Skip to main content

OAM as IDP and SP (2 OAM PS3)

Oracle Access Manager can act as Identity Provider or Service Provider based on requirement.I configured a use case where one OAM is acting as IDP and another one acting as SP. High level steps  are as below: 

 Download the IDP OAM metadata by accessing the below URL:
http://<IDP-OAM>:14100/oamfed/sp/metadata

Note that metadata consists both IDP and SP in one file. While importing IDP metadata remove SP metadata from the file.

Login to the SP OAM console and click on federation. Click on Service Provider Management.
Import the Idp metadata.
Click ‘Create Authentication Scheme and Module’ to create the scheme and module.



Now Login to Idp VM and import the Service provide metadata.
Remember to modify the metadata to contain only Service Provider metadata.

Provide the NameID Value as mail.



Access any application protected by SP OAM and it will redirect to the IDP -OAM.






Comments

  1. Ravi Ranjan Kumar23 April 2019 at 14:10

    Thanks for sharing the valuable post.
    I have a requirement where I have to make my OAM as both(IDP and SP) at a time
    ERP(SP)<==>OAM(IDP)==OAM(SP)<==>MS Azure(IDP)

    How to configure this? could you help please.

    If possible please provide the solution in my email "ravcusat23@gmail.com"
    Thanks,
    Ravi Ranjan

    ReplyDelete

Post a Comment

Popular posts from this blog

OIM Tuning

Application Module tuning is a critical setting which will affect the UI performance. Following are the recommended application module settings for OIM and these are already set out-of-box (OOB) in later releases of OIM 11g R2. Ensure that these settings are implemented as recommended in your environment. -Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -Djbo.recyclethreshold=60 - Djbo.ampool.timetolive=-1 -Djbo.load.components.lazily=true - Djbo.doconnectionpooling=true -Djbo.txn.disconnect_level=1 - Djbo.connectfailover=false -Djbo.max.cursors=5 - Doracle.jdbc.implicitStatementCacheSize=5 - Doracle.jdbc.maxCachedBufferSize=19 open DOMAIN_HOME/bin/setDomainEnv.sh file for the WebLogic Server instance.find these lines: JAVA_OPTIONS="${JAVA_OPTIONS}" export JAVA_OPTIONS and change it to: JAVA_OPTIONS="-Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1 -Djbo.ampool.maxavailablesize=120 -D...
Post a Comment
Read more

Oracle Traffic Director (OTD) configuration

Download the OTD software and install it on a server by running runInstaller command from <Binaries>/Disk1. Preferred is to configure the OTD as root user because when the administration server is configured as root, then Oracle Traffic Director starts the keepalived daemon automatically when you start instances that are part of a failover group, and stops the daemon when you stop the instances. Set Oracle_Home as the new Installed OTD Home. Run below command to configure the Admin server: <OTD_HOME>/otd/bin/tadm configure-server --port=8989 --user=admin --server-user=root --instance- home= <OTD_HOME> /otd/instance_name/otd_instance1 This command will ask for admin password and will create the admin server. Run Below command to start the admin server: <OTD_HOME> /otd/instance_name/otd_instance1/admin-server/bin/startserv Login to the OTD console on http://<host>:8989 as admin user.  Click New configuration: Click Next and create ne...
Post a Comment
Read more

Creating Role through OIM API - 11gR2

package com.oim.utilities; import java.util.HashMap; import oracle.iam.identity.rolemgmt.api.RoleManager; import oracle.iam.identity.rolemgmt.api.RoleManagerConstants; import oracle.iam.identity.rolemgmt.vo.Role; import oracle.iam.platform.OIMClient; public class RoleManagement  { static RoleManager roleManager=null; static OIMClient client=null; @SuppressWarnings("null") public static void createRole(String roleName){ System.out.println("RoleManagement :: createRole :: role name is "+roleName); try  { if (roleName!=null) { HashMap<String, Object> mapAttrs = new HashMap<String, Object>();; mapAttrs.put(RoleManagerConstants.ROLE_NAME, roleName); mapAttrs.put(RoleManagerConstants.ROLE_DISPLAY_NAME,roleName); mapAttrs.put(RoleManagerConstants.ROLE_DESCRIPTION, roleName); Role role = new Role(mapAttrs); // Initialising the OIM Connection client=ClientOIM.initialise(); System.out.println("RoleManagemen...
1 comment
Read more