Skip to main content

OAM as IDP and SP (2 OAM PS3)

Oracle Access Manager can act as Identity Provider or Service Provider based on requirement.I configured a use case where one OAM is acting as IDP and another one acting as SP. High level steps  are as below: 

 Download the IDP OAM metadata by accessing the below URL:
http://<IDP-OAM>:14100/oamfed/sp/metadata

Note that metadata consists both IDP and SP in one file. While importing IDP metadata remove SP metadata from the file.

Login to the SP OAM console and click on federation. Click on Service Provider Management.
Import the Idp metadata.
Click ‘Create Authentication Scheme and Module’ to create the scheme and module.



Now Login to Idp VM and import the Service provide metadata.
Remember to modify the metadata to contain only Service Provider metadata.

Provide the NameID Value as mail.



Access any application protected by SP OAM and it will redirect to the IDP -OAM.






Comments

  1. Ravi Ranjan Kumar23 April 2019 at 14:10

    Thanks for sharing the valuable post.
    I have a requirement where I have to make my OAM as both(IDP and SP) at a time
    ERP(SP)<==>OAM(IDP)==OAM(SP)<==>MS Azure(IDP)

    How to configure this? could you help please.

    If possible please provide the solution in my email "ravcusat23@gmail.com"
    Thanks,
    Ravi Ranjan

    ReplyDelete

Post a Comment

Popular posts from this blog

Developing Prepopulate Adapter with OIM 11g R2

1.      Prepopulate Adapter in OIM uses the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. 2.      Write the Java code which returns the value which has to be populated on the form. 3.      This code will implement the plugin point oracle.iam.request.plugins.PrePopulationAdapte r. Code Snippet: - package com.oracle.oim.utility.eventhandler; import java.io.Serializable; import java.util.Iterator; import java.util.List; import java.util.logging.Logger; import oracle.iam.identity.exception.NoSuchUserException; import oracle.iam.identity.exception.UserLookupException; import oracle.iam.identity.usermgmt.api.UserManager; import oracle.iam.identity.usermgmt.vo.User; import oracle.iam.platform.Platform; import oracle.iam.platform.authz.exception.AccessDeniedException; import oracle.iam.request.exception.RequestServiceException; import oracle.iam.request.vo.Beneficiary; ...
5 comments
Read more

Custom Login Page Protection- OAM 11g R2

Create a login page with fields having username,password and requestid. Below is the sample login page : <%@page language="java" session="true" contentType="text/html;charset=ISO-8859-1"  %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request. getServerPort()+path+"/"; String requestID = request.getParameter("request_id"); %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <font color="blue">Login Page </font><br><br> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Implementing css and javascript</title> <meta http-equi...
3 comments
Read more

Oracle Traffic Director (OTD) configuration

Download the OTD software and install it on a server by running runInstaller command from <Binaries>/Disk1. Preferred is to configure the OTD as root user because when the administration server is configured as root, then Oracle Traffic Director starts the keepalived daemon automatically when you start instances that are part of a failover group, and stops the daemon when you stop the instances. Set Oracle_Home as the new Installed OTD Home. Run below command to configure the Admin server: <OTD_HOME>/otd/bin/tadm configure-server --port=8989 --user=admin --server-user=root --instance- home= <OTD_HOME> /otd/instance_name/otd_instance1 This command will ask for admin password and will create the admin server. Run Below command to start the admin server: <OTD_HOME> /otd/instance_name/otd_instance1/admin-server/bin/startserv Login to the OTD console on http://<host>:8989 as admin user.  Click New configuration: Click Next and create ne...
Post a Comment
Read more