Identity and Access Management, Identity Governance

================================================================================ Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ================================================================================ ==========================

OAM Multi-Data Center configuration (and OIM Multi Data Cener configuration) MDC or Multi-Data Center configuration is supported in 11gR2 PS2 and PS3. It uses T2P tools and utilities to create OAM configurations in each Data Center, one being Master and other its clone. Policies need to be in synch between the two Data Centers. Chapter 7  Using Multi-Data Center in 11.1.2.2 Chapter 17.1 Introducing Multi-Data Center in 11.1.2.3 MDC is supported in 3 configurations Active - Active             Both Data Center are active and provide services to users Active - Hot Standby    Both Data center are active but user requests are not sent to the Hot standby site Active - Passive            Both Data Center are running but only Active site is servicing user requests while the Passive site services are not started. The services in the Passive site can be started in a reasonable amount of time in case the Primary Data Center goes down. Weblogic domains do not span across multi-da

Identity and Access Management Frederick Chong Microsoft Corporation July 2004 Summary:  Fredrick Chong discusses the principles and benefits of Service Oriented Architecture (SOA), specifically as they relate to the technical challenges in identity and access management, and secondarily, to help the reader gain an understanding of the commonly encountered issues in identity management. (20 printed pages) Contents Overview Introduction Anatomy of a Digital Identity Identity and Access Management Framework Challenges in Identity and Access Management Entitlement Management Auditing Conclusions References Overview To date, many technical decision makers in large IT environments have heard about the principles and benefits of Service Oriented Architecture (SOA). Despite this fact, very few IT organizations are yet able to translate the theoretical underpinnings of SOA into practical IT actions. Over the last year, a few individual solution architects on my team have atte

Load Balancer, High Availability, Fault tolerance, Failover capability LOAD BALANCER A Load Balancer is a network device. Load balancer refers to load sharing (i.e. share or distribute the user requests, connections), among individual servers or nodes in a cluster, typically in the same data center, LAN or across different data centers. Aim is to provide continuous services in case of failure of a node in a cluster, share and distribute load, connections between the nodes. So when referring to Load Balancer it could provide High Availability in the same LAN or data center or across different data centers. (See below note on Load Balancer in Oracle Identity Management components ) Typical use of Load Balancer is to front-end two or more servers where the Load Balancer device receives the initial request and sends the request to its pool of servers, and returns the server's response to the client. But why would one require to front-end servers with another device in the first p

What is Centralized logout in Oracle Access Manager   LINK http://docs.oracle.com/cd/E25178_01/doc.1111/e15478/logout.htm#CHDDIBGF Oracle discussion on error with logout for application LINK What is impersonation in Oracle Access Manager and what does it provide

Configuring Active Directory authenticator with Weblogic server Original blog from  http://weblogic-wonders.com/weblogic/2010/12/04/configuring-active-directory-authenticator-with-weblogic-server/ LINK Weblogic Server comes with an Embedded LDAP Server which acts as the Default Provider for authentication, authorization and rolemapping.Since authentication is based on JAAS ( Java Authentication and Authorization Service), we can have external providers as well.These providers can be Out Of the Box Providers provided by WLS or Custom Providers which can be plugged in. I’ll discuss that in some other article. These are some of the providers WLS does provide an out of the box provider for Active Directory. These are the steps to configure it. Step 1) . Open Active Directory Console Step 2) . Create a User Step 3) . Assign it to Administrator Group. This is required as Active Directory gives connection only to Admin User. Step 4) . Go to Weblogic Server and C