Contenu connexe
Similaire à Ebs idm con9020_pdf_9020_0001 (20)
Ebs idm con9020_pdf_9020_0001
- 1. 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 2. Integrating Oracle E-
Business Suite with Oracle
Identity Management
Solutions
Sunil Ghosh, Group Manager
Elke Phelps, Sr. Principal Product Manager
2 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 3. Safe Harbor Statement
The following is intended to outline our general product
direction. It is intended for information purposes only, and
may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality,
and should not be relied upon in making purchasing decision.
The development, release, and timing of any features or
functionality described for Oracle’s products remains at the
sole discretion of Oracle.
3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 4. § Oracle E-Business Suite and Oracle Identity Management
Integrations
§ Support Time Line and Action Plans
Program § Single Sign-On with Oracle E-Business Suite
Agenda § Oracle Internet Directory Integration
§ Step-by-Step: Oracle E-Business Suite and Single Sign-On
Integration
§ Oracle E-Business and Third-Party Identity Management
Integrations
§ Step-by-Step: Oracle E-Business and Third-Party Identity
Management Integration
§ Oracle E-Business Suite Single Sign-On Integration
Roadmap
4 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 5. Oracle E-Business Suite and
Oracle Identity Management
Integrations
5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 6. Manage Users in Oracle Internet Directory
DBMS_LDAP
Oracle
Internet E-Business Suite
Directory FND_USER
DIP
§ Synchronize user credentials bi-directionally between Oracle Internet Directory and
E-Business Suite
§ Set master “source of truth” as OID, EBS, or both
§ Manage user provisioning via powerful OID Directory Integration & Provisioning
(DIP) templates
§ Link an OID userid with one or more EBS userids “on-the-fly”
6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 7. Enable Single Sign-On with Oracle Access Manager
EBS Oracle
AccessGate Internet
Directory
E-Business
Suite
Oracle
WebGate Access
Manager
§ Protect E-Business Suite instances with Oracle Access Manager WebGate
§ Single sign-on provides access to all registered partner applications, including EBS
§ Log off any one partner application to log off all of them
§ Support complex third-party single sign-on architectures
7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 8. Manage Users in Oracle Identity Manager
OID E-Business
Suite
Oracle LDAP
LDAP Identity
Manager
§ Use Oracle Identity Manager as a provisioning hub with third-party user directories
and applications
§ Connectors available for OID, E-Business Suite’s FND_USER and HRMS directories,
and many more
8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 9. Add Layered Access Security with Oracle Adaptive
Access Manager (OAAM)
EBS Oracle Oracle
AccessGate Internet Identity
Directory Manager
E-Business
Suite
Oracle Oracle
Access Adaptive
WebGate Manager Access
Manager
§ Require additional protection through device fingerprinting and other contextual data
§ Add secure and highly usable self-service password management
§ Features are transparent to E-Business Suite
9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 10. Extend Single Sign-On with Oracle Identity
Federation
EBS Oracle
AccessGate Internet
Directory
Oracle Remote
E-Business Access
Suite Identity
Manager OIF
Service Provider
Provider
WebGate
§ Integrate E-Business Suite into federated network
§ Delegate authentication to OIF to enable access through remote identity providers
§ Features are transparent to E-Business Suite
10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 11. Other Identity Management Certifications
Product Latest Versions for EBS
Oracle Access Manager 11.1.1.5
Oracle Identity Manager 11.1.1.5
Oracle Identity Federation 11.1.1.6
Oracle Adaptive Access Manager 11.1.1.5
Oracle Enterprise Single Sign-On Suite Plus 11.1.1.5
All certifications here are performed by Fusion Middleware product teams.
11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 12. Support Time Line and
Action Plans
12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 13. Oracle E-Business Suite Support Dates
Release Premier Support Ends Extended Support Ends Minimum Baseline
11i (11.5.10) November 2013
November 2010 MOS Doc ID 883202.1
December 2014*
12.0 January 2012 January 2015 MOS Doc ID 1195034.1
Key
12.1 May 2014 May 2017 MOS Doc ID 1195034.1
*Exception to Extended Support
Some OAM integration requirements may supersede this minimum baseline.
Lifetime Support Information:
http://www.oracle.com/us/support/lifetime-support/index.html
13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 14. Oracle Identity Management Support Dates
Release Premier Support Ends Extended Support Ends
Oracle Single Sign-On 10g December 2011 December 2012*
Oracle Internet Directory 10g December 2011 Not available
Oracle Internet Directory 11g June 2015 June 2017
Oracle Access Manager 10g Key
December 2013 Not available
Oracle Access Manager 11g June 2015 June 2017
* Limited Extended Support to December 2012
Lifetime Support Information:
http://www.oracle.com/us/support/lifetime-support/index.html
14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 15. Action Plan for Oracle E-Business Suite Users
Oracle Internet Directory 10g and Oracle Single Sign-On 10g
§ Extended Support ends this year
– Oracle Single Sign-On (OSSO)10g extended support ends December
2012 è Deploy Oracle Access Manager
§ Upgrade path for OID
– OID 10g è OID 11g (11.1.1.6 latest certified)
§ Migration path for OSSO
– For EBS 12.0 or 12.1, OSSO 10g è OAM 11g with mod_osso
– For EBS 11i, migrate to OAM 10g
NOTE: Oracle strongly recommends you upgrade to Release 12.1.3
and leverage OAM 11g and EBS AccessGate
15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 17. Oracle Access Manager 11g
§ Oracle Access Manager (OAM) 11g is Oracle’s
recommended single sign-on solution
§ Supports E-Business Suite, Fusion Middleware,
OracleAS products, Fusion Applications, and more
§ Offers two styles of integration: WebGate and mod_osso
Overview of Single Sign-On Integration Options for Oracle E-Business Suite, Note 1388152.1
Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR1 (11.1.1.5), Note 1309013.1
17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 18. Authentication vs. Authorization
Authentication Authorization
Oracle Access Manager Oracle E-Business Suite
• Identifies the user • Identifies data and actions
• Validates user credentials the user can access
• Checks user
responsibilities
18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 19. Oracle Access Manager 11g and E-Business
Suite AccessGate
EBS Oracle
AccessGate Internet
Directory
E-Business
Suite
Oracle
WebGate
Access
Manager
§ EBS AccessGate enables integration with WebGate
– Maps LDAP user to EBS user and complements EBS session management with OAM
– WebGate 10g and WebGate 11g both supported
– Requires Oracle Internet Directory
19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 20. Oracle Access Manager 11g and E-Business
Suite AccessGate
§ External Java EE application installed independently
from EBS
– Fewer points of integration = easier to certify new releases
– Insulates EBS instance from user authentication configuration
§ EBS AccessGate supports multiple EBS releases as well
as multiple OAM releases
§ Multiple deployments can be supported with 1 WebGate
20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 21. Oracle Access Manager 11g and mod_osso
User E-Business Suite
OHS / mod_osso
§ Support for mod_osso enables fast and easy migration from Oracle Single
Sign-On (OSSO) 10g
21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 22. Oracle Access Manager 11g and mod_osso
§ OAM 11g replaces OSSO 10g server
– Automatically migrate existing partner applications
– No changes needed for existing E-Business Suite installs
§ Recommended only for users upgrading from OSSO 10g
§ Available for EBS Release 12.0 and 12.1 only
22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 23. Integration with Discoverer and Portal
E-Business
Suite
Oracle
Discoverer EBS
AccessGate
User
Oracle
mod_osso WebGate
Access
Manager
WebGate and mod_osso deployments can
be used together to protect applications
23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 24. Integration with Discoverer and Portal
E-Business
Suite
Oracle
Discoverer EBS
AccessGate
User
Oracle
mod_osso WebGate
Access
Manager
If mod_osso detects valid OAM session, user may
access resource without resubmitting credentials
24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 26. Oracle Internet Directory Integration
DBMS_LDAP
Oracle E-Business Suite
Internet FND_USER
Directory
DIP
§ Oracle Internet Directory and FND_USER must be kept synchronized
§ Synchronization events are raised via the Workflow-based Business
Event System whenever users are added or modified
26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 27. Oracle Internet Directory Supported Synchronization
DBMS_LDAP
Oracle E-Business Suite
Internet FND_USER
Directory
DIP
§ Asynchronous OID to FND_USER using Directory Integration & Provisioning
§ Synchronous FND_USER to OID using DBMS_LDAP
§ Bi-directional synchronization
27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 28. Link Accounts
Oracle E-Business
Internet Suite
Directory (FND_USER)
Userid =
“Link Account” Userid =
“John.Smith” Global Unique Identifier (GUID) “jsmith”
§ One-time User Registration
– Done at setup time by system administrator
– Optional: can be done by end-user on first logon (“Link on the fly”)
– Useful when existing accounts in OID or a third-party LDAP directory
differ from existing E-Business Suite accounts
28 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 29. Link Accounts
Oracle E-Business
Internet Suite
Directory (FND_USER)
Userid =
“Link Account” Userid =
“John.Smith” Global Unique Identifier (GUID) “jsmith”
§ GUID = orclguid attribute in OID
– This attribute is used by EBS to guarantee uniqueness
– Dependency on orclguid is why EBS supports direct integration only with OID
29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 30. Link to Multiple EBS Accounts
Oracle E-Business
Internet Suite
Directory (FND_USER)
“Link Account” Userid =
Userid =
“John.Smith” “jsmith”
Userid =
“testuser1”
§ Note: It’s not possible to link
multiple OID accounts to the Userid =
same EBS account “testuser2”
30 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 31. Access EBS Accounts Using Proxy Users
Oracle E-Business
Internet Suite
Directory (FND_USER)
“Link Account” Userid =
Userid =
“John.Smith” “jsmith”
§ Recommended alternative to “multi-link” Userid =
“testuser1”
– Grant/revoke proxy privilege to individual users by admin
– Track delegates’ actions within the system for improved security,
compliance enforcement Userid =
– Granular control of proxy authority; e.g.: for specific date ranges “testuser2”
– Configure entirely within EBS – no OID changes required
31 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 33. First-Time Login with EBS AccessGate
E-Business
Suite
EBS
AccessGate
User Oracle
Internet
Directory
WebGate
Oracle
Access
Manager
33 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 34. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
EBS
Œ AccessGate
User Oracle
Internet
Directory
Œ Unauthenticated to
requests access
user WebGate
Oracle
protected EBS resource Access
Manager
34 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 35. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
EBS
AccessGate
User Oracle
Internet
Directory
User redirected to EBS by
AccessGate, protected
WebGate
Oracle
OAM Access
Manager
35 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 36. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
EBS
AccessGate
User Oracle
Internet
Ž Directory
Ž Per OAM policies,
WebGate intercepts
WebGate
Oracle
request Access
Manager
36 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 37. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
EBS
AccessGate
User Oracle
Internet
Directory
WebGate connects user to
EBS AccessGate to collect
WebGate
Oracle
credentials Access
Manager
37 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 38. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
EBS
AccessGate
User Oracle
Internet
Directory
User submits(OAM 11g) orto
OAM server
credentials WebGate
Oracle
WebGate (OAM 10) Access
Manager
38 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 39. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
EBS
AccessGate
User Oracle
Internet
‘ Directory
‘ OAM verifiesdirectory and
against user
credentials WebGate
Oracle
creates user session Access
Manager
39 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 40. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
EBS
AccessGate
User ’ Oracle
Internet
Directory
’ OAM securely passes user
identifier to EBS
WebGate
Oracle
AccessGate Access
Manager
40 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 41. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
“ EBS
AccessGate
User Oracle
Internet
Directory
“ EBS AccessGate links OID
user to EBS user and
WebGate
Oracle
creates ICX session Access
Manager
41 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 42. Login to E-Business Suite via EBS AccessGate
E-Business
Suite
” EBS
AccessGate
User Oracle
Internet
Directory
” User redirected to original
EBS URL with session, and
WebGate
Oracle
resource returned to browser Access
Manager
42 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 44. Third-Party Single Sign-On Integration
EBS
Application
Server
… delegates user authentication to …
Oracle
Access
Manager
… delegates user authentication to …
Third-Party
SSO
44 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 45. Third-Party SSO Interoperability
Many ways to work with third-party SSO engines
§ Oracle Access Manager 11g
– Windows Native Authentication via Kerberos, X.509
– PKI X.509v3 Digital Certificates
– Other SSO systems via custom AccessGates with Access
SDK
§ Oracle Enterprise SSO Suite Plus 11g
– Biometric and smartcard systems
§ Oracle Identity Federation 11g
– SAML, WS-Federation, Liberty Alliance
– Support CA Netegrity, IBM Tivoli, etc.
45 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 46. Integration with Third-Party LDAP
If you have an existing third-party LDAP…
Third-Party
LDAP
… synchronizes user attributes with …
Oracle
Internet
Directory
… synchronizes user attributes with …
E-Business
Suite Database
(FND_USER)
46 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 47. Integration with Third-Party LDAP
Server Chaining
§ New feature in OID 11g
– Map entries in third party LDAP directories to part of the directory tree
and access through OID without synchronization
– Replaces external authentication plug-ins from OID 10g
§ Third-party directories certified with Oracle Access Manager
– Microsoft Active Directory
§ Does not support Active Directory Lightweight Directory Service
– Sun Java System Directory (SunONE iPlanet)
– Oracle Directory Server Enterprise Edition (formerly Sun)
– Novell eDirectory
47 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 48. Passwords Stored in Third-Party LDAP
Third-Party Oracle E-Business
LDAP Internet Database
(optional) Directory (FND_USER)
User Password
X
User Password
X
User Password
§ Third-party LDAP
– Handles user authentication, usually with a third-party authentication solution
– Commonly considered “Master” source-of-truth
§ Oracle Internet Directory and E-Business Suite take minimal copies of
master user definition -- excluding passwords
§ E-Business Suite doesn’t maintain user passwords in this configuration
48 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 50. Third-Party Integration Architecture
Third-Party
Third-Party LDAP Oracle
SSO Internet
Directory
EBS
Database
(FND_USER)
End
User
Oracle
Access
Manager *
EBS Application Server /
EBS AccessGate
* WebGate not shown.
50 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 51. Third-Party Integration Architecture
Third-Party
Third-Party LDAP Oracle
SSO Internet
Directory
EBS
Database
End Œ (FND_USER)
User
Oracle
Access
Manager
EBS Application Server /
Œ User provides credentials to third-party
single sign-on system.
EBS AccessGate
51 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 52. Third-Party Integration Architecture
Third-Party
Third-Party LDAP Oracle
SSO Internet
Directory
EBS
Database
(FND_USER)
End
User
Oracle
Access
Manager
EBS Application Server /
Third-party single sign-onLDAP for
credentials to third-party
sends user’s EBS AccessGate
authentication.
52 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 53. Third-Party Integration Architecture
Third-Party
Third-Party LDAP Oracle
SSO Internet
Directory
EBS
Database
End Ž (FND_USER)
User
Oracle
Access
Manager
EBS Application Server /
Ž Third-party single sign-on providessecurity
authenticated user with third-party
EBS AccessGate
token.
53 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 54. Third-Party Integration Architecture
Third-Party
Third-Party LDAP Oracle
SSO Internet
Directory
EBS
Database
(FND_USER)
End
User
Oracle
Access
Manager
EBS Application Server /
User attempts to access
EBS, and is redirected to EBS AccessGate
EBS AccessGate and OAM.
54 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 55. Third-Party Integration Architecture
Third-Party
Third-Party LDAP Oracle
SSO Internet
Directory
EBS
Database
(FND_USER)
End
User
Oracle
Access
Manager
EBS Application Server /
OAM recognizes the third-partyreturns OID
token, then issues its own and
security EBS AccessGate
user to EBS AccessGate.
55 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 56. Third-Party Integration Architecture
Third-Party
Third-Party LDAP Oracle
SSO Internet
Directory
EBS
Database
(FND_USER)
End
User
Oracle
Access
Manager
EBS Application Server /
‘ EBS AccessGate recognizes the
OAM session, maps the OID user ‘ EBS AccessGate
to an EBS user and returns the resource.
56 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 57. Case Studies
57 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 58. Case Study
Logical Server Topology User
§ One server per server type
– E-Business Application Server
EBS Oracle
– EBS AccessGate Server AccessGate Internet
Directory
– Oracle Internet Directory Server
E-Business
– Oracle Access Manager Server Suite
Oracle
WebGate Access
Manager
58 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 59. Case Study
Physical Server Topology
§ Logical Servers may be combined EBS Application Server
- EBS Instance
§ Example: - EBS AccessGate
– One physical server for
E-Business Suite and EBS
AccessGate
– One physical server for Fusion
Middleware components – WebGate,
Oracle Access Manager and Oracle
Internet Directory Fusion Middleware Server
-Web Server with WebGate
-Oracle Access Manager
-Oracle Internet Directory
59 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 60. Case Study
Physical Server Topology
§ Combine logical servers EBS Application Server
- EBS Instance
§ Scales easily - EBS AccessGate
§ Increases to Fusion Middleware
footprint not required
§ Supports multiple E-Business
Suite Instances with EBS
AccessGate Fusion Middleware Server
-Web Server with WebGate
-Oracle Access Manager
-Oracle Internet Directory
60 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 61. Case Study
Physical Server Topology
§ Combine logical servers EBS Application Server 1 EBS Application Server 2
- EBS Instance 1 - EBS Instance 2
§ Scales easily - EBS AccessGate 1 - EBS Access Gate 2
§ Increases to Fusion Middleware
footprint not required
§ Supports multiple E-Business
Suite Instances with EBS
AccessGate Fusion Middleware Server
-Web Server with WebGate
-Oracle Access Manager
-Oracle Internet Directory
61 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 62. Case Study
Integration with Active Directory & Kerberos
Microsoft Windows Microsoft
Native Authentication Active
via Kerberos Directory
Oracle
Internet
Directory
End EBS
User Database
Oracle (FND_USER)
Access
Manager E-Business Suite Application Server
EBS AccessGate
62 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 63. Case Study Company
Intranet
DMZ 1 DMZ 2
External Internal Users
Users
WebGate
FMW
OID Repository
OAM
Internet Reverse Server
Proxy
External EBS EBS Database Internal EBS
App Server + App Server +
Firewall Firewall EBS AccessGate Firewall EBS AccessGate
63 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 65. Roadmap
Single Sign-On
§ Certify with Oracle Access Manager 11.1.2
– Simplify documentation
– Certify DMZ configurations with the Detached Credential
Collector
65 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 66. Certify with Oracle Access Manager 11.1.2
Roadmap
§ Oracle E-Business Suite
Release 12 will use the Oracle
Access Manager 11gR2 global
login page
66 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 67. Certify with Oracle Access Manager 11.1.2
Roadmap
§ Oracle E-Business Suite
Release 12 will use the Oracle
Access Manager 11gR2 global
login page
67 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 68. Certify with Oracle Access Manager 11.1.2
Roadmap
§ Oracle E-Business Suite
Release 12 will use the Oracle
Access Manager 11gR2 global
login page
§ Custom login pages configured
from Oracle Access Manager
only
68 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 69. Roadmap
Single Sign-On
§ Certify with Oracle Access Manager 11.1.2
– Simplify documentation
– Certify DMZ configurations with the Detached Credential Collector
– Utilize default OAM login page
§ Simplify Deployment and Configuration
§ Provide Advanced Diagnostics
§ Provide separate authentication for external vs. internal
users
69 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 70. Authentication for External and Internal Users
Existing Solution
http://jobs.company.com http://intranet.mycompany.com
External User Internal User
External Internal
EBS EBS
Application Application
Server Server
Internet Intranet
70 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 71. Authentication for External and Internal Users
Existing Solution
http://jobs.company.com http://intranet.mycompany.com
External User Internal User
71 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 72. Authentication for External and Internal Users
Roadmap
http://jobs.company.com http://myintranet.mycompany.com
External User Internal User
External Internal
EBS EBS
Application Application
Server Server
Internet Internet Intranet
72 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 73. Authentication for External and Internal Users
Roadmap
http://jobs.company.com http://intranet.mycompany.com
External User
73 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 74. References
74 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 75. References
My Oracle Support
Note ID Title
1388152.1 Overview of Single Sign-On Integration Options for Oracle E-Business Suite
1309013.1 Integrating EBS with Oracle Access Manager 11g Using Oracle E-Business
Suite AccessGate
1304550.1 Migrating Oracle Single Sign-On 10gR3 to Oracle Access Manager 11gR1 with
Oracle E-Business Suite
975182.1 Integrating EBS with Oracle Access Manager 10g Using Oracle E-Business
Suite AccessGate
876539.1 Using the Latest Oracle Internet Directory 11gR1 Patchset with Single Sign-On
and EBS
75 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 76. E-Business Suite Technology Stack Blog
blogs.oracle.com/stevenChan
• Direct from EBS Development
• Latest news
• Certification announcements
• Primers, FAQs, tips
• Desupport reminders
• Latest upgrade recommendations
• Statements of Direction
• Subscribe via email or RSS
76 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 77. References
E-Business Suite Technology Blog
§ Understanding Options for Integrating Oracle Access Manager with E-
Business Suite
§ Oracle Access Manager 11.1.1.5 Certified with E-Business Suite 12
§ Why Does EBS Integration with Oracle Access Manager Require Oracle
Internet Directory?
§ Oracle Internet Directory 11gR1 11.1.1.5 Certified with E-Business Suite
§ In-Depth: Using Third-Party Identity Managers with E-Business Suite
Release 12
77 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 78. Q&A
78 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 80. 80 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 81. 81 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.