Clik here to view.
Exploring OAM’s SAML Identity Assertion
Introduction OAM (Oracle Access Manager) has an interesting feature that often goes unnoticed to a considerable number of people wishing to tackle the problem of identity propagation. It’s OAM’s...
View ArticleAuthenticating to OIM SCIM server using an OAM-generated SAML identity assertion
In a previous post previous post I provided a brief introduction to SCIM. In this post I’m going to dive right in and give an example of using the OIM SCIM services and securing them with OAM. Why...
View ArticleAuthenticating to the OIG REST API from an OAM-protected web app
The objective of this post is to describe how a web app protected by an OAM WebGate can authenticate to the OIG REST APIs. In a previous blog post, I provided detailed steps to do the same thing for...
View ArticleSOA Security – Follow-up Question
I got an email from a response to a post that I did after last year's OOW.http://oracleaccessmanagement.blogspot.com/2008/09/soa-security-adt-or-crocodile-filled.htmlThe question is basically - "How do...
View ArticleHow to Debug SAML Token Profile on WLS
K asks:On the client site I have two Credential Mapping Provider (SAML and PKI) and two Credential Mapping (Key Pair and certificate) configured and the request produced well (I monitor it with...
View ArticleTeach an Old Dog New Tricks – SAML Name Mappers
A few weeks ago, I said that I was sure that there was some way to get custom attributes passed in and out of SAML Assertions for the purpose of Federated Authorization. Well, at that time I was under...
View ArticleClik here to view.
Bearer Confirmation Method (Huh! What is it good for…)
For starters, allow me to introduce myself. My name is Brian Eidelman and I am a new member of the Fusion Middleware Architecture Group (a.k.a the A-Team) and a new contributor to this blog. Since the...
View ArticleSAML Bearer Confirmation – An example using OWSM Client Policy
This is an extension of the discussion started by Brian in his inaugural post here at the FusionSecurity blog. Brian and I, along with other members of the A-Team were out at HQ getting some training...
View ArticleOWSM Client Policies and SAML – Simpler is Better
Classic example of me being "too clever by half".From the OWSM DocumentationLooks like you can just set the username as a propertyURL localURL = new URL("https://.../MyWebServicePort?WSDL"); QName name...
View ArticleIdentity Cloud Services and Weblogic Federation with Virtual Users and Groups
Introduction Federation is a well-known pattern and has been discussed at length on this blog. Almost every vendor or cloud provider out there supports Federation and it’s been around for quite some...
View ArticleSilently federate from your SAML IdP or OpenID Connect Provider to IDCS
Introduction As you may know IDCS can operate as both a SAML IdP and a SAML SP at the same time – a use case known as an IdP Proxy or IdP Chaining. This is useful in a bunch of situations, but the most...
View Article