Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1

Similar documents
Intelligent Security Design, Development and Acquisition

Oracle IDM Integration with E-Business Suite & Middleware Technologies

Oracle E-Business Suite Single Sign On Using Oracle Access Manager

Oracle E-Business Suite (R12) Integration with OID/OAM 11g

Oracle Fusion Middleware 11g Release 1 IDM Suite

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success

Kenneth Hee Director, Business Development Security & Identity Management. Oracle Identity Management 11g R2 Securing The New Digital Experience

Sun and Oracle: Joining Forces in Identity Management

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach

Integrating OID/SSO with E- Business Suite and Third-Party SSO Solutions. Presented by Paul Jackson (Norman Leach)

Identity Management and Single Sign-On

Access Management Analysis of some available solutions

Oracle Platform Security Services & Authorization Policy Manager. Vinay Shukla July 2010

The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions

Oracle Identity Management 11gR2 Sizing and Capacity Planning

NCSU SSO. Case Study

Oracle Access Management 11gR2 ( x) Frequently Asked Questions (FAQ)

How To Get A Single Sign On (Sso)

Web Applications Access Control Single Sign On

Robert Honeyman Honeyman IT Consulting.

An Oracle White Paper October Frequently Asked Questions for Oracle Forms 11g

OracleAS Identity Management Solving Real World Problems

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

Oracle Access Manager. An Oracle White Paper

<Insert Picture Here> Oracle Identity And Access Management

SaaS at Pfizer. Challenges, Solutions, Recommendations. Worldwide Business Technology

Integrating IBM Cognos 8 BI with 3rd Party Auhtentication Proxies

Microsoft SharePoint Architectural Models

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

State of Vermont Guidance on the Re-use of Software Products, Shared Components, and Hosted Platform Environment Capabilities

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Enterprise Identity Management Reference Architecture

Trust but Verify: Best Practices for Monitoring Privileged Users

Agenda. How to configure

Integrating CRM On Demand with the E-Business Suite to Supercharge your Sales Team

Management. Oracle Fusion Middleware. 11 g Architecture and. Oracle Press ORACLE. Stephen Lee Gangadhar Konduri. Mc Grauu Hill.

Security Best Practices for Microsoft Azure Applications

Oracle Fusion Middleware

Oracle Identity Governance - Complete Identity Lifecycle Management

Oracle Mobile Security

OPENIAM ACCESS MANAGER. Web Access Management made Easy

Oracle Identity Manager, Oracle Internet Directory

Identity Governance Evolution

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003

Addressing Cyber Security in Oracle Utilities Applications

Single Sign-on (SSO) technologies for the Domino Web Server

Oracle Directory Services Integration with Database Enterprise User Security O R A C L E W H I T E P A P E R F E B R U A R Y

Centralized Oracle Database Authentication and Authorization in a Directory

Install and Configure Fusion Applications - DBA perspective. Masthan Babu Phani Kottapalli AST Corporation August 14, 2014

An Oracle White Paper September Directory Services Integration with Database Enterprise User Security

Oracle Privileged Account Manager

Getting Started with Clearlogin A Guide for Administrators V1.01

An Oracle White Paper December Access Manager for Oracle Access Management 11gR2 PS2

Securing the Cloud through Comprehensive Identity Management Solution

Single Sign On In A CORBA-Based

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

IBM Security Systems Division

The Challenges of Web single sign-on

2013 AWS Worldwide Public Sector Summit Washington, D.C.

OBIEE 11g Security it s as easy as 1-2-3!

Managing Oracle E-Business Suite Security

Vidder PrecisionAccess

Migration Best Practices for OpenSSO 8 and SAM 7.1 deployments O R A C L E W H I T E P A P E R M A R C H 2015

Oracle Application Express and Oracle E-Business Suite. Love and Mariage!

<Insert Picture Here> Oracle Database Vault

A Technical Roadmap for Oracle Fusion Middleware, E-Business Suite Release 12 and Oracle Fusion Applications

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

ORACLE ACCESS MANAGER

How Oracle MAF & Oracle Mobile Cloud can Accelerate Mobile App Development

Deploying RSA ClearTrust with the FirePass controller

Easy as 1-2-3: The Steps to XE. Mark Hoye Services Portfolio Consultant

Securing Data in Oracle Database 12c

How to Implement Enterprise SAML SSO

Oracle Fusion Middleware 11g 10 Reasons to Upgrade

An Oracle White Paper Dec Oracle Access Management Security Token Service

Directory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

Data Security: Strategy and Tactics for Success

Introduction to SAML

E-Business Suite Oracle SOA Suite Integration Options

Critical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management

White Paper. McAfee Cloud Single Sign On Reviewer s Guide

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

BlackBerry Enterprise Service 10. Version: Configuration Guide

Agenda. Fusion Middleware Release 12 Fusion Applications

Integrating Apex into Federated Environment using SAML 2.0. Jon Tupman Portalsoft Solutions Ltd

Protect Everything: Networks, Applications and Cloud Services

CA SiteMinder SSO Agents for ERP Systems

How To Manage A Plethora Of Identities In A Cloud System (Saas)

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

nexus Hybrid Access Gateway

<Insert Picture Here> E-Business Suite Technology Stack Certification Roadmap Steven Chan Senior Director, Applications Technology Integration

SECURITY AND REGULATORY COMPLIANCE OVERVIEW

Transcription:

Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1

Agenda Introduction PAGE 2 Organization Speakers Security Spectrum Information Security Spectrum Oracle Identity Management Platform Access Control Access Management Framework Oracle Access Management System Architecture Oracle Access Management Integration Architecture Benefits Access Control System Oracle Applications (E-Business) Integration Support Architecture Integration Flow Integration of OID and E-Biz (GUID) Access Gate integration Third-party directories integration (AD) Deployment Topology Best Practices

Introduction PAGE 3

About BIAS Corporation Who We Are PAGE 4 Founded in 2000 Distinguished Oracle Leader Technology Momentum Award Portal Blazer Award Titan Award Red Stack + HW Momentum Awards Excellence in Innovation Award Management Team is Ex-Oracle Location(s): Headquartered in Atlanta; Regional office in Washington D.C.; Offshore Hyderabad and Chennai, India ~250 employees with 10+ years of Oracle experience on average Inc.500 5000 Fastest Growing Private Company in the U.S. for the 5th Time Voted Best Place to work in Atlanta for 2nd year 30 Oracle Specializations spanning the entire stack

Speakers Profile PAGE 5 Kashif Dhatwani Practice Director, Identity Management and Data Security Enterprise and Solution Architect 15+ years of experience in delivering solutions around middleware technologies including Security, SOA, Portal and Custom developed solutions 7+ years with BIAS Corporation and Previously held positions at Oracle and IBM Focused on delivering solutions to provide best practices and industry standards based solution to BIAS customers Leading team of solution and technical architects for delivery of solutions across multiple industries Madan Shah Solution Architect, Identity Management & Data Security 15+ years of experience in middleware technologies 3+ years with BIAS Corporation Solution Architect, Technical Architect Middleware Technologies including Java / J2EE, Portals, Data Security and Identity & access Management Leading Development teams to deliver Solutions for Identity & Access Management and Data Security Oracle Access Management Suite Plus 11g Certified Implementation Specialist and Oracle Database 11g Security Certified Implementation Specialist

BIAS Practice Areas PAGE 6

BIAS Corporation is a recognized leader in Identity & Access Management system assessment, design and implementation. As an Oracle Platinum partner, BIAS Corporation s IDM Practice provides experienced architects who have expertise in assessment of environments, building roadmaps, design systems with deep technical experience and implementing solutions using experienced developers part of BIAS IDM practice. PAGE 7

Security Spectrum PAGE 8

Information Security Spectrum PAGE 9 Identity Management Access Management Mobile Security Data Security Governance Compliance Single Source of Truth Provisioning / Deprovisioning SoD Separation of Duties Access Control Authentication Authorization Single Sign-On Multi-Factor Authentication Security Container Single Sign-On Application Management Protect your data at Rest and in Transit Data Access - Authentication Data Access Fine Grained Control Auditing

Identity Management Portfolio 11gR2 Modern, Innovative & Integrated PAGE 10 Governance Access Directory Mobile Security Oracle Identity Manager (OIM) Oracle Privileged Account Manager (OPAM) Oracle Access Manager (OAM) Oracle Adaptive Access Manager (OAAM) Oracle API Gateway (OEG) Oracle Identity Federation (OIF) Oracle Security Token Services (OSTS) Oracle Entitlement Server (OES) Oracle Enterprise SSO (OeSSO) Oracle Unified Directory (OUD) Oracle Virtual Directory (OVD) Oracle Internet Directory (OID) Oracle Mobile Security Suite (OMSS) Oracle Access Manager (OAM) Oracle Identity Manager (OIM) Platform Security Services

Oracle Database Security Solutions PAGE 11 Advanced Security, Data Masking Audit Vault, Database Firewall Database Vault, Label Security Transparent Data Encryption Network Encryption/Strong Auth Data Masking for Non-Production Database Activity Auditing Database Firewall Monitoring Centralized Audit Data Warehouse Separation of Duties for DBAs Protection Realms & Rules Label Based Access Control Maturity of Database Environment

Access Control PAGE 12

Single User account Single Logon Access Management Framework PAGE 13 Web Applications External (partners, vendors) Web Applications Web Applications Cloud Providers Single User account Single Logon Internal LDAP

Oracle Access Management System Architecture PAGE 14

Access Management Integration Architecture Cloud Providers PAGE 15 Federation / SSO External (partners, vendors) Authentication / SSO Authentication / SSO Access Gate Webgate On Premise Apps Web Applications Internal Web Applications Web Applications Oracle Access Manager LDAP

Identity Management Overview PAGE 16

Benefits PAGE 17 Centralized Access Management A centralized security enforcement A centralized policy control on application access Single Sign-On Use one (1) set of credentials to access all your applications No need to remember multiple user-ids and passwords Reduced risk to compromise credentials One Time login to your first application Navigate securely to multiple applications Federation Single Sign-On for Third-Party application partners Single Sign-On for Cloud based applications User Repositories Integration with multiple user repositories Support for commonly used LDAPs and Microsoft Active Directory Productivity Increase productivity of employees Maintain compliance standards Capability to self service such as self password management

Oracle e-business Application Single Sign-On PAGE 18

Oracle E-Business and Access Manager Support Architecture PAGE 19 E-Business Suite 12.2.2+ Oracle Access Manager 11.1.2.2 Oracle Identity Management 11.1.1.7 Oracle Web Gate 11.1.2.2 E-Business Suite 12 Oracle Access Manager 11.1.2.2 Oracle Identity Management 11.1.1.7.0 Oracle Access Manager Webgate 11.1.2.2.0 Oracle E-Business Suite Access Gate 1.2.3.4 11.5.10.2 12.2 12.1.3

3. Webgate Intercepts Per OAM policies Integration Architecture PAGE 20 1. User Requests protected resource Oracle E-Business Suite Oracle E-Business Suite 2. User redirected to EBS Access Gate Protected by OAM 8. EBS access gate identifies the EBS user linked to authenticated OID user 4. Webgate connects user to EBS Access Gate To collect credentials WebServer Webgate 7. OAM returns user identifier to EBS access gate E-Business Suite Access Gate 5. User Submits Credentials to OAM Server 6. OAM verifies credentials against user repository Oracle Access Manager Oracle Internet Directory

EBS Access Gate PAGE 21 JAVA EE Application Deployed on WebLogic Domain Oracle Access Manager UID + ORCLGUID Web Gate UID + ORCLGUID FND_USR Link E-Business Suite Instance Database Oracle E-Business Suite AccessGate Oracle Internet Directory Every User record has unique ORCLGUID FND_USR Link

Deployment Topology (Clustered) Oracle E-Business Suite Release 12.2 single sign-on PAGE 22 EBS AccessGate WebGate Oracle Database Load Balancer User Oracle E-Business Suite Release 12.2.2+ Oracle HTTP Server Web Server 1 Web Server 2 Oracle Access Manager Server Oracle Internet Directory OAM Server1 OAM Server 2 Load Balancer OID 1 OID 2

Third-Party LDAP Integration PAGE 23

Third-Party Access Management PAGE 24

Architectural Considerations Key Decisions PAGE 25 Provisioning Unidirectional Provisioning From Oracle Internet Directory to Oracle E-Business Suite only From Oracle E-Business Suite to Oracle Internet Directory only Bi-Directional Provisioning From Oracle Internet Directory to Oracle E-Business Suite From Oracle E-Business Suite to Oracle Internet Directory Corporate User Repositories Microsoft Active Directory LDAPs Databases Authorization EBS responsibilities are managed within EBS Upgrade Existing environment can upgrade from OSSO to OAM Co-Existence Multiple E-Business systems using same Security Framework (Access Manager)

Best Practices PAGE 26 SSO Infrastructure High Availability Disaster Recovery Environment Performance Considerations OAM Detached Credential Collector vs Embedded Credential Collector Multi Factor Authentication and Risk-based Authentications End To End SSL Encrypt all HTTP and LDAP Traffic TLS 1.2/TLS 1.1 Auditing Out of the Box Auditing functionality provided by OAM for User Authentications BI Publisher Reports

Oracle created the OPN Specialized Program to showcase the Oracle partners who have achieved expertise in Oracle product areas and reached specialization status through competency development, business results, expertise and proven success. BIAS is proud to be specialized in 30 areas of Oracle products, which include the following: PAGE 27

Contact Us PAGE 28 Kashif Dhatwani Practice Director - Identity Management & Data Security 770-685-6240 Kashif.Dhatwani@biascorp.com

PAGE 29

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information