This blog discusses the concept of reconciliation and sequencing
of reconciliation events, functional flow of reconciliation data from an
Identity Connector Framework based OIM connector to OIM repository, pros/cons
of reconciliation sequencing, available options and the associated limitations.
The objective of this blog is to provide use-case driven information. The blog may have references to product documentation or other existing information on the product, wherever applicable, as the intention is not to repeat any information that is already covered in detail in other sources. The posts have been developed based on my exposure to some of the challenging and interesting OIM requirements that customers have.
Sunday, December 22, 2013
Thursday, October 3, 2013
Enterprise Grade Deployment Considerations for OIM AD connector
A lot of OIM customers deploy Active Directory connector and
at times start facing issues with expected functionality and performance in the
production environment. This blog aims at providing the necessary best practice
recommendations for setting up Enterprise Deployment environment for OIM AD
connector.
The complete article is available on OTN(Oracle Technology Network)
Wednesday, September 4, 2013
Flexible Manipulation of Session Timeout for Web Applications of Oracle Identity Manager
Session Timeout configuration and its
importance
Session timeout as
the name describes, is the time period after which the session object of a web
application expires. The timeout period can be a fixed period (Hard Timeout) or,
an inactivity period (soft timeout) when user does not refresh or request a
page. Once the session has reached the timeout, user is required to
re-authenticate to access the web application. Hard Session timeout is a
defined timeout period of the session ID irrespective of user activity. If the
application has a hard session timeout of say 9 hrs, the user will be asked to
re-authenticate after 9 hrs even if the session was used actively.
Hard and Soft
session timeout configuration is a security control measure. They protect the
user session from security attacks like CSRF, session fixation etc.
There are few
ways to configure hard and soft session timeout for applications. We will
discuss mainly the soft session timeout configuration for Oracle Identity
Manager (OIM) version 11gR2PS1.
If an application
is protected by an Access Management solution, then the application session
timeout must be configured through the Access Management tier.
For a standalone
application (not using Single Sign On), the (inactivity) session timeout
configuration can be done through the application deployment descriptor files (web.xml,
weblogic.xml (in case application is deployed in Weblogic Application Server))
or it can be configured using weblogic deployment plan.
In this post we will discuss
the session timeout configuration for OIM Web Applications using weblogic
deployment plan.
The complete article is available on OTN(Oracle Technology Network)
Subscribe to:
Posts (Atom)