Identity and Access management

Setting up the Environment: It is assumed that Peoplesoft Pre-built VM is used and configured. Peoplesoft is up and running. OAM 11gR2 PS3 is up and running. OHS is protected by OAM webgate and can be reverse proxied to Peoplesoft. To setup the Application designer navigate to the '/opt/oracle/psft/pt/tools_client/' location in the VM. Download the folder on local machine where Application Designer needs to be installed. Install the oracle client and put tnsnames.ora <client_home>\product\12.1.0\client_1\network\admin location. Navigate to the folder and run 'setupPTClient.bat  -t -l' to install the application designer. Navigate to 'C:\PT8.55.06_Client_ORA\bin\client\winx86' and run pside.exe to start the application designer. DB name in this case is 'PSHCMDB and userid/pwd is PS/PS. Configuration on PeopleSoft: Login to the Peoplesoft console http://<host_name>:8000/psp/ps/?cmd=start using credentials PS/PS. Click on

Oracle Access Manager can act as Identity Provider or Service Provider based on requirement.I configured a use case where one OAM is acting as IDP and another one acting as SP. High level steps  are as below:  Download the IDP OAM metadata by accessing the below URL: http://<IDP-OAM>:14100/oamfed/sp/metadata Note that metadata consists both IDP and SP in one file. While importing IDP metadata remove SP metadata from the file. Login to the SP OAM console and  click on federation. Click on Service Provider Management. Import the Idp metadata. Click ‘Create Authentication Scheme and Module’ to create the scheme and module. Now Login to Idp VM and import the Service provide metadata. Remember to modify the metadata to contain only Service Provider metadata. Provide the NameID Value as mail. Access any application protected by SP OAM and it will redirect to the IDP -OAM.

   Oracle Identity Cloud Service i s the next generation comprehensive security and identity platform that is cloud-native and designed to be an integral part of the enterprise security fabric, providing modern identity for modern applications.  IDCS is a cloud-based identity management system that works by associating specific rights and restrictions with each user’s established identity. User provisioning, access control, and directory services are critical components of Oracle’s cloud-based security portfolio. Oracle Identity Cloud Service has been designed to meet the needs of organizations in a number of typical use-case scenarios, such as the cloud (allowing both on-premise and cloud resources to be secured from a single set of controls), mobile access (providing sign on for native or browser-based apps), employee-facing intranet and customer-facing extranet solutions.  Key Features: Oracle Identity Cloud Service provides the following functionality, licensed and en

Application Module tuning is a critical setting which will affect the UI performance. Following are the recommended application module settings for OIM and these are already set out-of-box (OOB) in later releases of OIM 11g R2. Ensure that these settings are implemented as recommended in your environment. -Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -Djbo.recyclethreshold=60 - Djbo.ampool.timetolive=-1 -Djbo.load.components.lazily=true - Djbo.doconnectionpooling=true -Djbo.txn.disconnect_level=1 - Djbo.connectfailover=false -Djbo.max.cursors=5 - Doracle.jdbc.implicitStatementCacheSize=5 - Doracle.jdbc.maxCachedBufferSize=19 open DOMAIN_HOME/bin/setDomainEnv.sh file for the WebLogic Server instance.find these lines: JAVA_OPTIONS="${JAVA_OPTIONS}" export JAVA_OPTIONS and change it to: JAVA_OPTIONS="-Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -D