Friday, June 26, 2015

Oracle Identity and Access Management 11.1.2.3 HA install


Oracle Identity and Access Management 11gR2 PS3 (11.1.2.3) Enterprise Deployment using Manual installation

Following whitepaper describes the procedure for an HA install of Oracle Identity Manager  and Oracle Access Manager version 11.1.2.3

http://www.oracle.com/technetwork/database/availability/maa-deployment-blueprint-1735105.pdf

Friday, June 12, 2015

OIM 11gR2 PS2 (11.1.2.2) session timeout configuration

FYI, the session timeout configuration steps described in article below work well for OIM 11gR2 PS2 as well. It was tested by one of the readers.


The complete article is available on OTN(Oracle Technology Network)

Sunday, December 22, 2013

Oracle Identity Manager (OIM) 11gR2 Reconciliation Events processing

This blog discusses the concept of reconciliation and sequencing of reconciliation events, functional flow of reconciliation data from an Identity Connector Framework based OIM connector to OIM repository, pros/cons of reconciliation sequencing, available options and the associated limitations. 

The complete article is available on OTN(Oracle Technology Network)

Thursday, October 3, 2013

Enterprise Grade Deployment Considerations for OIM AD connector

A lot of OIM customers deploy Active Directory connector and at times start facing issues with expected functionality and performance in the production environment. This blog aims at providing the necessary best practice recommendations for setting up Enterprise Deployment environment for OIM AD connector.

The complete article is available on OTN(Oracle Technology Network)

Wednesday, September 4, 2013

Flexible Manipulation of Session Timeout for Web Applications of Oracle Identity Manager

Session Timeout configuration and its importance

Session timeout as the name describes, is the time period after which the session object of a web application expires. The timeout period can be a fixed period (Hard Timeout) or, an inactivity period (soft timeout) when user does not refresh or request a page. Once the session has reached the timeout, user is required to re-authenticate to access the web application. Hard Session timeout is a defined timeout period of the session ID irrespective of user activity. If the application has a hard session timeout of say 9 hrs, the user will be asked to re-authenticate after 9 hrs even if the session was used actively.
Hard and Soft session timeout configuration is a security control measure. They protect the user session from security attacks like CSRF, session fixation etc.

There are few ways to configure hard and soft session timeout for applications. We will discuss mainly the soft session timeout configuration for Oracle Identity Manager (OIM) version 11gR2PS1.

If an application is protected by an Access Management solution, then the application session timeout must be configured through the Access Management tier.

For a standalone application (not using Single Sign On), the (inactivity) session timeout configuration can be done through the application deployment descriptor files (web.xml, weblogic.xml (in case application is deployed in Weblogic Application Server)) or it can be configured using weblogic deployment plan.

In this post we will discuss the session timeout configuration for OIM Web Applications using weblogic deployment plan.


The complete article is available on OTN(Oracle Technology Network)