1 Introduction to this Book

1.1 Chapter 2: Introduction to the Access SDK and API

Oracle Access Manager 11g provides a pure Java software developer kit (SDK) for the creation of custom Access Clients and extensions of Oracle Access Manager 11g authentication and authorization functionality and custom tokens. Oracle Access Manager 11g also provides backward compatibility with the Oracle Access Manager 10g JNI SDK, which can be migrated and used with Oracle Access Manager 11g.

Chapter 2 provides the following sections:

• Section 2.1, "Introduction to the Access SDK"

• Section 2.2, "Locating Access SDK Packages and Resources"

• Section 2.3, "Uses, Functionality, and New Features"

• Section 2.4, "Messages, Exceptions and Logging"

• Section 2.5, "Configuring and Deploying Access Clients"

• Section 2.6, "Developing Access Clients"

• Section 2.7, "Building and Deploying an Access Client Program"

• Section 2.8, "Compatibility: 11g versus 10g Access SDK and APIs"

• Section 2.9, "Migrating Earlier Applications or Converting Your Code"

• Section 2.10, "Best Practices"

1.2 Chapter 3: Creating Custom Authentication Plug-ins

The OAM Server uses both authentication and authorization controls to limit access to the resources that it protects. Authentication is governed by specific authenticating schemes, which rely on one or more plug-ins that test the credentials provided by a user when he or she tries to access a resource. The plug-ins can be taken from a standard set provided with OAM Server installation, or custom plug-ins created by your own Java developers.

Chapter 3 provides the following sections:

• Section 3.1, "Introduction to Authentication Plug-ins"

• Section 3.2, "Introduction to Plug-in Interfaces"

• Section 3.3, "Sample Code: Custom Database User Authentication Plug-in"

• Section 3.4, "Developing an Authentication Plug-in"

• Section 3.5, "Adding Custom Plug-ins"

• Section 3.6, "Creating a Custom Authentication Module for Custom Plug-ins"

• Section 3.7, "Creating Authentication Schemes with Custom Authentication Modules"

• Section 3.8, "Configuring Logging for Custom Plug-ins"

1.3 Chapter 4: Writing Oracle Security Token Service Module Classes

When Oracle Security Token Service does not support the token that you want to validate or issue out-of-the-box, you can write your own validation and issuance module classes. One of the following two (validation or issuance class) is required for custom tokens:

• Custom validation class uses Oracle Security Token Service to validate a custom token

• Custom issuance class enables Oracle Security Token Service to issue a custom token

Chapter 4 discusses Oracle Access Manager 11g and Oracle Security Token Service custom token options. It includes the following sections:

• Section 4.1, "Introduction to Oracle Security Token Service Custom Token Module Classes"

• Section 4.2, "Writing a TokenValidatorModule Class"

• Section 4.3, "Writing a TokenIssuanceModule Class"

• Section 4.4, "Making Custom Classes Available"

• Section 4.5, "Managing a Custom Oracle Security Token Service Configuration"

1.4 Introduction to Java API References

Specific Java API reference details for this release are provided the following publications:

• Oracle Access Manager Access SDK Java API Reference

• Oracle Access Manager Extensibility Java API Reference

• Oracle Security Token Service Java API Reference