Identity and Access Management, Identity Governance

Oracle Webcast on OES server with Questions/Answers  https://blogs.oracle.com/cloudsecurity/oracle-entitlements-server-oes-11g-webcast-qa Oracle Entitlements Server (OES) 11g Webcast Q&A By:  Guest Author We recently  announced  Oracle Entitlements Server (OES) 11g. OES externalizes authorization policies from applications eliminating the complexity of building authorization inside applications. By decoupling authorization policy evolution from the application lifecycle, OES does for authorization what Single Sign-On did for authentication. In our recent  July 14 webcast on OES 11g , we dug deeper into some of the new capabilities and design themes in OES 11g.  Thanks to everyone who joined our webcast. We have captured answers to the questions asked for your reference. What is new in OES 11g? OES 11g introduces several breakthroughs in externalized authorization management. 1)  Real-time External Authorization  e nsures minimal latencies in mission-critical deployment

How to check your machine's processor architecture and Operating System on a linux host You can check your linux host computer processor is 32-bit or 64-bit and whether your Operating System is 32 or 64 bit. A 32 bit processor can only address 2^32 =  4,294,967,296 of RAM or 4 GB RAM. There are various ways you can find this information in linux as given below. (1) Here is one line c program that finds your machine's architecture.  #include int main(void) {    printf("%d\n", _WORDSIZE);    return 0; } It compiles on gcc compiler, ( gcc wordsize.c ) see below in screenshot. You can run the compiled executable a.out as shown in the  first screenshot, its output is 64.  (2)  Unix command uname -p, gives the machine architecture type or the cpu type.  (3) getconf command provides what is the bit version of the Operating System, e.g 32-bit or 64 bit   (4) lscpu command provides both, the Architecture as well as CPU modes as shown below.  lscpu command

Oracle Identity and Access Management 12cPS3 version has been released and available as of August 31, 2017. Here is the announcement from Oracle . (Update May 2020, 12.2.1.4 documentation is available here ) Note: In 12cPS3 version, Oracle Identity Manager (OIM) and Oracle Identity Governance terms are synonymous and are used interchangeably. See note on WebGate in 12c version ------------------------------------------------- In Oracle Identity Governance OIG 12.2.1.4.0 onwards, SSO can be enabled using SAML2. Also, any other IDP that supports SAML2 can be used as well for configuring SSO login flow. Update May 2020, Bundle Patch for OIM 12.2..1.4 is now available Summary of Certified Fusion Middleware Component Bundle Patches, PSU or CPU Fixes to Apply for Oracle Identity Manager 12.2.1.4 + Installations ( Doc ID 2636209.1 ) Details for the steps are provided here :  https://docs.oracle.com/en/middleware/idm/identity-governance/12.2.1.4/omadm/configuring-sso-providers-o

Complete Integration of OAM, OIM and OAAM Here is the Integration Roadmap steps Number Task Information 1 Verify that all required components have been installed and configured prior to integration. LINK     2 Integrate Access Manager and Oracle Identity Manager. LINK   Integrate OAM, OIM 3 Configured LDAP synchronization for Oracle Identity Manager. LINK 4 Integrate Access Manager and Oracle Adaptive Access Manager. LINK   Integrate OAM, OAAM 5 Set up the integration between OIM and OAAM LINK   Integrate OIM, OAAM 6 Perform additional configuration that you may need depending on your requirements. LINK Oracle OBE Link for OAM and OIM integration with all steps explained Oracle OAM and OAAM integration Integration OIM and OAM - includes pre-requisites What are the advantages of OIM and OAM integration Users can create and reset th

OAM 11gR2PS3 comes with the Adaptive Authentication services that provides multi-factor authentication capability . (second factor authentication is an example of multi-factor authentication) In earlier to OAM 11gR2 versions, one had to separately install OAAM product to get the Adaptive Authentication services/functionality, read here . However with 11gR2 PS2 and now in PS3 versions OAM includes the Adaptive Authentiation service. What is Adaptive Authentication Service? This services comes as part of the OAM since 11gR2 PS2. It provides the OTP (One Time Password) authenticator functionality. What does Adaptive Authentication Service do? It provides two factor authentication or rather multifactor authentication. For example, the Adaptive Authentication Service provides the second authentication, in addition to username/password that is already provided by OAM. Oracle Adaptive Access Manager helps organizations prevent fraud and misuse by strengthening existing authentication

This post provides the flow and steps for Oracle Access Manager (OAM) integration with Oracle WebLogic server - this is the integration of OAM with any protected application deployed on Web Logic server. This pattern is followed for all Oracle Fusion Middleware products (Oracle Identity Manager, Oracle SOA Suite, or Oracle Web Center etc) authentication with OAM. This is the core of how Single sign on works with Oracle Access Manager . The two important ingredients that make the sso happen are the OAM_REMOTE_USER Http Header and the OAMAuthen cookie. Http is the medium of transfer of data flow between all the components here - OAM, WebGate, WebLogic server, Application and lastly the user's browser. The user authentication information is carried in the Http Header. In essence,  OAM authenticates a user to an application deployed on the WebLogic server using the Identity Asserter function . Below is the steps in this process ( LINK to Oracle doc )    ( OAM single sign-on, authn p

Follow below steps to unlock OAAM Oracle Adaptive Access Manager account ( Discussion in Oracle forum ) First try to update the password using EM Oracle Enterprise Manager. All OAAM instances, managed and admin server should be shutdown before you use EM to update the password If this does not resolve then follow below steps  Update the password in the database to ensure you begin with a known/correct password Update the password in the Weblogic Admin console/Service/Data Sources for all the 3 OAAM related data sources. Shutdown all OAAM servers- admin and managed Now login to the database using the OAAM db password. This step ensures now you know are logging into the db account with correct credentials Restart the OAAM Admin server - monitor the oaam db account connection with sql developer in weblogic Restart the OAAM Managed server - monitor the oaam db account connection with sql developer in weblogic

What is Gartner's Magic Quadrant? How to use Gartner's Magic Quadrant? Gartner's Magic Quadrant ( LINK )   is a tool that one can use in researching a particular vendor offering in an industry. Gartner researchers publish their reports on key players and their product/service in four different areas- Leaders, Challengers, Niche Players and Visionaries and across two dimensions, Ability to Execute, Completeness of Vision. Gartner defines it as a research methodology provides a graphical competitive positioning of four types of technology providers in fast-growing markets: Leaders, Visionaries, Niche Players and Challengers. The four quadrants are represented as in a graph showing 4 areas divided by the x and y axis as shown below. The areas are shown as I, II, III, and IV. These four areas match to the Leader, Challenger, Niche Players and Visionaries. Here is a good overview of Gartner Magic Quadrant.                     Leaders Quadrant  execute well against thei