can read OAM 11g documentation for details on WNA.
  1) Regarding use of ADFS, I have no comment as I am not familiar with the details of ADFS.
  2) Regarding using OIF, some questions and clarifications
  - Does company B own a web SSO and/or federation product? Do they own OAM? Do they own OIF? If not, they'll need something that speaks SAML or another federation protocol supported by OIF.
  - For company A, you can buy OIF and integrate with OAM, if necessary. Since company A is hosting the application that company B employees want to get to, they would most likely be configured as the service provider/relying party.
  - For company B, you can buy OIF and integrate with OAM. And OAM can integrate with IWA. So a user could use IWA to seamlessy SSO to OAM and then follow a federation enabled link to company A's app and seamlessy SSO to that as well.
  - There is some integration work to be done here. Specificaly, company B needs to have a way to send its users over to company A so they can import them into company A's app. You need to exchange some metadata and agree on a unique identifier to identify the users. Or if the app works by having company B users access it as a generic user or something, you need to set something up for that (such as passing the generic userID in the SAML assertion).
  - I would probably deploy the app such that there were two entry doors. One door would be for company A's employees and would be internally accessible only and protected by OAM. Then I would have an externally accessible door that relied on OIF SAML and was configured as a relying party for company B's employees.
  3) regarding OVD, I don't see how that is going to help you since each company is on a separate isolated infrastructure.

• Oracle Identity Federation - High Availability

  Hello,
  We are trying to figure out the high availability options supported by the Oracle Identity Federation. While reading the documentation we find it a bit confusing. We read the OIF Administrator Guide here: http://download.oracle.com/docs/cd/E10773_01/doc/oim.1014/b25355/advtopics.htm#CHDBCDFG
  In Section "9.4 High Availability" it said that "Oracle Identity Federation supports the Cold Failover Cluster (CFC) or active-passive high availability configuration,". In the Application Server 10g guide also said the same and explicitly said that the active-active configuration is not supported for the OIF.
  Then in Section "9.5 Setting Up a Load Balancer with Oracle Identity Federation" it explains how to set up a load balancer for the OIF. When it explains this it says that we can have several instances of OIF in different machines, configured with a load balancer. All these instances share the same transient database where the sessions are stored.
  Which is the difference between this load-balancer-based configuration and an active-active high availability configuration? If one node of the load-balancer configuration goes down, the sessions administered by him are lost? That is the difference?
  Thanks!
  Leonardo

  Hi
  I am not very sure about High Availability configuration but for Load balancer as mentioned in the document, You have to have both the instances sharing transient database where sessions will be stored.
  If both the OIF instances are not sharing transient database and you have LB sharing load, It will not work as sessions will be store in memory. So sessions from one OIF instance will not be known and available to the other instance of OIF.
  Thanks
  Kiran Thakkar

• Integrate Single Sign-On with Oracle E-Business Suite Release 12.

  Hi
  How to integrate oracle Single Sign-On with Oracle E-Business Suite Release 12 , give links and ideas about this ,
  Thanks
  Edited by: user12235518 on Feb 19, 2012 10:10 PM

  How to integrate Single Sign-On with Oracle E-Business Suite Release 12 , give links and ideas about this ,Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR1 (11.1.1.5) using Oracle E-Business Suite AccessGate [ID 1309013.1]
  Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On 10gR3 (10.1.4.3) [ID 376811.1]
  Troubleshooting Oracle Application Server 10g SSO and OID with Oracle E-Business Suite Release 12 [ID 380487.1]
  Thanks,
  Hussein

• Error in Oracle identity federation SSO testing

  Hi All
  I need help on oracle identity federation task. Any one please try to give solution for my bug. Am new to this product .Comming to issue am following below mentioned link ( http://www.oracle.com/webfolder/technetwork/tutorials/obe/fmw/oif/11g/r1/oif_tran_map/oif_tran_map.htm#top ) . as per document i created two machines one for Service provider and another one for identity provider. at last am trying to test the SSO between the both SP & IDP one pop up window is appering when i pass the credentials the below mentioned error am getting .
  Error 401--Unauthorized
  From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
  *10.4.2 401 Unauthorized*
  *The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.
  Any one please try to give solution for this bug or else please give me the hints perform my task ( Transient Federations ).

  Hi All
  I need help on oracle identity federation task. Any one please try to give solution for my bug. Am new to this product .Comming to issue am following below mentioned link ( http://www.oracle.com/webfolder/technetwork/tutorials/obe/fmw/oif/11g/r1/oif_tran_map/oif_tran_map.htm#top ) . as per document i created two machines one for Service provider and another one for identity provider. at last am trying to test the SSO between the both SP & IDP one pop up window is appering when i pass the credentials the below mentioned error am getting .
  Error 401--Unauthorized
  From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
  *10.4.2 401 Unauthorized*
  *The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.
  Any one please try to give solution for this bug or else please give me the hints perform my task ( Transient Federations ).

• Oracle Identity Federation

  Hi,
  How to configure Global Logout using Oracle Identity Federation ?
  Please provide the answer in detailed steps, if possible.
  Thanks.

  Not that much to configure really. Look through [this link|http://download-west.oracle.com/docs/cd/B28196_01/idmanage.1014/b25355/configuring.htm#BCGJGEJD].
  -Vinod

• How to use JavaMail 1.4 with Oracle Application Server 10g (9.0.4.0.0)

  Hi all,
  I'd like to know if it's possible and how to use JavaMail 1.4 with Oracle Application Server 10g (9.0.4.0.0), Windows version.
  With the following code, I can see that the mail.jar used by the server is the one included in the jdk installation :
  // I'm testing InternetAddress.class because I want to use commons-email-1.2.jar that requires mail.jar 1.4 (or higher) and activation.jar 1.1 (or higher)
  // and I know that inside the commons-email-1.2.jar file, I need to call the InternetAddress.validate() method that throws a java.lang.NoSuchMethodError: javax.mail.internet.InternetAddress.validate()V if it is used with mail.jar 1.2.
  Class cls = javax.mail.internet.InternetAddress.class;
  java.security.ProtectionDomain pDomain = cls.getProtectionDomain();
  java.security.CodeSource cSource = pDomain.getCodeSource();
  java.net.URL location = cSource.getLocation();
  System.out.println(location.toString());
  This code returns : file:/C:/oracle/app/jdk/jre/lib/ext/mail.jar and this mail.jar file has an implementation version number: 1.2
  - I've tried to include my own mail.jar (1.4.2) and activation.jar (1.1.1) files in the war file that I deploy, but it doesn't work (the server still uses the same mail.jar 1.2)
  - I've tried to put the mail.jar (1.4.2) and activation.jar (1.1.1) files in the applib directory of my OC4J instance, but it doesn't work (the server still uses the same mail.jar 1.2)
  - I know that a patch exists : I've read the following document: How to Make Libraries such as mail.jar and activation.jar Swappable ? [ID 552432.1]
  This article talks about the Patch 6514136, but this patch only applies to : Oracle Containers for J2EE - Version: 10.1.3.3.0
  Can you please help me ?
  Thanks in advance for your answers,
  Laurent

  I strongly suggest to upgrade to AS 10.1.3 to get this.
  Think of future support of AS 9.0.4. You will get not critical patch updates anymore.
  --olaf                                                                                                                                                                                                                                                                                                               

• How can i do the RAC with Oracle 9i ?

  How can i do the RAC with Oracle 9i ?
  The Oracle 9i has a RAC(Real Application Cluster)module , please who can tell me how can i let it working .
  Which hardware the RAC need's
  Thank All ,
  [email protected]

  That is right you need atleast 2 boxes. The two servers will use the same hard disks.
  The concept is an extension of OPS(Oracle Parallel Server).
  Basically, you install Oracle Server Software on both the boxes, One database will be shared by both the servers. You can access your database through the Server1 or Server2. If Server1 fails then the Server2 will take over all the connections. You can add or remove any servers to and from the cluster any time you want with out impacting your production.
  They share load, reliable, scalable....

• Does Oracle OLAP comes with Oracle Database 10g ?

  1.Does Oracle OLAP comes with Oracle Database 10g or do we need seperate software to have this ?.
  2.If I create a Cube with Analytic work space manager the cube is going to be stored in the Database ( meaning the in the table space where OLAP is Stored).
  3. What is the difference between Analtyic work space manager and discoverer For Olap.
  Help is higly appreciated ..
  Thanks, Prasad

  One thing to point out : The OLAP option is a costed database option, so while this is automatically installed and part of your database you do have to purchase additional licenses to use this feature. You will need to check with your Oracle account manager to see if you are actually licensed to use this feature.
  If you have existing 9i OLAP cubes these can be quickly and easily migrated to 10g OLAP and the documentation explains how to do this. However, there are many new features that are part of 10g OLAP that will improve the performance of your data model that will not be enabled as part of a migration process. Based on my experiences it would be quicker and easier (depending on the size of your existing 9i OLAP cubes) to consider rebuilding your data model using these new 10g features. You should be able to export all the dimensions to XML templates from 9i OLAP and import the templates into the 10g schema and reload your dimensions.
  For the cubes you will probably want to consider using partitioning, composites and compression to provide maximum flexibility and performance for your new data model. There is more information on these features within the OLAP documentation and in the many whitepapers and presentations on the OLAP home page on OTN.
  For moving data from SQL Server to 10g OLAP much depends on the nature of the data transfer. If it is a one-off bulk data load then you could consider using the normal MS command line tools to dump the data out and transfer it to Oracle. Alternatively, you could consider using Oracle Data Integrator to manage the extraction of the SQL Server data and the data load process into Oracle 10g relational tables. If you decide to use Data Integrator this will require additional licenses.
  If you can extract the data from SQL Server to flat files you can use Oracle Warehouse Builder (basic ETL is free as part of the 10g database license) to load that flat file data via external tables. Warehouse Builder can also be used to define your OLAP data model (think of Warehouse Builder as a more powerful version of Analytic Workspace Manager) and provides tools to load the data directly into your OLAP dimensions and cubes. You can get more information on managing OLAP data models with Warehouse Builder the Warehouse Builder home page on OTN.
  There are no facilities to modify Discoverer Viewer to add customisations. You can add company logos, modify certain colors and/or hide certain features but it is not possible to add additional features. You may want to consider using BI Beans to provide this type of environment. BI Beans is the development framework used to create Discoverer Viewer. You can create customised JSP pages that look identical to Discoverer Viewer pages with the added benefit of providing your own specific features. You can get more information on the BI Beans home page on OTN.
  Keith Laker
  Oracle EMEA Consulting
  BI Blog: http://oraclebi.blogspot.com/
  DM Blog: http://oracledmt.blogspot.com/
  BI on Oracle: http://www.oracle.com/bi/
  BI on OTN: http://www.oracle.com/technology/products/bi/
  BI Samples: http://www.oracle.com/technology/products/bi/samples/