SlideShare une entreprise Scribd logo

Ebs idm con9020_pdf_9020_0001

J
jucaab
1  sur  81
Télécharger pour lire hors ligne
1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Integrating Oracle E- Business Suite with Oracle Identity Management Solutions Sunil Ghosh, Group Manager Elke Phelps, Sr. Principal Product Manager 2 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
§  Oracle E-Business Suite and Oracle Identity Management Integrations §  Support Time Line and Action Plans Program §  Single Sign-On with Oracle E-Business Suite Agenda §  Oracle Internet Directory Integration §  Step-by-Step: Oracle E-Business Suite and Single Sign-On Integration §  Oracle E-Business and Third-Party Identity Management Integrations §  Step-by-Step: Oracle E-Business and Third-Party Identity Management Integration §  Oracle E-Business Suite Single Sign-On Integration Roadmap 4 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle E-Business Suite and Oracle Identity Management Integrations 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Manage Users in Oracle Internet Directory DBMS_LDAP Oracle Internet E-Business Suite Directory FND_USER DIP §  Synchronize user credentials bi-directionally between Oracle Internet Directory and E-Business Suite §  Set master “source of truth” as OID, EBS, or both §  Manage user provisioning via powerful OID Directory Integration & Provisioning (DIP) templates §  Link an OID userid with one or more EBS userids “on-the-fly” 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Enable Single Sign-On with Oracle Access Manager EBS Oracle AccessGate Internet Directory E-Business Suite Oracle WebGate Access Manager §  Protect E-Business Suite instances with Oracle Access Manager WebGate §  Single sign-on provides access to all registered partner applications, including EBS §  Log off any one partner application to log off all of them §  Support complex third-party single sign-on architectures 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Manage Users in Oracle Identity Manager OID E-Business Suite Oracle LDAP LDAP Identity Manager §  Use Oracle Identity Manager as a provisioning hub with third-party user directories and applications §  Connectors available for OID, E-Business Suite’s FND_USER and HRMS directories, and many more 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Add Layered Access Security with Oracle Adaptive Access Manager (OAAM) EBS Oracle Oracle AccessGate Internet Identity Directory Manager E-Business Suite Oracle Oracle Access Adaptive WebGate Manager Access Manager §  Require additional protection through device fingerprinting and other contextual data §  Add secure and highly usable self-service password management §  Features are transparent to E-Business Suite 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Extend Single Sign-On with Oracle Identity Federation EBS Oracle AccessGate Internet Directory Oracle Remote E-Business Access Suite Identity Manager OIF Service Provider Provider WebGate §  Integrate E-Business Suite into federated network §  Delegate authentication to OIF to enable access through remote identity providers §  Features are transparent to E-Business Suite 10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Other Identity Management Certifications Product Latest Versions for EBS Oracle Access Manager 11.1.1.5 Oracle Identity Manager 11.1.1.5 Oracle Identity Federation 11.1.1.6 Oracle Adaptive Access Manager 11.1.1.5 Oracle Enterprise Single Sign-On Suite Plus 11.1.1.5 All certifications here are performed by Fusion Middleware product teams. 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Support Time Line and Action Plans 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle E-Business Suite Support Dates Release Premier Support Ends Extended Support Ends Minimum Baseline 11i (11.5.10) November 2013 November 2010 MOS Doc ID 883202.1 December 2014* 12.0 January 2012 January 2015 MOS Doc ID 1195034.1 Key 12.1 May 2014 May 2017 MOS Doc ID 1195034.1 *Exception to Extended Support Some OAM integration requirements may supersede this minimum baseline. Lifetime Support Information: http://www.oracle.com/us/support/lifetime-support/index.html 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Identity Management Support Dates Release Premier Support Ends Extended Support Ends Oracle Single Sign-On 10g December 2011 December 2012* Oracle Internet Directory 10g December 2011 Not available Oracle Internet Directory 11g June 2015 June 2017 Oracle Access Manager 10g Key December 2013 Not available Oracle Access Manager 11g June 2015 June 2017 * Limited Extended Support to December 2012 Lifetime Support Information: http://www.oracle.com/us/support/lifetime-support/index.html 14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Action Plan for Oracle E-Business Suite Users Oracle Internet Directory 10g and Oracle Single Sign-On 10g §  Extended Support ends this year –  Oracle Single Sign-On (OSSO)10g extended support ends December 2012 è Deploy Oracle Access Manager §  Upgrade path for OID –  OID 10g è OID 11g (11.1.1.6 latest certified) §  Migration path for OSSO –  For EBS 12.0 or 12.1, OSSO 10g è OAM 11g with mod_osso –  For EBS 11i, migrate to OAM 10g NOTE: Oracle strongly recommends you upgrade to Release 12.1.3 and leverage OAM 11g and EBS AccessGate 15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Single Sign-On with Oracle E-Business Suite 16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Access Manager 11g §  Oracle Access Manager (OAM) 11g is Oracle’s recommended single sign-on solution §  Supports E-Business Suite, Fusion Middleware, OracleAS products, Fusion Applications, and more §  Offers two styles of integration: WebGate and mod_osso Overview of Single Sign-On Integration Options for Oracle E-Business Suite, Note 1388152.1 Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR1 (11.1.1.5), Note 1309013.1 17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Authentication vs. Authorization Authentication Authorization Oracle Access Manager Oracle E-Business Suite •  Identifies the user •  Identifies data and actions •  Validates user credentials the user can access •  Checks user responsibilities 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Access Manager 11g and E-Business Suite AccessGate EBS Oracle AccessGate Internet Directory E-Business Suite Oracle WebGate Access Manager §  EBS AccessGate enables integration with WebGate –  Maps LDAP user to EBS user and complements EBS session management with OAM –  WebGate 10g and WebGate 11g both supported –  Requires Oracle Internet Directory 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Access Manager 11g and E-Business Suite AccessGate §  External Java EE application installed independently from EBS –  Fewer points of integration = easier to certify new releases –  Insulates EBS instance from user authentication configuration §  EBS AccessGate supports multiple EBS releases as well as multiple OAM releases §  Multiple deployments can be supported with 1 WebGate 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Access Manager 11g and mod_osso User E-Business Suite OHS / mod_osso §  Support for mod_osso enables fast and easy migration from Oracle Single Sign-On (OSSO) 10g 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Access Manager 11g and mod_osso §  OAM 11g replaces OSSO 10g server –  Automatically migrate existing partner applications –  No changes needed for existing E-Business Suite installs §  Recommended only for users upgrading from OSSO 10g §  Available for EBS Release 12.0 and 12.1 only 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Integration with Discoverer and Portal E-Business Suite Oracle Discoverer EBS AccessGate User Oracle mod_osso WebGate Access Manager WebGate and mod_osso deployments can be used together to protect applications 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Integration with Discoverer and Portal E-Business Suite Oracle Discoverer EBS AccessGate User Oracle mod_osso WebGate Access Manager If mod_osso detects valid OAM session, user may access resource without resubmitting credentials 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Internet Directory Integration 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Internet Directory Integration DBMS_LDAP Oracle E-Business Suite Internet FND_USER Directory DIP §  Oracle Internet Directory and FND_USER must be kept synchronized §  Synchronization events are raised via the Workflow-based Business Event System whenever users are added or modified 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Internet Directory Supported Synchronization DBMS_LDAP Oracle E-Business Suite Internet FND_USER Directory DIP §  Asynchronous OID to FND_USER using Directory Integration & Provisioning §  Synchronous FND_USER to OID using DBMS_LDAP §  Bi-directional synchronization 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Link Accounts Oracle E-Business Internet Suite Directory (FND_USER) Userid = “Link Account” Userid = “John.Smith” Global Unique Identifier (GUID) “jsmith” §  One-time User Registration –  Done at setup time by system administrator –  Optional: can be done by end-user on first logon (“Link on the fly”) –  Useful when existing accounts in OID or a third-party LDAP directory differ from existing E-Business Suite accounts 28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Link Accounts Oracle E-Business Internet Suite Directory (FND_USER) Userid = “Link Account” Userid = “John.Smith” Global Unique Identifier (GUID) “jsmith” §  GUID = orclguid attribute in OID –  This attribute is used by EBS to guarantee uniqueness –  Dependency on orclguid is why EBS supports direct integration only with OID 29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Link to Multiple EBS Accounts Oracle E-Business Internet Suite Directory (FND_USER) “Link Account” Userid = Userid = “John.Smith” “jsmith” Userid = “testuser1” §  Note: It’s not possible to link multiple OID accounts to the Userid = same EBS account “testuser2” 30 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Access EBS Accounts Using Proxy Users Oracle E-Business Internet Suite Directory (FND_USER) “Link Account” Userid = Userid = “John.Smith” “jsmith” §  Recommended alternative to “multi-link” Userid = “testuser1” –  Grant/revoke proxy privilege to individual users by admin –  Track delegates’ actions within the system for improved security, compliance enforcement Userid = –  Granular control of proxy authority; e.g.: for specific date ranges “testuser2” –  Configure entirely within EBS – no OID changes required 31 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Step-By-Step: Oracle E-Business Suite Single Sign-On Integration 32 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
First-Time Login with EBS AccessGate E-Business Suite EBS AccessGate User Oracle Internet Directory WebGate Oracle Access Manager 33 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite EBS Œ AccessGate User Oracle Internet Directory Œ Unauthenticated to requests access user WebGate Oracle protected EBS resource Access Manager 34 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle  Internet Directory  User redirected to EBS by AccessGate, protected WebGate Oracle OAM Access Manager 35 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle Internet Ž Directory Ž Per OAM policies, WebGate intercepts WebGate Oracle request Access Manager 36 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle  Internet Directory  WebGate connects user to EBS AccessGate to collect WebGate Oracle credentials Access Manager 37 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle Internet  Directory  User submits(OAM 11g) orto OAM server credentials WebGate Oracle WebGate (OAM 10) Access Manager 38 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle Internet ‘ Directory ‘ OAM verifiesdirectory and against user credentials WebGate Oracle creates user session Access Manager 39 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User ’ Oracle Internet Directory ’ OAM securely passes user identifier to EBS WebGate Oracle AccessGate Access Manager 40 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite “ EBS AccessGate User Oracle Internet Directory “ EBS AccessGate links OID user to EBS user and WebGate Oracle creates ICX session Access Manager 41 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Login to E-Business Suite via EBS AccessGate E-Business Suite ” EBS AccessGate User Oracle Internet Directory ” User redirected to original EBS URL with session, and WebGate Oracle resource returned to browser Access Manager 42 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Identity Management Integrations 43 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Single Sign-On Integration EBS Application Server … delegates user authentication to … Oracle Access Manager … delegates user authentication to … Third-Party SSO 44 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party SSO Interoperability Many ways to work with third-party SSO engines §  Oracle Access Manager 11g –  Windows Native Authentication via Kerberos, X.509 –  PKI X.509v3 Digital Certificates –  Other SSO systems via custom AccessGates with Access SDK §  Oracle Enterprise SSO Suite Plus 11g –  Biometric and smartcard systems §  Oracle Identity Federation 11g –  SAML, WS-Federation, Liberty Alliance –  Support CA Netegrity, IBM Tivoli, etc. 45 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Integration with Third-Party LDAP If you have an existing third-party LDAP… Third-Party LDAP … synchronizes user attributes with … Oracle Internet Directory … synchronizes user attributes with … E-Business Suite Database (FND_USER) 46 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Integration with Third-Party LDAP Server Chaining §  New feature in OID 11g –  Map entries in third party LDAP directories to part of the directory tree and access through OID without synchronization –  Replaces external authentication plug-ins from OID 10g §  Third-party directories certified with Oracle Access Manager –  Microsoft Active Directory §  Does not support Active Directory Lightweight Directory Service –  Sun Java System Directory (SunONE iPlanet) –  Oracle Directory Server Enterprise Edition (formerly Sun) –  Novell eDirectory 47 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Passwords Stored in Third-Party LDAP Third-Party Oracle E-Business LDAP Internet Database (optional) Directory (FND_USER) User Password X User Password X User Password §  Third-party LDAP –  Handles user authentication, usually with a third-party authentication solution –  Commonly considered “Master” source-of-truth §  Oracle Internet Directory and E-Business Suite take minimal copies of master user definition -- excluding passwords §  E-Business Suite doesn’t maintain user passwords in this configuration 48 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Step-By-Step: Oracle E-Business Suite and Third Party Identity Management Integrations 49 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database (FND_USER) End User Oracle Access Manager * EBS Application Server / EBS AccessGate * WebGate not shown. 50 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database End Œ (FND_USER) User Oracle Access Manager EBS Application Server / Œ User provides credentials to third-party single sign-on system. EBS AccessGate 51 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet  Directory EBS Database (FND_USER) End User Oracle Access Manager EBS Application Server /  Third-party single sign-onLDAP for credentials to third-party sends user’s EBS AccessGate authentication. 52 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database End Ž (FND_USER) User Oracle Access Manager EBS Application Server / Ž Third-party single sign-on providessecurity authenticated user with third-party EBS AccessGate token. 53 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database (FND_USER) End User Oracle Access Manager EBS Application Server /  User attempts to access EBS, and is redirected to  EBS AccessGate EBS AccessGate and OAM. 54 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database (FND_USER) End User Oracle Access Manager  EBS Application Server /  OAM recognizes the third-partyreturns OID token, then issues its own and security EBS AccessGate user to EBS AccessGate. 55 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database (FND_USER) End User Oracle Access Manager EBS Application Server / ‘ EBS AccessGate recognizes the OAM session, maps the OID user ‘ EBS AccessGate to an EBS user and returns the resource. 56 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Case Studies 57 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Case Study Logical Server Topology User §  One server per server type –  E-Business Application Server EBS Oracle –  EBS AccessGate Server AccessGate Internet Directory –  Oracle Internet Directory Server E-Business –  Oracle Access Manager Server Suite Oracle WebGate Access Manager 58 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Case Study Physical Server Topology §  Logical Servers may be combined EBS Application Server - EBS Instance §  Example: - EBS AccessGate –  One physical server for E-Business Suite and EBS AccessGate –  One physical server for Fusion Middleware components – WebGate, Oracle Access Manager and Oracle Internet Directory Fusion Middleware Server -Web Server with WebGate -Oracle Access Manager -Oracle Internet Directory 59 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Case Study Physical Server Topology §  Combine logical servers EBS Application Server - EBS Instance §  Scales easily - EBS AccessGate §  Increases to Fusion Middleware footprint not required §  Supports multiple E-Business Suite Instances with EBS AccessGate Fusion Middleware Server -Web Server with WebGate -Oracle Access Manager -Oracle Internet Directory 60 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Case Study Physical Server Topology §  Combine logical servers EBS Application Server 1 EBS Application Server 2 - EBS Instance 1 - EBS Instance 2 §  Scales easily - EBS AccessGate 1 - EBS Access Gate 2 §  Increases to Fusion Middleware footprint not required §  Supports multiple E-Business Suite Instances with EBS AccessGate Fusion Middleware Server -Web Server with WebGate -Oracle Access Manager -Oracle Internet Directory 61 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Case Study Integration with Active Directory & Kerberos Microsoft Windows Microsoft Native Authentication Active via Kerberos Directory Oracle Internet Directory End EBS User Database Oracle (FND_USER) Access Manager E-Business Suite Application Server EBS AccessGate 62 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Case Study Company Intranet DMZ 1 DMZ 2 External Internal Users Users WebGate FMW OID Repository OAM Internet Reverse Server Proxy External EBS EBS Database Internal EBS App Server + App Server + Firewall Firewall EBS AccessGate Firewall EBS AccessGate 63 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
E-Business Suite Single Sign-On Integration Roadmap 64 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Roadmap Single Sign-On §  Certify with Oracle Access Manager 11.1.2 –  Simplify documentation –  Certify DMZ configurations with the Detached Credential Collector 65 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Certify with Oracle Access Manager 11.1.2 Roadmap §  Oracle E-Business Suite Release 12 will use the Oracle Access Manager 11gR2 global login page 66 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Certify with Oracle Access Manager 11.1.2 Roadmap §  Oracle E-Business Suite Release 12 will use the Oracle Access Manager 11gR2 global login page 67 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Certify with Oracle Access Manager 11.1.2 Roadmap §  Oracle E-Business Suite Release 12 will use the Oracle Access Manager 11gR2 global login page §  Custom login pages configured from Oracle Access Manager only 68 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Roadmap Single Sign-On §  Certify with Oracle Access Manager 11.1.2 –  Simplify documentation –  Certify DMZ configurations with the Detached Credential Collector –  Utilize default OAM login page §  Simplify Deployment and Configuration §  Provide Advanced Diagnostics §  Provide separate authentication for external vs. internal users 69 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Authentication for External and Internal Users Existing Solution http://jobs.company.com http://intranet.mycompany.com External User Internal User External Internal EBS EBS Application Application Server Server Internet Intranet 70 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Authentication for External and Internal Users Existing Solution http://jobs.company.com http://intranet.mycompany.com External User Internal User 71 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Authentication for External and Internal Users Roadmap http://jobs.company.com http://myintranet.mycompany.com External User Internal User External Internal EBS EBS Application Application Server Server Internet Internet Intranet 72 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Authentication for External and Internal Users Roadmap http://jobs.company.com http://intranet.mycompany.com External User 73 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
References 74 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
References My Oracle Support Note ID Title 1388152.1 Overview of Single Sign-On Integration Options for Oracle E-Business Suite 1309013.1 Integrating EBS with Oracle Access Manager 11g Using Oracle E-Business Suite AccessGate 1304550.1 Migrating Oracle Single Sign-On 10gR3 to Oracle Access Manager 11gR1 with Oracle E-Business Suite 975182.1 Integrating EBS with Oracle Access Manager 10g Using Oracle E-Business Suite AccessGate 876539.1 Using the Latest Oracle Internet Directory 11gR1 Patchset with Single Sign-On and EBS 75 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
E-Business Suite Technology Stack Blog blogs.oracle.com/stevenChan •  Direct from EBS Development •  Latest news •  Certification announcements •  Primers, FAQs, tips •  Desupport reminders •  Latest upgrade recommendations •  Statements of Direction •  Subscribe via email or RSS 76 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
References E-Business Suite Technology Blog §  Understanding Options for Integrating Oracle Access Manager with E- Business Suite §  Oracle Access Manager 11.1.1.5 Certified with E-Business Suite 12 §  Why Does EBS Integration with Oracle Access Manager Require Oracle Internet Directory? §  Oracle Internet Directory 11gR1 11.1.1.5 Certified with E-Business Suite §  In-Depth: Using Third-Party Identity Managers with E-Business Suite Release 12 77 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Q&A 78 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Graphic Section Divider 79 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
80 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
81 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.

Recommandé

Ebs troubleshooting con9019_pdf_9019_0001
Ebs troubleshooting con9019_pdf_9019_0001Ebs troubleshooting con9019_pdf_9019_0001
Ebs troubleshooting con9019_pdf_9019_0001
jucaab
 
Ebs 12.2 con9021_pdf_9021_0001
Ebs 12.2 con9021_pdf_9021_0001Ebs 12.2 con9021_pdf_9021_0001
Ebs 12.2 con9021_pdf_9021_0001
jucaab
 
Ebs architecture con9036_pdf_9036_0001
Ebs architecture con9036_pdf_9036_0001Ebs architecture con9036_pdf_9036_0001
Ebs architecture con9036_pdf_9036_0001
jucaab
 
Oracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System AdministrationOracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System Administration
Mozammel Hoque
 
Ugf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obieeUgf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obiee
Berry Clemens
 
Con9437 ad ffor_ebs and mobile
Con9437 ad ffor_ebs and mobileCon9437 ad ffor_ebs and mobile
Con9437 ad ffor_ebs and mobile
Berry Clemens
 
Con8289 r12 maintenance tips heisler heisler-con8289
Con8289 r12 maintenance tips heisler heisler-con8289Con8289 r12 maintenance tips heisler heisler-con8289
Con8289 r12 maintenance tips heisler heisler-con8289
Berry Clemens
 
Con11257 schifano con11257-best practices for deploying highly scalable virtu...
Con11257 schifano con11257-best practices for deploying highly scalable virtu...Con11257 schifano con11257-best practices for deploying highly scalable virtu...
Con11257 schifano con11257-best practices for deploying highly scalable virtu...
Berry Clemens
 

Recommandé

Ebs troubleshooting con9019_pdf_9019_0001
Ebs troubleshooting con9019_pdf_9019_0001Ebs troubleshooting con9019_pdf_9019_0001
Ebs troubleshooting con9019_pdf_9019_0001
jucaab
 
Ebs 12.2 con9021_pdf_9021_0001
Ebs 12.2 con9021_pdf_9021_0001Ebs 12.2 con9021_pdf_9021_0001
Ebs 12.2 con9021_pdf_9021_0001
jucaab
 
Ebs architecture con9036_pdf_9036_0001
Ebs architecture con9036_pdf_9036_0001Ebs architecture con9036_pdf_9036_0001
Ebs architecture con9036_pdf_9036_0001
jucaab
 
Oracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System AdministrationOracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System Administration
Mozammel Hoque
 
Ugf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obieeUgf9796 weblogic for ebs and obiee
Ugf9796 weblogic for ebs and obiee
Berry Clemens
 
Con9437 ad ffor_ebs and mobile
Con9437 ad ffor_ebs and mobileCon9437 ad ffor_ebs and mobile
Con9437 ad ffor_ebs and mobile
Berry Clemens
 
Con8289 r12 maintenance tips heisler heisler-con8289
Con8289 r12 maintenance tips heisler heisler-con8289Con8289 r12 maintenance tips heisler heisler-con8289
Con8289 r12 maintenance tips heisler heisler-con8289
Berry Clemens
 
Con11257 schifano con11257-best practices for deploying highly scalable virtu...
Con11257 schifano con11257-best practices for deploying highly scalable virtu...Con11257 schifano con11257-best practices for deploying highly scalable virtu...
Con11257 schifano con11257-best practices for deploying highly scalable virtu...
Berry Clemens
 
WebLogic 12c Developer Deep Dive at Oracle Develop India 2012
WebLogic 12c Developer Deep Dive at Oracle Develop India 2012WebLogic 12c Developer Deep Dive at Oracle Develop India 2012
WebLogic 12c Developer Deep Dive at Oracle Develop India 2012
Arun Gupta
 
Con8442 fusion functional setup manager
Con8442 fusion functional setup managerCon8442 fusion functional setup manager
Con8442 fusion functional setup manager
Berry Clemens
 
Oracle 10g sql fundamentals i
Oracle 10g sql fundamentals iOracle 10g sql fundamentals i
Oracle 10g sql fundamentals i
Manaswi Sharma
 
OOW15 - Customer Success Stories: Upgrading to Oracle E-Business Suite 12.2
OOW15 - Customer Success Stories: Upgrading to Oracle E-Business Suite 12.2 OOW15 - Customer Success Stories: Upgrading to Oracle E-Business Suite 12.2
OOW15 - Customer Success Stories: Upgrading to Oracle E-Business Suite 12.2
vasuballa
 
Java EE 7: Developing for the Cloud at Geecon, JEEConf, Johannesburg
Java EE 7: Developing for the Cloud at Geecon, JEEConf, JohannesburgJava EE 7: Developing for the Cloud at Geecon, JEEConf, Johannesburg
Java EE 7: Developing for the Cloud at Geecon, JEEConf, Johannesburg
Arun Gupta
 
OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2
vasuballa
 
Presentation oracle exalogic elastic cloud
Presentation oracle exalogic elastic cloudPresentation oracle exalogic elastic cloud
Presentation oracle exalogic elastic cloud
solarisyougood
 
OOW09 Integration Architecture EBS R12
OOW09 Integration Architecture EBS R12OOW09 Integration Architecture EBS R12
OOW09 Integration Architecture EBS R12
jucaab
 
OOW15 - personalize and extend oracle ebs for desktops and tablets
OOW15 - personalize and extend oracle ebs for desktops and tabletsOOW15 - personalize and extend oracle ebs for desktops and tablets
OOW15 - personalize and extend oracle ebs for desktops and tablets
vasuballa
 
Oracle Fusion applications 101 [2010 OAUG Collaborate]
Oracle Fusion applications 101 [2010 OAUG Collaborate]Oracle Fusion applications 101 [2010 OAUG Collaborate]
Oracle Fusion applications 101 [2010 OAUG Collaborate]
Rhapsody Technologies, Inc.
 
Preparing for EBS R12.2-upgrade-full
Preparing for EBS R12.2-upgrade-fullPreparing for EBS R12.2-upgrade-full
Preparing for EBS R12.2-upgrade-full
Berry Clemens
 
Java EE 7: Developing for the Cloud at Java Day, Istanbul, May 2012
Java EE 7: Developing for the Cloud at Java Day, Istanbul, May 2012Java EE 7: Developing for the Cloud at Java Day, Istanbul, May 2012
Java EE 7: Developing for the Cloud at Java Day, Istanbul, May 2012
Arun Gupta
 
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
InSync2011
 
OOW16 - Oracle E-Business Suite: What’s New in Release 12.2 Beyond Online Pat...
OOW16 - Oracle E-Business Suite: What’s New in Release 12.2 Beyond Online Pat...OOW16 - Oracle E-Business Suite: What’s New in Release 12.2 Beyond Online Pat...
OOW16 - Oracle E-Business Suite: What’s New in Release 12.2 Beyond Online Pat...
vasuballa
 
R12 architectural changes
R12 architectural changesR12 architectural changes
R12 architectural changes
dataQapps Technologies
 
OOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best PracticesOOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best Practices
vasuballa
 
RESUME
RESUMERESUME
RESUME
suttipong mekmattayan
 
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
vasuballa
 
Ebs soa con8716_pdf_8716_0001
Ebs soa con8716_pdf_8716_0001Ebs soa con8716_pdf_8716_0001
Ebs soa con8716_pdf_8716_0001
jucaab
 
Business Integration for the 21st Century
Business Integration for the 21st Century Business Integration for the 21st Century
Business Integration for the 21st Century
Bob Rhubart
 
OOW 2009 Using FMW EBS R12
OOW 2009 Using FMW EBS R12OOW 2009 Using FMW EBS R12
OOW 2009 Using FMW EBS R12
jucaab
 
OBIEE 11g Overview | Free Webcast
OBIEE 11g Overview | Free WebcastOBIEE 11g Overview | Free Webcast
OBIEE 11g Overview | Free Webcast
iWare Logic Technologies Pvt. Ltd.
 

Contenu connexe

Tendances

Con8442 fusion functional setup manager
Con8442 fusion functional setup managerCon8442 fusion functional setup manager
Con8442 fusion functional setup manager
Berry Clemens
 
Oracle 10g sql fundamentals i
Oracle 10g sql fundamentals iOracle 10g sql fundamentals i
Oracle 10g sql fundamentals i
Manaswi Sharma
 
OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2
vasuballa
 
OOW09 Integration Architecture EBS R12
OOW09 Integration Architecture EBS R12OOW09 Integration Architecture EBS R12
OOW09 Integration Architecture EBS R12
jucaab
 
OOW15 - personalize and extend oracle ebs for desktops and tablets
OOW15 - personalize and extend oracle ebs for desktops and tabletsOOW15 - personalize and extend oracle ebs for desktops and tablets
OOW15 - personalize and extend oracle ebs for desktops and tablets
vasuballa
 
Preparing for EBS R12.2-upgrade-full
Preparing for EBS R12.2-upgrade-fullPreparing for EBS R12.2-upgrade-full
Preparing for EBS R12.2-upgrade-full
Berry Clemens
 
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
InSync2011
 
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
vasuballa
 

Tendances (18)

WebLogic 12c Developer Deep Dive at Oracle Develop India 2012
WebLogic 12c Developer Deep Dive at Oracle Develop India 2012WebLogic 12c Developer Deep Dive at Oracle Develop India 2012
WebLogic 12c Developer Deep Dive at Oracle Develop India 2012
 
Con8442 fusion functional setup manager
Con8442 fusion functional setup managerCon8442 fusion functional setup manager
Con8442 fusion functional setup manager
 
Oracle 10g sql fundamentals i
Oracle 10g sql fundamentals iOracle 10g sql fundamentals i
Oracle 10g sql fundamentals i
 
OOW15 - Customer Success Stories: Upgrading to Oracle E-Business Suite 12.2
OOW15 - Customer Success Stories: Upgrading to Oracle E-Business Suite 12.2 OOW15 - Customer Success Stories: Upgrading to Oracle E-Business Suite 12.2
OOW15 - Customer Success Stories: Upgrading to Oracle E-Business Suite 12.2
 
Java EE 7: Developing for the Cloud at Geecon, JEEConf, Johannesburg
Java EE 7: Developing for the Cloud at Geecon, JEEConf, JohannesburgJava EE 7: Developing for the Cloud at Geecon, JEEConf, Johannesburg
Java EE 7: Developing for the Cloud at Geecon, JEEConf, Johannesburg
 
OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2OOW15 - Online Patching with Oracle E-Business Suite 12.2
OOW15 - Online Patching with Oracle E-Business Suite 12.2
 
Presentation oracle exalogic elastic cloud
Presentation oracle exalogic elastic cloudPresentation oracle exalogic elastic cloud
Presentation oracle exalogic elastic cloud
 
OOW09 Integration Architecture EBS R12
OOW09 Integration Architecture EBS R12OOW09 Integration Architecture EBS R12
OOW09 Integration Architecture EBS R12
 
OOW15 - personalize and extend oracle ebs for desktops and tablets
OOW15 - personalize and extend oracle ebs for desktops and tabletsOOW15 - personalize and extend oracle ebs for desktops and tablets
OOW15 - personalize and extend oracle ebs for desktops and tablets
 
Oracle Fusion applications 101 [2010 OAUG Collaborate]
Oracle Fusion applications 101 [2010 OAUG Collaborate]Oracle Fusion applications 101 [2010 OAUG Collaborate]
Oracle Fusion applications 101 [2010 OAUG Collaborate]
 
Preparing for EBS R12.2-upgrade-full
Preparing for EBS R12.2-upgrade-fullPreparing for EBS R12.2-upgrade-full
Preparing for EBS R12.2-upgrade-full
 
Java EE 7: Developing for the Cloud at Java Day, Istanbul, May 2012
Java EE 7: Developing for the Cloud at Java Day, Istanbul, May 2012Java EE 7: Developing for the Cloud at Java Day, Istanbul, May 2012
Java EE 7: Developing for the Cloud at Java Day, Istanbul, May 2012
 
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
 
OOW16 - Oracle E-Business Suite: What’s New in Release 12.2 Beyond Online Pat...
OOW16 - Oracle E-Business Suite: What’s New in Release 12.2 Beyond Online Pat...OOW16 - Oracle E-Business Suite: What’s New in Release 12.2 Beyond Online Pat...
OOW16 - Oracle E-Business Suite: What’s New in Release 12.2 Beyond Online Pat...
 
R12 architectural changes
R12 architectural changesR12 architectural changes
R12 architectural changes
 
OOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best PracticesOOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best Practices
 
RESUME
RESUMERESUME
RESUME
 
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
OOW16 - Online Patching with Oracle E-Business Suite 12.2 [CON6710]
 

Similaire à Ebs idm con9020_pdf_9020_0001

Ebs soa con8716_pdf_8716_0001
Ebs soa con8716_pdf_8716_0001Ebs soa con8716_pdf_8716_0001
Ebs soa con8716_pdf_8716_0001
jucaab
 
OOW 2009 Using FMW EBS R12
OOW 2009 Using FMW EBS R12OOW 2009 Using FMW EBS R12
OOW 2009 Using FMW EBS R12
jucaab
 
Identity management11gr2launch finalv2
Identity management11gr2launch finalv2Identity management11gr2launch finalv2
Identity management11gr2launch finalv2
OracleIDM
 
Trends gartner iam-amit12-4-12-v1
Trends gartner iam-amit12-4-12-v1Trends gartner iam-amit12-4-12-v1
Trends gartner iam-amit12-4-12-v1
OracleIDM
 
Fusion app integration_con8685_pdf_8685_0001
Fusion app integration_con8685_pdf_8685_0001Fusion app integration_con8685_pdf_8685_0001
Fusion app integration_con8685_pdf_8685_0001
jucaab
 
Workflow bis17
Workflow bis17Workflow bis17
Workflow bis17
sakpob
 
Primavera integration possibilities technical overview ppt
Primavera integration possibilities technical overview pptPrimavera integration possibilities technical overview ppt
Primavera integration possibilities technical overview ppt
p6academy
 
Con3429 pdf 3429_0001
Con3429 pdf 3429_0001Con3429 pdf 3429_0001
Con3429 pdf 3429_0001
juancaJdev
 
Sun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationSun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformation
OracleIDM
 
Compasso Eo Oracle Specialization 2012 1
Compasso Eo Oracle Specialization 2012 1Compasso Eo Oracle Specialization 2012 1
Compasso Eo Oracle Specialization 2012 1
emolinaro
 

Similaire à Ebs idm con9020_pdf_9020_0001 (20)

Ebs soa con8716_pdf_8716_0001
Ebs soa con8716_pdf_8716_0001Ebs soa con8716_pdf_8716_0001
Ebs soa con8716_pdf_8716_0001
 
Business Integration for the 21st Century
Business Integration for the 21st Century Business Integration for the 21st Century
Business Integration for the 21st Century
 
OOW 2009 Using FMW EBS R12
OOW 2009 Using FMW EBS R12OOW 2009 Using FMW EBS R12
OOW 2009 Using FMW EBS R12
 
OBIEE 11g Overview | Free Webcast
OBIEE 11g Overview | Free WebcastOBIEE 11g Overview | Free Webcast
OBIEE 11g Overview | Free Webcast
 
Identity management11gr2launch finalv2
Identity management11gr2launch finalv2Identity management11gr2launch finalv2
Identity management11gr2launch finalv2
 
Trends gartner iam-amit12-4-12-v1
Trends gartner iam-amit12-4-12-v1Trends gartner iam-amit12-4-12-v1
Trends gartner iam-amit12-4-12-v1
 
Oracle Fusion Middleware,foundation for innovation
Oracle Fusion Middleware,foundation for innovationOracle Fusion Middleware,foundation for innovation
Oracle Fusion Middleware,foundation for innovation
 
Fusion app integration_con8685_pdf_8685_0001
Fusion app integration_con8685_pdf_8685_0001Fusion app integration_con8685_pdf_8685_0001
Fusion app integration_con8685_pdf_8685_0001
 
Oim Poc1.0
Oim Poc1.0Oim Poc1.0
Oim Poc1.0
 
Trends gartner iam-amit12-4-12
Trends gartner iam-amit12-4-12Trends gartner iam-amit12-4-12
Trends gartner iam-amit12-4-12
 
Oracle EBS Web Services
Oracle EBS Web ServicesOracle EBS Web Services
Oracle EBS Web Services
 
CARA User Interface for Oracle WebCenter
CARA User Interface for Oracle WebCenterCARA User Interface for Oracle WebCenter
CARA User Interface for Oracle WebCenter
 
Workflow bis17
Workflow bis17Workflow bis17
Workflow bis17
 
Primavera integration possibilities technical overview ppt
Primavera integration possibilities technical overview pptPrimavera integration possibilities technical overview ppt
Primavera integration possibilities technical overview ppt
 
Con3429 pdf 3429_0001
Con3429 pdf 3429_0001Con3429 pdf 3429_0001
Con3429 pdf 3429_0001
 
Sun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationSun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformation
 
Fusion Middleware 11g Keynote Foundation For Innovation
Fusion Middleware 11g Keynote Foundation For InnovationFusion Middleware 11g Keynote Foundation For Innovation
Fusion Middleware 11g Keynote Foundation For Innovation
 
Oracle E-Business Suite
Oracle E-Business SuiteOracle E-Business Suite
Oracle E-Business Suite
 
Compasso Eo Oracle Specialization 2012 1
Compasso Eo Oracle Specialization 2012 1Compasso Eo Oracle Specialization 2012 1
Compasso Eo Oracle Specialization 2012 1
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011
 

Plus de jucaab

Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001
jucaab
 
Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001
jucaab
 
Otm 2013 c13_e-14a-pospelov-evgeniy-taking-control-over-transportation-spend
Otm 2013 c13_e-14a-pospelov-evgeniy-taking-control-over-transportation-spendOtm 2013 c13_e-14a-pospelov-evgeniy-taking-control-over-transportation-spend
Otm 2013 c13_e-14a-pospelov-evgeniy-taking-control-over-transportation-spend
jucaab
 
Otm 2013 c13_e-14b-hatcher-and-van-haaster-otm-sap-integration
Otm 2013 c13_e-14b-hatcher-and-van-haaster-otm-sap-integrationOtm 2013 c13_e-14b-hatcher-and-van-haaster-otm-sap-integration
Otm 2013 c13_e-14b-hatcher-and-van-haaster-otm-sap-integration
jucaab
 
Otm 2013 c13_e-17a-plessis-elisabeth-otm-self-help
Otm 2013 c13_e-17a-plessis-elisabeth-otm-self-helpOtm 2013 c13_e-17a-plessis-elisabeth-otm-self-help
Otm 2013 c13_e-17a-plessis-elisabeth-otm-self-help
jucaab
 
Otm 2013 c13_e-17b-andriesse-lourens-otm-data-management
Otm 2013 c13_e-17b-andriesse-lourens-otm-data-managementOtm 2013 c13_e-17b-andriesse-lourens-otm-data-management
Otm 2013 c13_e-17b-andriesse-lourens-otm-data-management
jucaab
 
Otm 2013 c13_e-18a-sabharwal-naval-covert-waste-to-value-with-otm
Otm 2013 c13_e-18a-sabharwal-naval-covert-waste-to-value-with-otmOtm 2013 c13_e-18a-sabharwal-naval-covert-waste-to-value-with-otm
Otm 2013 c13_e-18a-sabharwal-naval-covert-waste-to-value-with-otm
jucaab
 
Otm 2013 c13_e-21-fl-keynote-implications-of-ec-transportation-priorities
Otm 2013 c13_e-21-fl-keynote-implications-of-ec-transportation-prioritiesOtm 2013 c13_e-21-fl-keynote-implications-of-ec-transportation-priorities
Otm 2013 c13_e-21-fl-keynote-implications-of-ec-transportation-priorities
jucaab
 
Otm 2013 c13_e-22a-lim-joshua-otm-as-a-service-differentiator
Otm 2013 c13_e-22a-lim-joshua-otm-as-a-service-differentiatorOtm 2013 c13_e-22a-lim-joshua-otm-as-a-service-differentiator
Otm 2013 c13_e-22a-lim-joshua-otm-as-a-service-differentiator
jucaab
 
Otm 2013 c13_e-22b-vivio-pam-otm-3d-load-configurator
Otm 2013 c13_e-22b-vivio-pam-otm-3d-load-configuratorOtm 2013 c13_e-22b-vivio-pam-otm-3d-load-configurator
Otm 2013 c13_e-22b-vivio-pam-otm-3d-load-configurator
jucaab
 
Otm 2013 c13_e-23b-hatcher-neil-otm-gtm-data-maintenance
Otm 2013 c13_e-23b-hatcher-neil-otm-gtm-data-maintenanceOtm 2013 c13_e-23b-hatcher-neil-otm-gtm-data-maintenance
Otm 2013 c13_e-23b-hatcher-neil-otm-gtm-data-maintenance
jucaab
 
Otm 2013 c13_e-13b-hagan-mark-otm-soa
Otm 2013 c13_e-13b-hagan-mark-otm-soaOtm 2013 c13_e-13b-hagan-mark-otm-soa
Otm 2013 c13_e-13b-hagan-mark-otm-soa
jucaab
 
Otm 2013 c13_e-12-gittoes-derek-otm-release-6-3-overview
Otm 2013 c13_e-12-gittoes-derek-otm-release-6-3-overviewOtm 2013 c13_e-12-gittoes-derek-otm-release-6-3-overview
Otm 2013 c13_e-12-gittoes-derek-otm-release-6-3-overview
jucaab
 
Otm 2013 c13_e-15-gittoes-derek-otm-product-strategy
Otm 2013 c13_e-15-gittoes-derek-otm-product-strategyOtm 2013 c13_e-15-gittoes-derek-otm-product-strategy
Otm 2013 c13_e-15-gittoes-derek-otm-product-strategy
jucaab
 
Otm con8923 pdf_8923_0002
Otm con8923 pdf_8923_0002Otm con8923 pdf_8923_0002
Otm con8923 pdf_8923_0002
jucaab
 
Otm con8923 pdf_8923_0001
Otm con8923 pdf_8923_0001Otm con8923 pdf_8923_0001
Otm con8923 pdf_8923_0001
jucaab
 
Otm con8766 pdf_8766_0001
Otm con8766 pdf_8766_0001Otm con8766 pdf_8766_0001
Otm con8766 pdf_8766_0001
jucaab
 
Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001
jucaab
 
Fusion app tech_con8707_pdf_8707_0001
Fusion app tech_con8707_pdf_8707_0001Fusion app tech_con8707_pdf_8707_0001
Fusion app tech_con8707_pdf_8707_0001
jucaab
 
Fusion app func_con8722_pdf_8722_0001
Fusion app func_con8722_pdf_8722_0001Fusion app func_con8722_pdf_8722_0001
Fusion app func_con8722_pdf_8722_0001
jucaab
 

Plus de jucaab (20)

Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001Soa con8642 pdf_8642_0001
Soa con8642 pdf_8642_0001
 
Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001Soa cloud con8968_pdf_8968_0001
Soa cloud con8968_pdf_8968_0001
 
Otm 2013 c13_e-14a-pospelov-evgeniy-taking-control-over-transportation-spend
Otm 2013 c13_e-14a-pospelov-evgeniy-taking-control-over-transportation-spendOtm 2013 c13_e-14a-pospelov-evgeniy-taking-control-over-transportation-spend
Otm 2013 c13_e-14a-pospelov-evgeniy-taking-control-over-transportation-spend
 
Otm 2013 c13_e-14b-hatcher-and-van-haaster-otm-sap-integration
Otm 2013 c13_e-14b-hatcher-and-van-haaster-otm-sap-integrationOtm 2013 c13_e-14b-hatcher-and-van-haaster-otm-sap-integration
Otm 2013 c13_e-14b-hatcher-and-van-haaster-otm-sap-integration
 
Otm 2013 c13_e-17a-plessis-elisabeth-otm-self-help
Otm 2013 c13_e-17a-plessis-elisabeth-otm-self-helpOtm 2013 c13_e-17a-plessis-elisabeth-otm-self-help
Otm 2013 c13_e-17a-plessis-elisabeth-otm-self-help
 
Otm 2013 c13_e-17b-andriesse-lourens-otm-data-management
Otm 2013 c13_e-17b-andriesse-lourens-otm-data-managementOtm 2013 c13_e-17b-andriesse-lourens-otm-data-management
Otm 2013 c13_e-17b-andriesse-lourens-otm-data-management
 
Otm 2013 c13_e-18a-sabharwal-naval-covert-waste-to-value-with-otm
Otm 2013 c13_e-18a-sabharwal-naval-covert-waste-to-value-with-otmOtm 2013 c13_e-18a-sabharwal-naval-covert-waste-to-value-with-otm
Otm 2013 c13_e-18a-sabharwal-naval-covert-waste-to-value-with-otm
 
Otm 2013 c13_e-21-fl-keynote-implications-of-ec-transportation-priorities
Otm 2013 c13_e-21-fl-keynote-implications-of-ec-transportation-prioritiesOtm 2013 c13_e-21-fl-keynote-implications-of-ec-transportation-priorities
Otm 2013 c13_e-21-fl-keynote-implications-of-ec-transportation-priorities
 
Otm 2013 c13_e-22a-lim-joshua-otm-as-a-service-differentiator
Otm 2013 c13_e-22a-lim-joshua-otm-as-a-service-differentiatorOtm 2013 c13_e-22a-lim-joshua-otm-as-a-service-differentiator
Otm 2013 c13_e-22a-lim-joshua-otm-as-a-service-differentiator
 
Otm 2013 c13_e-22b-vivio-pam-otm-3d-load-configurator
Otm 2013 c13_e-22b-vivio-pam-otm-3d-load-configuratorOtm 2013 c13_e-22b-vivio-pam-otm-3d-load-configurator
Otm 2013 c13_e-22b-vivio-pam-otm-3d-load-configurator
 
Otm 2013 c13_e-23b-hatcher-neil-otm-gtm-data-maintenance
Otm 2013 c13_e-23b-hatcher-neil-otm-gtm-data-maintenanceOtm 2013 c13_e-23b-hatcher-neil-otm-gtm-data-maintenance
Otm 2013 c13_e-23b-hatcher-neil-otm-gtm-data-maintenance
 
Otm 2013 c13_e-13b-hagan-mark-otm-soa
Otm 2013 c13_e-13b-hagan-mark-otm-soaOtm 2013 c13_e-13b-hagan-mark-otm-soa
Otm 2013 c13_e-13b-hagan-mark-otm-soa
 
Otm 2013 c13_e-12-gittoes-derek-otm-release-6-3-overview
Otm 2013 c13_e-12-gittoes-derek-otm-release-6-3-overviewOtm 2013 c13_e-12-gittoes-derek-otm-release-6-3-overview
Otm 2013 c13_e-12-gittoes-derek-otm-release-6-3-overview
 
Otm 2013 c13_e-15-gittoes-derek-otm-product-strategy
Otm 2013 c13_e-15-gittoes-derek-otm-product-strategyOtm 2013 c13_e-15-gittoes-derek-otm-product-strategy
Otm 2013 c13_e-15-gittoes-derek-otm-product-strategy
 
Otm con8923 pdf_8923_0002
Otm con8923 pdf_8923_0002Otm con8923 pdf_8923_0002
Otm con8923 pdf_8923_0002
 
Otm con8923 pdf_8923_0001
Otm con8923 pdf_8923_0001Otm con8923 pdf_8923_0001
Otm con8923 pdf_8923_0001
 
Otm con8766 pdf_8766_0001
Otm con8766 pdf_8766_0001Otm con8766 pdf_8766_0001
Otm con8766 pdf_8766_0001
 
Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001
 
Fusion app tech_con8707_pdf_8707_0001
Fusion app tech_con8707_pdf_8707_0001Fusion app tech_con8707_pdf_8707_0001
Fusion app tech_con8707_pdf_8707_0001
 
Fusion app func_con8722_pdf_8722_0001
Fusion app func_con8722_pdf_8722_0001Fusion app func_con8722_pdf_8722_0001
Fusion app func_con8722_pdf_8722_0001
 

Ebs idm con9020_pdf_9020_0001

  • 1. 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 2. Integrating Oracle E- Business Suite with Oracle Identity Management Solutions Sunil Ghosh, Group Manager Elke Phelps, Sr. Principal Product Manager 2 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 3. Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 4. §  Oracle E-Business Suite and Oracle Identity Management Integrations §  Support Time Line and Action Plans Program §  Single Sign-On with Oracle E-Business Suite Agenda §  Oracle Internet Directory Integration §  Step-by-Step: Oracle E-Business Suite and Single Sign-On Integration §  Oracle E-Business and Third-Party Identity Management Integrations §  Step-by-Step: Oracle E-Business and Third-Party Identity Management Integration §  Oracle E-Business Suite Single Sign-On Integration Roadmap 4 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 5. Oracle E-Business Suite and Oracle Identity Management Integrations 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 6. Manage Users in Oracle Internet Directory DBMS_LDAP Oracle Internet E-Business Suite Directory FND_USER DIP §  Synchronize user credentials bi-directionally between Oracle Internet Directory and E-Business Suite §  Set master “source of truth” as OID, EBS, or both §  Manage user provisioning via powerful OID Directory Integration & Provisioning (DIP) templates §  Link an OID userid with one or more EBS userids “on-the-fly” 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 7. Enable Single Sign-On with Oracle Access Manager EBS Oracle AccessGate Internet Directory E-Business Suite Oracle WebGate Access Manager §  Protect E-Business Suite instances with Oracle Access Manager WebGate §  Single sign-on provides access to all registered partner applications, including EBS §  Log off any one partner application to log off all of them §  Support complex third-party single sign-on architectures 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 8. Manage Users in Oracle Identity Manager OID E-Business Suite Oracle LDAP LDAP Identity Manager §  Use Oracle Identity Manager as a provisioning hub with third-party user directories and applications §  Connectors available for OID, E-Business Suite’s FND_USER and HRMS directories, and many more 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 9. Add Layered Access Security with Oracle Adaptive Access Manager (OAAM) EBS Oracle Oracle AccessGate Internet Identity Directory Manager E-Business Suite Oracle Oracle Access Adaptive WebGate Manager Access Manager §  Require additional protection through device fingerprinting and other contextual data §  Add secure and highly usable self-service password management §  Features are transparent to E-Business Suite 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 10. Extend Single Sign-On with Oracle Identity Federation EBS Oracle AccessGate Internet Directory Oracle Remote E-Business Access Suite Identity Manager OIF Service Provider Provider WebGate §  Integrate E-Business Suite into federated network §  Delegate authentication to OIF to enable access through remote identity providers §  Features are transparent to E-Business Suite 10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 11. Other Identity Management Certifications Product Latest Versions for EBS Oracle Access Manager 11.1.1.5 Oracle Identity Manager 11.1.1.5 Oracle Identity Federation 11.1.1.6 Oracle Adaptive Access Manager 11.1.1.5 Oracle Enterprise Single Sign-On Suite Plus 11.1.1.5 All certifications here are performed by Fusion Middleware product teams. 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 12. Support Time Line and Action Plans 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 13. Oracle E-Business Suite Support Dates Release Premier Support Ends Extended Support Ends Minimum Baseline 11i (11.5.10) November 2013 November 2010 MOS Doc ID 883202.1 December 2014* 12.0 January 2012 January 2015 MOS Doc ID 1195034.1 Key 12.1 May 2014 May 2017 MOS Doc ID 1195034.1 *Exception to Extended Support Some OAM integration requirements may supersede this minimum baseline. Lifetime Support Information: http://www.oracle.com/us/support/lifetime-support/index.html 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 14. Oracle Identity Management Support Dates Release Premier Support Ends Extended Support Ends Oracle Single Sign-On 10g December 2011 December 2012* Oracle Internet Directory 10g December 2011 Not available Oracle Internet Directory 11g June 2015 June 2017 Oracle Access Manager 10g Key December 2013 Not available Oracle Access Manager 11g June 2015 June 2017 * Limited Extended Support to December 2012 Lifetime Support Information: http://www.oracle.com/us/support/lifetime-support/index.html 14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 15. Action Plan for Oracle E-Business Suite Users Oracle Internet Directory 10g and Oracle Single Sign-On 10g §  Extended Support ends this year –  Oracle Single Sign-On (OSSO)10g extended support ends December 2012 è Deploy Oracle Access Manager §  Upgrade path for OID –  OID 10g è OID 11g (11.1.1.6 latest certified) §  Migration path for OSSO –  For EBS 12.0 or 12.1, OSSO 10g è OAM 11g with mod_osso –  For EBS 11i, migrate to OAM 10g NOTE: Oracle strongly recommends you upgrade to Release 12.1.3 and leverage OAM 11g and EBS AccessGate 15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 16. Single Sign-On with Oracle E-Business Suite 16 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 17. Oracle Access Manager 11g §  Oracle Access Manager (OAM) 11g is Oracle’s recommended single sign-on solution §  Supports E-Business Suite, Fusion Middleware, OracleAS products, Fusion Applications, and more §  Offers two styles of integration: WebGate and mod_osso Overview of Single Sign-On Integration Options for Oracle E-Business Suite, Note 1388152.1 Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR1 (11.1.1.5), Note 1309013.1 17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 18. Authentication vs. Authorization Authentication Authorization Oracle Access Manager Oracle E-Business Suite •  Identifies the user •  Identifies data and actions •  Validates user credentials the user can access •  Checks user responsibilities 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 19. Oracle Access Manager 11g and E-Business Suite AccessGate EBS Oracle AccessGate Internet Directory E-Business Suite Oracle WebGate Access Manager §  EBS AccessGate enables integration with WebGate –  Maps LDAP user to EBS user and complements EBS session management with OAM –  WebGate 10g and WebGate 11g both supported –  Requires Oracle Internet Directory 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 20. Oracle Access Manager 11g and E-Business Suite AccessGate §  External Java EE application installed independently from EBS –  Fewer points of integration = easier to certify new releases –  Insulates EBS instance from user authentication configuration §  EBS AccessGate supports multiple EBS releases as well as multiple OAM releases §  Multiple deployments can be supported with 1 WebGate 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 21. Oracle Access Manager 11g and mod_osso User E-Business Suite OHS / mod_osso §  Support for mod_osso enables fast and easy migration from Oracle Single Sign-On (OSSO) 10g 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 22. Oracle Access Manager 11g and mod_osso §  OAM 11g replaces OSSO 10g server –  Automatically migrate existing partner applications –  No changes needed for existing E-Business Suite installs §  Recommended only for users upgrading from OSSO 10g §  Available for EBS Release 12.0 and 12.1 only 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 23. Integration with Discoverer and Portal E-Business Suite Oracle Discoverer EBS AccessGate User Oracle mod_osso WebGate Access Manager WebGate and mod_osso deployments can be used together to protect applications 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 24. Integration with Discoverer and Portal E-Business Suite Oracle Discoverer EBS AccessGate User Oracle mod_osso WebGate Access Manager If mod_osso detects valid OAM session, user may access resource without resubmitting credentials 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 25. Oracle Internet Directory Integration 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 26. Oracle Internet Directory Integration DBMS_LDAP Oracle E-Business Suite Internet FND_USER Directory DIP §  Oracle Internet Directory and FND_USER must be kept synchronized §  Synchronization events are raised via the Workflow-based Business Event System whenever users are added or modified 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 27. Oracle Internet Directory Supported Synchronization DBMS_LDAP Oracle E-Business Suite Internet FND_USER Directory DIP §  Asynchronous OID to FND_USER using Directory Integration & Provisioning §  Synchronous FND_USER to OID using DBMS_LDAP §  Bi-directional synchronization 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 28. Link Accounts Oracle E-Business Internet Suite Directory (FND_USER) Userid = “Link Account” Userid = “John.Smith” Global Unique Identifier (GUID) “jsmith” §  One-time User Registration –  Done at setup time by system administrator –  Optional: can be done by end-user on first logon (“Link on the fly”) –  Useful when existing accounts in OID or a third-party LDAP directory differ from existing E-Business Suite accounts 28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 29. Link Accounts Oracle E-Business Internet Suite Directory (FND_USER) Userid = “Link Account” Userid = “John.Smith” Global Unique Identifier (GUID) “jsmith” §  GUID = orclguid attribute in OID –  This attribute is used by EBS to guarantee uniqueness –  Dependency on orclguid is why EBS supports direct integration only with OID 29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 30. Link to Multiple EBS Accounts Oracle E-Business Internet Suite Directory (FND_USER) “Link Account” Userid = Userid = “John.Smith” “jsmith” Userid = “testuser1” §  Note: It’s not possible to link multiple OID accounts to the Userid = same EBS account “testuser2” 30 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 31. Access EBS Accounts Using Proxy Users Oracle E-Business Internet Suite Directory (FND_USER) “Link Account” Userid = Userid = “John.Smith” “jsmith” §  Recommended alternative to “multi-link” Userid = “testuser1” –  Grant/revoke proxy privilege to individual users by admin –  Track delegates’ actions within the system for improved security, compliance enforcement Userid = –  Granular control of proxy authority; e.g.: for specific date ranges “testuser2” –  Configure entirely within EBS – no OID changes required 31 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 32. Step-By-Step: Oracle E-Business Suite Single Sign-On Integration 32 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 33. First-Time Login with EBS AccessGate E-Business Suite EBS AccessGate User Oracle Internet Directory WebGate Oracle Access Manager 33 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 34. Login to E-Business Suite via EBS AccessGate E-Business Suite EBS Œ AccessGate User Oracle Internet Directory Œ Unauthenticated to requests access user WebGate Oracle protected EBS resource Access Manager 34 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 35. Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle  Internet Directory  User redirected to EBS by AccessGate, protected WebGate Oracle OAM Access Manager 35 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 36. Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle Internet Ž Directory Ž Per OAM policies, WebGate intercepts WebGate Oracle request Access Manager 36 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 37. Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle  Internet Directory  WebGate connects user to EBS AccessGate to collect WebGate Oracle credentials Access Manager 37 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 38. Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle Internet  Directory  User submits(OAM 11g) orto OAM server credentials WebGate Oracle WebGate (OAM 10) Access Manager 38 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 39. Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User Oracle Internet ‘ Directory ‘ OAM verifiesdirectory and against user credentials WebGate Oracle creates user session Access Manager 39 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 40. Login to E-Business Suite via EBS AccessGate E-Business Suite EBS AccessGate User ’ Oracle Internet Directory ’ OAM securely passes user identifier to EBS WebGate Oracle AccessGate Access Manager 40 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 41. Login to E-Business Suite via EBS AccessGate E-Business Suite “ EBS AccessGate User Oracle Internet Directory “ EBS AccessGate links OID user to EBS user and WebGate Oracle creates ICX session Access Manager 41 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 42. Login to E-Business Suite via EBS AccessGate E-Business Suite ” EBS AccessGate User Oracle Internet Directory ” User redirected to original EBS URL with session, and WebGate Oracle resource returned to browser Access Manager 42 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 43. Third-Party Identity Management Integrations 43 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 44. Third-Party Single Sign-On Integration EBS Application Server … delegates user authentication to … Oracle Access Manager … delegates user authentication to … Third-Party SSO 44 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 45. Third-Party SSO Interoperability Many ways to work with third-party SSO engines §  Oracle Access Manager 11g –  Windows Native Authentication via Kerberos, X.509 –  PKI X.509v3 Digital Certificates –  Other SSO systems via custom AccessGates with Access SDK §  Oracle Enterprise SSO Suite Plus 11g –  Biometric and smartcard systems §  Oracle Identity Federation 11g –  SAML, WS-Federation, Liberty Alliance –  Support CA Netegrity, IBM Tivoli, etc. 45 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 46. Integration with Third-Party LDAP If you have an existing third-party LDAP… Third-Party LDAP … synchronizes user attributes with … Oracle Internet Directory … synchronizes user attributes with … E-Business Suite Database (FND_USER) 46 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 47. Integration with Third-Party LDAP Server Chaining §  New feature in OID 11g –  Map entries in third party LDAP directories to part of the directory tree and access through OID without synchronization –  Replaces external authentication plug-ins from OID 10g §  Third-party directories certified with Oracle Access Manager –  Microsoft Active Directory §  Does not support Active Directory Lightweight Directory Service –  Sun Java System Directory (SunONE iPlanet) –  Oracle Directory Server Enterprise Edition (formerly Sun) –  Novell eDirectory 47 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 48. Passwords Stored in Third-Party LDAP Third-Party Oracle E-Business LDAP Internet Database (optional) Directory (FND_USER) User Password X User Password X User Password §  Third-party LDAP –  Handles user authentication, usually with a third-party authentication solution –  Commonly considered “Master” source-of-truth §  Oracle Internet Directory and E-Business Suite take minimal copies of master user definition -- excluding passwords §  E-Business Suite doesn’t maintain user passwords in this configuration 48 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 49. Step-By-Step: Oracle E-Business Suite and Third Party Identity Management Integrations 49 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 50. Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database (FND_USER) End User Oracle Access Manager * EBS Application Server / EBS AccessGate * WebGate not shown. 50 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 51. Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database End Œ (FND_USER) User Oracle Access Manager EBS Application Server / Œ User provides credentials to third-party single sign-on system. EBS AccessGate 51 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 52. Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet  Directory EBS Database (FND_USER) End User Oracle Access Manager EBS Application Server /  Third-party single sign-onLDAP for credentials to third-party sends user’s EBS AccessGate authentication. 52 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 53. Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database End Ž (FND_USER) User Oracle Access Manager EBS Application Server / Ž Third-party single sign-on providessecurity authenticated user with third-party EBS AccessGate token. 53 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 54. Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database (FND_USER) End User Oracle Access Manager EBS Application Server /  User attempts to access EBS, and is redirected to  EBS AccessGate EBS AccessGate and OAM. 54 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 55. Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database (FND_USER) End User Oracle Access Manager  EBS Application Server /  OAM recognizes the third-partyreturns OID token, then issues its own and security EBS AccessGate user to EBS AccessGate. 55 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 56. Third-Party Integration Architecture Third-Party Third-Party LDAP Oracle SSO Internet Directory EBS Database (FND_USER) End User Oracle Access Manager EBS Application Server / ‘ EBS AccessGate recognizes the OAM session, maps the OID user ‘ EBS AccessGate to an EBS user and returns the resource. 56 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 57. Case Studies 57 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 58. Case Study Logical Server Topology User §  One server per server type –  E-Business Application Server EBS Oracle –  EBS AccessGate Server AccessGate Internet Directory –  Oracle Internet Directory Server E-Business –  Oracle Access Manager Server Suite Oracle WebGate Access Manager 58 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 59. Case Study Physical Server Topology §  Logical Servers may be combined EBS Application Server - EBS Instance §  Example: - EBS AccessGate –  One physical server for E-Business Suite and EBS AccessGate –  One physical server for Fusion Middleware components – WebGate, Oracle Access Manager and Oracle Internet Directory Fusion Middleware Server -Web Server with WebGate -Oracle Access Manager -Oracle Internet Directory 59 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 60. Case Study Physical Server Topology §  Combine logical servers EBS Application Server - EBS Instance §  Scales easily - EBS AccessGate §  Increases to Fusion Middleware footprint not required §  Supports multiple E-Business Suite Instances with EBS AccessGate Fusion Middleware Server -Web Server with WebGate -Oracle Access Manager -Oracle Internet Directory 60 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 61. Case Study Physical Server Topology §  Combine logical servers EBS Application Server 1 EBS Application Server 2 - EBS Instance 1 - EBS Instance 2 §  Scales easily - EBS AccessGate 1 - EBS Access Gate 2 §  Increases to Fusion Middleware footprint not required §  Supports multiple E-Business Suite Instances with EBS AccessGate Fusion Middleware Server -Web Server with WebGate -Oracle Access Manager -Oracle Internet Directory 61 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 62. Case Study Integration with Active Directory & Kerberos Microsoft Windows Microsoft Native Authentication Active via Kerberos Directory Oracle Internet Directory End EBS User Database Oracle (FND_USER) Access Manager E-Business Suite Application Server EBS AccessGate 62 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 63. Case Study Company Intranet DMZ 1 DMZ 2 External Internal Users Users WebGate FMW OID Repository OAM Internet Reverse Server Proxy External EBS EBS Database Internal EBS App Server + App Server + Firewall Firewall EBS AccessGate Firewall EBS AccessGate 63 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 64. E-Business Suite Single Sign-On Integration Roadmap 64 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 65. Roadmap Single Sign-On §  Certify with Oracle Access Manager 11.1.2 –  Simplify documentation –  Certify DMZ configurations with the Detached Credential Collector 65 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 66. Certify with Oracle Access Manager 11.1.2 Roadmap §  Oracle E-Business Suite Release 12 will use the Oracle Access Manager 11gR2 global login page 66 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 67. Certify with Oracle Access Manager 11.1.2 Roadmap §  Oracle E-Business Suite Release 12 will use the Oracle Access Manager 11gR2 global login page 67 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 68. Certify with Oracle Access Manager 11.1.2 Roadmap §  Oracle E-Business Suite Release 12 will use the Oracle Access Manager 11gR2 global login page §  Custom login pages configured from Oracle Access Manager only 68 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 69. Roadmap Single Sign-On §  Certify with Oracle Access Manager 11.1.2 –  Simplify documentation –  Certify DMZ configurations with the Detached Credential Collector –  Utilize default OAM login page §  Simplify Deployment and Configuration §  Provide Advanced Diagnostics §  Provide separate authentication for external vs. internal users 69 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 70. Authentication for External and Internal Users Existing Solution http://jobs.company.com http://intranet.mycompany.com External User Internal User External Internal EBS EBS Application Application Server Server Internet Intranet 70 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 71. Authentication for External and Internal Users Existing Solution http://jobs.company.com http://intranet.mycompany.com External User Internal User 71 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 72. Authentication for External and Internal Users Roadmap http://jobs.company.com http://myintranet.mycompany.com External User Internal User External Internal EBS EBS Application Application Server Server Internet Internet Intranet 72 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 73. Authentication for External and Internal Users Roadmap http://jobs.company.com http://intranet.mycompany.com External User 73 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 74. References 74 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 75. References My Oracle Support Note ID Title 1388152.1 Overview of Single Sign-On Integration Options for Oracle E-Business Suite 1309013.1 Integrating EBS with Oracle Access Manager 11g Using Oracle E-Business Suite AccessGate 1304550.1 Migrating Oracle Single Sign-On 10gR3 to Oracle Access Manager 11gR1 with Oracle E-Business Suite 975182.1 Integrating EBS with Oracle Access Manager 10g Using Oracle E-Business Suite AccessGate 876539.1 Using the Latest Oracle Internet Directory 11gR1 Patchset with Single Sign-On and EBS 75 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 76. E-Business Suite Technology Stack Blog blogs.oracle.com/stevenChan •  Direct from EBS Development •  Latest news •  Certification announcements •  Primers, FAQs, tips •  Desupport reminders •  Latest upgrade recommendations •  Statements of Direction •  Subscribe via email or RSS 76 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 77. References E-Business Suite Technology Blog §  Understanding Options for Integrating Oracle Access Manager with E- Business Suite §  Oracle Access Manager 11.1.1.5 Certified with E-Business Suite 12 §  Why Does EBS Integration with Oracle Access Manager Require Oracle Internet Directory? §  Oracle Internet Directory 11gR1 11.1.1.5 Certified with E-Business Suite §  In-Depth: Using Third-Party Identity Managers with E-Business Suite Release 12 77 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 78. Q&A 78 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 79. Graphic Section Divider 79 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 80. 80 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 81. 81 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.