In todays post I am going to discuss about Oracle Identify Management 10g (10.1.4.0.1).
Source: Oracle Documentation
Oracle Application Server is made up of a middle tier and OracleAS Infrastructure. You deploy and run your applications on the middle tiers. The infrastructure provides services that are used by middle tiers. These services can be shared by one or more middle tiers.
Oracle Application Server 10g (10.1.4.0.1) provides a comprehensive Identity and Access Management solution. The Identity and Access Management Suite includes:
a)Oracle Internet Directory: Provides scalable, robust LDAP V3-compliant directory services implemented on the Oracle Database.
b)Oracle Identity Federation: Provides standards-based, multi-protocol, and cross-domain single sign-on.
c)Oracle Security Developer Tools: Provides a APIs for developing federation and secure web services applications.
d)Oracle Access Manager: Provides a state-of-the-art solution for centralized identity administration and access control.
e)Oracle Identity Manager: Provides a powerful and flexible enterprise identity management system that automatically manages users' access privileges within enterprise IT resources.
f)Oracle Virtual Directory: Provides Internet and industry-standard LDAP and XML views of existing enterprise identity information, without synchronizing or moving data from its native locations.
In addition to the Identity and Access Management Suite, this release provides a revision of OracleAS Infrastructure, which includes the following Oracle Identity Management components and OracleAS Metadata Repository:
a) Oracle Internet Directory: A scalable, robust LDAP V3-compliant directory service implemented on the Oracle Database.
b) Oracle Directory Integration Platform: A component of Oracle Internet Directory designed to perform directory synchronization with third party directory products.
c) Oracle Application Server Certificate Authority: A component that issues, revokes, renews, and publishes X.509v3 certificates to support PKI-based strong authentication methods.
d) Oracle Application Server Single Sign-On (OracleAS Single Sign-On): Provides single sign-on access to Oracle and th ird-party Web applications.
e) Oracle Delegated Administration Services: Provides trusted proxy-based administration of directory information by users and application administrators.
f)OracleAS Metadata Repository: Provides a collection of schemas used by other Oracle Application Server components.
g) Oracle Enterprise Manager 10g Application Server Control Console: Enables you to manage and configure the OracleAS Infrastructure.
Note:1)You can integrate Oracle Application Server 10g (10.1.4.0.1) Identity Management with an existing Oracle Application Server environment that includes:
10g (9.0.4), 10g Release 2 (10.1.2), or 10g Release 3 (10.1.3) middle tier
10g (9.0.4) or 10g Release 2 (10.1.2) OracleAS Metadata Repository
2) You can integrate Oracle Application Server 10g (10.1.4.0.1) Metadata Repository with an existing Oracle Application Server environment that includes:
10g Release 2 (10.1.2) middle tier
10g (9.0.4) or 10g Release 2 (10.1.2) Identity Management
10.1.4.0.1 OracleAS Infrastructure Topologies - Recommended Topologies
1) An Oracle Application Server instance containing all Oracle Identity Management components in one Oracle home.
2)Two Oracle Homes, one containing Oracle HTTP Server, OracleAS Single Sign-On, and Oracle Delegated Administration Services. and the other containing Oracle Internet Directory and Oracle Directory Integration Platform.
3)Three Oracle Homes, one containing Oracle HTTP Server, a second containing OracleAS Single Sign-On and Oracle Delegated Administration Services. and a third containing Oracle Internet Directory and Oracle Directory Integration Platform.
4) An enterprise data center for J2EE applications that uses one of the following methods for user authentication:
OracleAS Single Sign-On
Oracle Access Manager
Oracle Application Server Java Authentication and Authorization Service (JAAS) Provider LDAP
Each of these topologies contains a web tier, an application tier, and a data tier. The three tiers are separated by firewalls.
Oracle Identity Federation Topologies
- An Oracle Identity Federation instance configured with OracleAS Infrastructure so that it is integrated with OracleAS Single Sign-On.
- An Oracle Identity Federation instance configured with OracleAS Infrastructure and Oracle Access Manager
- An OracleAS Cluster (Identity Management) configuration in which two or more Oracle Identity Management instances serve the same content. A load balancer distributes requests equally among the active instances.
- An OracleAS Cold Failover Cluster configuration in which two or more OracleAS Infrastructure or Oracle Identity Management instances serve the same content, but only one instance is active at any one time.
- An OracleAS Disaster Recovery configuration in which a standby site mirrors a production site. During normal operation, the production site handles all the requests. If the production site goes down, the standby site takes over and handles all the requests.
- An active-active topology in which two or more Oracle Access Manager instances serve the same content. A load balancer distributes requests equally among the active instances.
- An OracleAS Cold Failover Cluster configuration in which two or more Oracle Identity Federation instances serve the same content, but only one instance is active at any one time.
- OracleAS Cold Failover Cluster or Real Application Clusters configurations for OracleAS Metadata Repository.
10.1.4.0.1 OracleAS Infrastructure with Existing 10.1.2 or 10.1.3 Environments
10.1.2 or 10.1.3 Middle Tiers: Configure a 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) middle-tier instance to use a new 10g (10.1.4.0.1) OracleAS Infrastructure.
This topology also supports associating a 10g Release 2 (10.1.2) or 10g Release 3 (10.1.3) middle-tier instance with a new 10g (10.1.4.0.1) Oracle Identity Management for the following scenarios:
Moving to a new host
Creating a failover environment
Moving applications from a test environment to a new production environment