OAM ( Oracle Access Manager ) Online Training

Introduction

Oracle Access Manager is solution of Oracle Identity Management for user identity administration and web access management. It is a Complete Access Management solution for Data, Applications and Web Services. Oracle Access Manager is intended to support heterogeneous, complex corporate environments. OAM provides risk-attentive end-to-end single sign-on, user authentication and authorization protection, allowing organizations to protect access from portable devices and effortlessly incorporate social identities with applications. The Access system offers an integrated means to validate users and systems trying to access resources secured by Oracle Access Manager.

 Course Objectives
  • Understand the basic concepts of Oracle Access Manager 11g R2
  • Installing and configuring OAM 11g R2.
  • How to setup data sources, servers and agents.
  • How to manage sign-off and sign-on sessions.
  • Configure logging, monitoring and troubleshooting OAM 11g R2.

Why Learn OAM?

By learning this OAM course, you will improve a good understanding of fundamental Access Management concepts that include installation, configuration and managing WebGates. You will walk away with the skills and knowledge to create authorization and authentication rules to safeguard resources and understand single sign on and session management.

Course Curriculum

INTRODUCTION TO ORACLE ACCESS MANAGER

  • Oracle Identity Management
  • Access Manager Platform 11gR2
  • Oracle Access Management
  • Oracle Access Manager 11gR2: Deployment Overview
  • Salient Features of OAM
  • OAM 11g Architecture
  • SSO Login Processing with OAM Agents
  • Installation and Configuration
  • Configuration Wizard: Templates
  • OAM 11g R1 Runtime Architecture
  • Management Interfaces
  • Session Management
  • Session Management in OAM Console
  • Oracle Coherence in Session Management
  • Usability and Lifecycle Management Enhancements
  • Usability and Lifecycle Management Enhancements: Operational Metrics
  • Windows Native Authentication
  • Access Manager 11gR2 Policy Model
  • AuthZ Policy Management
  • Access Manager 11gR2 Policy Model Enhancements
  • AuthZ Policy Model Enhancements
  • Centralized Agent Management
  • Auditing and Logging
  • Embedded Credential Collection
  • Detached Credential Collector
  • Rich ADF-Based UI
  • Password Management
  • Global Password Policy
  • Connection Simulator: Access Tester 11g
  • Access Tester Tool
  • Scalable  Deployment Models
  • Multi-Datacenter Support
  • Oracle and Third-Party Integrations
  • REST-Based Policy Admin APIs
  • Java SDK and Extensibility Framework

INSTALLATION AND CONFIGURATION

  • Domain Diagram
  • Domain Restrictions
  • Server
  • Administration Server
  • Managed Server
  • Interaction between the Administration Server and Managed Servers
  • What Is a Machine?
  • WebLogic Scripting Tool (WLST)
  • WLST Modes
  • WLST: Example
  • Oracle Fusion Middleware Home and Oracle WebLogic Server Home
  • Oracle Home
  • Installing and Configuring Oracle Access Management: Sequence of Steps
  • Wizards: Installation Versus Configuration
  • System Requirements for Oracle Access Management 11g R2(11.1.2.0.0)
  • Road Map
  • Oracle WebLogic Server 11g R1 PS 5 (10.3.6) Installation
  • GUI Mode Installation
  • Choosing or Creating a Home Directory
  • Registering for Support
  • Choosing an Installation Type and Products
  • Choosing the JDK and Product Directory
  • Installation and Summary
  • QuickStart
  • Console and Silent Mode Installations
  • Postinstallation: Middleware Home
  • Oracle WebLogic Server Directory Structure
  • Setting Environment Variables
  • Installing Oracle Database
  • Creating Schemas by Using RCU
  • Installing Oracle Access Management: Welcome and Prerequisite Checks
  • Installing Oracle Access Management: Installation Location and Summary
  • Installing Oracle Access Management: Progress Bar and Installation Complete
  • Configuration Wizard: Creating Domain and Domain Source
  • Configuration Wizard: Domain and Administrator Settings
  • Configuration Wizard: Server Start Mode, JDK
  • Configuring JDBC Component Schema
  • Configuration Wizard: Administration and Managed Servers
  • Configuration Wizard: Clusters and Machines
  • Configuration Wizard: Assigning Servers to Machines and Target Deployments
  • Configuration Wizard: Target Services
  • Configuration Wizard: RDBMS Security Store
  • Configuration Wizard: Configuration Summary and Creating Domain
  • Configuring OHS for Oracle WebLogic Server
  • Configuration Wizard: Extending Domain and Domain Source
  • Configuring the Database Security Store
  • Starting Oracle Access Manager
  • Validating a Successful Installation and Configuration
  • Oracle WebLogic Server Administration Console
  • Oracle WebLogic Server Administration Console: Server Status
  • OAM_Server1: Applications Deployed
  • AdminServer: Applications Deployed
  • Oracle Access Manager Administration Console
  • Oracle Enterprise Manager Fusion Middleware Control
  • Relationship Between Farm and Domain
  • Starting the Servers and Sanity Check
  • Uninstalling Oracle WebLogic Server
  • Deinstalling the Oracle Identity and Access Management Oracle Home
  • Deinstalling Oracle Common Home and Deleting Domain Home

SYSTEM CONFIGURATION: SERVERS, DATA SOURCES, AND AGENTS

  • Objectives
  • Configuring Oracle HTTP Server (OHS) 11g
  • Servers
  • Creating and Deleting a New Managed Server
  • Managing Servers
  • Individual Server Properties
  • Coherence Properties
  • OAM Proxy
  • Managing Servers from WLS Admin Console and Command Line
  • Agents
  • Introduction to DCC
  • Main Benefits/Drivers
  • Deployment View and Request Flow with DCC
  • Deployment View and Request Flow with DCC/RWG
  • Login Application/Pages Deployment Choices in OAM 11g R1
  • Canonical Custom Login Application Deployment in OAM 11g R2
  • Different DCC Deployment Architecture
  • Single Step Versus Multistep Authentication Flow
  • Configuring WebGate For DCC
  • Authentication Policy, Scheme, and Module
  • Authentication Scheme and Module
  • DCC
  • RWG
  • AuthN Scheme Parameters
  • Authentication Policy
  • Multifactor Authentication
  • Informational Error Message Reporting
  • Informational Error Message Reporting Sample Authentication Module/Login
  • Error Processing
  • Logout Configuration
  • Default Login/Logout Pages
  • From ECC to DCC Switch
  • Diagnosability
  • WebGate Provisioning and Installation
  • Installing and Configuring WebGate 11g
  • Installing, Creating, and Configuring an OAM 11g
  • WebGate
  • Registering Agents
  • Creating or Registering OAM Agents by Using OAM Console
  • Viewing and Editing OAM Agent Registration by Using OAM Console
  • In-Band Versus Out-of-Band Registration of Agents
  • Registration Tool
  • Output Files
  • Registration Tool
  • Request File
  • Sample Request File: Short Version
  • Key Request Parameters
  • Request File: Parameter Guidelines
  • In-Band Registration Using the oamreg Tool
  • Out-of-Band Registration Using the oamreg Tool
  • Remote Registration: Common Issues
  • Registering Agents: OAM Console, In-Band, Out-Of-Band Modes
  • IAMSuiteAgent Topology
  • General Features of IAMSuiteAgent
  • IAMSuiteAgent Configuration
  • WLS Agent Configuration: ControlFlag
  • WLS Agent Configuration: Provider’s Configuration
  • Resources Protected via WLS Agent
  • User Identity Store
  • Data Repositories
  • User Identity Store: WLS Embedded LDAP Server
  • User Identity Store: Managing LDAP Servers
  • Testing LDAP Connection
  • WLS Embedded LDAP, OID as LDAP Store, WLS Agent
  • Keystore
  • Securing Communication Between WebGate and OAM Server
  • Generating Private Key, Certificate Request, and Downloading Certificates from CA for WebGate
  • Configuring WebGate to Use Certificates
  • Generating Private Key, Certificate Request, and Downloading Certificates from CA for OAM Server
  • Configuring OAM Server to Use Certificates
  • SSL Enabling WebGate and OAM 11g Server

POLICY CONFIGURATION: SHARED COMPONENTS AND APPLICATION DOMAINS

  • Objectives
  • Shared Components: Resource Types
  • Custom Types and Operations
  • Shared Components: Host Identifier
  • Access Control
  • Authentication
  • Authorization
  • AuthZ: OES 11g: R1 Versus R2
  • AuthZ: Configuration File Elements for Policy
  • Authentication Module
  • Authentication Module Features
  • Step-Up Authentication Feature
  • Shared Components: Authentication Schemes
  • Background: Limitations in R1
  • Conceptual Differences Between OAM 11g R1 and R2 AuthZ Policy Construct
  • Conditions
  • Rules
  • Simple Rule Mode
  • Expression Rule Mode
  • Expression Rule Mode: Special Characters
  • Expression Rule Mode: Examples
  • Policy Model: LDAP Search Filter
  • LDAP Search Filter
  • Multiple IP4 Ranges
  • Attribute Condition
  • Attribute Condition: Example
  • Application Domain: AuthN Policies
  • Application Domain: AuthZ Policies Resource
  • Wildcard Patterns
  • URL Query String Parameter List
  • Resource Matching Algorithm
  • Path Matching
  • Path Matching: Examples
  • Query String Matching
  • Query String Matching: Examples
  • Operation Matching
  • Authentication Policies
  • Authorization Policies
  • What Are Responses?
  • Responses
  • Response Expressions
  • Response: Examples
  • Response Providers Authorization Condition and Rules
  • Application Domain
  • Conceptual Relationships for Policy Objects
  • Policy Administration APIs
  • Request and Response
  • Resource URL
  • OAM Policy Artifacts Managed Through REST Interface
  • URLs for Policy Artifacts
  • Error Codes
  • Resource URL: Example
  • Policy Administration REST WADL File
  • How to Run CURL Commands: Examples
  • Get an Application Domain
  • Create an Application Domain
  • Create a Resource and Retrieve All Resources from App Domain: Examples
  • Retrieve AuthN Scheme: Examples Protecting Resources by Using Application Domains

SINGLE SIGN-ON AND SESSION MANAGEMENT

  • Objectives
  • Oracle Access Manager Single Sign-On
  • Oracle Access Manager Single Sign-On Scenario
  • Oracle Access Manager Single Logout Scenario
  • Session and Cookie Creation in Authentication
  • Session and Cookie Usage After Successful Authentication
  • The OAM Session and the OAM_ID Cookie
  • Agent Cookies
  • Single Sign-On Cookie Reference
  • Cookie and Communication Security
  • Session and Cookies in Single Logout
  • Session Life Cycle
  • Session Timeouts
  • Session Caching and Persistence
  • Configuring Single Sign-On: Overview
  • Default Login Page
  • Options for Displaying the Single Sign-On Login Page by Using Form Based Authentication
  • Configuring an Authentication Scheme for a Customized Login Page
  • Customizing Logout
  • Configuring Session Management Options
  • Managing Sessions
  • Road Map
  • Windows Native Authentication
  • User Validation Replaces Credential Collection
  • Configuring an Oracle Access Manager Deployment for WNA
  • Examining Single Sign-On and Managing Sessions

USING ORACLE ACCESS MANAGER WITH WEBLOGIC APPLICATIONS

  • Objectives
  • Java EE Authentication and Authorization
  • Using OAM for Perimeter Authentication and Authorization with a WebGate
  • Using OAM for Perimeter Authentication Without a WebGate
  • Identity Assertion Providers
  • Oracle Access Manager Identity Assertion Provider
  • OAM Identity Assertion Provider Event Sequence
  • OAM Authenticator
  • Using an Identity Assertion Provider

AUDITING AND LOGGING

  • Objectives
  • Auditing and Logging: Overview
  • Fusion Middleware Audit Framework
  • Audit Output Options
  • Audit Architecture Using a Database as the Audit Store
  • Deploying Auditing Using a Database as the Audit Store
  • Audit Settings
  • Examples of Audited Events
  • Examples of Data Recorded When an Audited Event Occurs
  • Oracle Business Intelligence Publisher
  • Deploying BI Publisher to Support FMW Audit Framework and Oracle Access Manager Reports
  • Generating Oracle BI Publisher Reports
  • Administrator Tasks: Logging
  • Logging Configuration Objects
  • Log Levels
  • Oracle Access Manager Loggers and Log Level Inheritance
  • Log Handler Settings
  • Logging Configuration Tools
  • Viewing the Logging Configuration by Using FMW Control
  • Modifying Log Level by Using FMW Control
  • Creating or Configuring Log Handlers by Using FMW Control
  • Using the WLST Tool to Configure Logging
  • Locating Log Files
  • Viewing and Downloading Log Files by Using FMW Control
  • Road Map
  • Log Files from Related Products in an Oracle Access Manager Deployment

TROUBLESHOOTING AND MANAGEMENT

  • Objectives
  • Access Tester
  • Use Cases: Access Tester
  • Access Tester Simulating Steps 1, 3, 5, 6 of Agent and OAM Server Interaction
  • Access Tester: Core Functionality
  • Access Tester Architecture
  • Output Files and Security Features
  • Starting Access Tester
  • System Properties
  • Access Tester Console
  • Test Cases and Test Scripts
  • Using weblogic.Admin Utility to Check the State of Servers
  • Examining Admin Server and Managed Server Logs
  • WebLogic Admin Server and Managed Server Thread Dump
  • Agent and Server Monitoring
  • OAM Proxy Errors
  • Configuration Data
  • Top Problem Areas
  • LDAP Server
  • OAM Runtime Servers
  • Agent-Side Issues
  • Runtime DB Issues
  • Admin Change Propagation and Activation
  • Policy Repository DB Issues
  • Road Map
  • WLST Architecture
  • Offline and Online Modes
  • Executing WLST Commands Python Script with an Embedded WLST Command to Create an Identity Store
  • WLST Commands for OAM 11g
  • Oracle Enterprise Manager Fusion Middleware Control
  • FMW Control: Performance Overview
  • Topology
  • MBean Browser
  • How to Re-register an Agent from the OAM Console
  • Working with Access Tester, WLST, and FMW Control

ACCESS SDK, EXTENSIBILITY APIS, AND THIRD-PARTY INTEGRATION

  • Objectives
  • Custom Requirements for Authentication and Authorization Services
  • Access SDK
  • Oracle Access Manager Clients
  • Developing and Deploying AccessGates: Overview
  • Preparing Systems for AccessGate Development and Deployment
  • Developing the AccessGate
  • Access SDK API Usage in an AccessGate
  • Access SDK Support in Oracle Access Manager 11g
  • What Is ASDK and Why Use It?
  • Benefits of Java-Based OAM11g ASDK
  • Installing and Configuring ASDK
  • Deploying Access Clients in an OAM Environment
  • ASDK Java Documentation
  • Basics of AuthN Plug-Ins
  • Initialize and Process Methods
  • Basics of AuthN Plug-Ins
  • Custom AuthN Plug-Ins
  • AuthN Plug-Ins Deployment
  • Using Plug-Ins: Managing the Plug-In Life Cycle
  • Custom AuthN Module Using Plug-Ins
  • Custom AuthN Module: Plug-Ins Orchestration
  • Custom AuthN Scheme Using the Module
  • Development Approach: Decision Point Versus Hard Coded
  • OAM Extensibility API Docs
  • RSA SecurID: Overview
  • Configuration: High Level
  • Configuration: Details
  • Troubleshooting
  • Working with Custom AuthN Plug-ins and Custom DCC Login Page

MOVE OAM DOMAIN FROM TEST TO PRODUCTION ENVIRONMENT

  • Copy the binaries from the test machine.
  • Create the archive of the Oracle Weblogic Server domain configuration, the OHS instance configuration, and the OAM policy data on the test machine
  • Create the OAM product metadata repository on the production machine
  • Import the metadata and OAM policy data in the production database
  • Configure the OAM Domain by using the configuration that you copied from the test machine
  • Configure the OHS instance on the production machine using the configuration that you copied from the test machine.

CONFIGURE HIGH AVAILABILITY FOR OAM DOMAIN

  • Create OAM Cluster
  • Add the existing OAM Server to the cluster and target applications and data sources to the cluster
  • Create a second Oracle Access Manager server instance
  • Instantiate the second OAM Server in the cluster
  • Set request cache type
  • Create a new OHS Instance as load-balancer for Oracle Access Manager server instances
  • Modify and reconfigure the definition for Oracle Access Manager 11g WebGate Test HA deployment

Note: Exercises, Labs and Assessment Questionnaire pertaining to each day’s topics is included.

Course Reviews

No Reviews found for this course.

Drop us a query

Looking for a training for

 Myself My team/organization

captcha

top
Copyright © 2015 KEEN IT TECHNOLOGIES Pvt.Ltd, ALL RIGHTS RESERVED  |   PRIVACY POLICY   |   TERMS OF USE   |   REFUND AND RESCHEDULE POLICIES   |   SITEMAP  
Keen IT is not an affiliate of SAP AG or other products.
error: Content is protected !!