Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service
11
g
Release 1 (11.1.1)
Part Number E15478-06
Home
Book List
Contents
Index
Master Index
Contact Us
Previous
Next
PDF
·
Mobi
·
ePub
List of Tables
1-1 Deployment Types
1-2 Enhancements in Oracle Access Manager 11g
1-3 OAM 10g Functionality Not Available with Oracle Access Manager 11g
1-4 Comparison: OAM 11g versus OAM 10g versus OSSO 10g
1-5 Oracle Security Token Service Terms
1-6 Oracle Security Token Service 11g Infrastructure
1-7 Integrated Oracle Web Services Manager
2-1 OAM 11g Co-existence Summary
3-1 Role Mapping from an LDAP Group to Administrator
3-2 Welcome Page and Shortcuts
3-3 Function Tabs and Descriptions
3-4 Command Buttons in the Tool Bar
3-5 View Menu Command Descriptions
3-6 System Configuration, Actions Menu, Command Descriptions
3-7 Controls for Open Pages
3-8 Page Elements and Descriptions
3-9 Selection Tasks and Controls
3-10 Policy Configuration Subtabs
3-11 Policy Configuration Search Controls
3-12 Common System Configuration Search Controls
4-1 Common Configuration Nodes in Navigation Tree
4-2 Common Settings
4-3 Common Coherence Settings
5-1 Oracle Access Manager 11g, 10g, and OSSO Key Comparison
5-2 User Identity Store Elements
6-1 Summary: Server-side Differences with OAM 11g versus OAM 1g versus OSSO 10g
6-2 OAM Server Instance Settings
6-3 OAM Proxy Settings for an Individual OAM Server
6-4 Default Coherence Settings for Individual OAM Servers
7-1 Common Session Settings
7-2 Session Management Controls and the Results Table
8-1 Access Manager Settings
8-2 Access Manager Settings: Load Balancer
8-3 External Error Codes, Trigger Conditions, and Recommended Messages
8-4 Access Manager Settings: SSO
8-5 Summary: Simple and Cert Mode
8-6 Server Common OAM Proxy Secure Communication Settings
8-7 Policy Evaluation Caches
8-8 Kerberos Authentication Module Definition
8-9 LDAP Authentication Module Definition
8-10 X509 Authentication Module Definition
8-11 Add New Step Entries, Steps Results Table, and Details Section
8-12 Steps Orchestration Subtab
8-13 X509 Step Details: Attributes to Extract from a Certificate
9-1 Agents for OAM 11g
9-2 Comparing Agent Types and Differences
9-3 Comparing IAMSuiteAgent and 11g and 10g Webgates
9-4 Create Pages for OAM 10g and 11g Webgates
9-5 Expanded OAM 11g and 10g Webgate Elements and Defaults
9-6 User-Defined Webgate Parameters
9-7 OAM Agent Search Controls
9-8 Webgate Caches
9-9 Create OSSO Agent Page Elements
9-10 Expanded OSSO Agent Elements
10-1 Remote Registration Request Files
10-2 Remote Registration Sample Commands
10-3 Results of Remote Registration
10-4 Elements Common to Remote Registration Requests
10-5 OSSO-Specific Elements in a Remote Registration Request
10-6 Elements Common to Full Remote Registration Requests
10-7 Variables Required for Remote Registration
10-8 Remote Agent and Policy Updates
10-9 Remote Application Domain Management Modes
10-10 <rregApplicationDomain> Remote Management Template Elements
11-1 Comparing OAM 11g Policy Model with OAM 10g
11-2 Host Identifiers Examples
11-3 OAM 11g SSO versus OSSO 10g Component Summary
11-4 SSO Cookies
12-1 Resource Type Definition
12-2 Host Identifier Definition
12-3 Authentication Scheme Definition
12-4 Pre-configured Authentication Schemes
12-5 Challenge Parameters in Pre-configured Schemes
12-6 Challenge Parameters for Encrypted Cookies
13-1 Resource Definition Elements
13-2 HTTP Resources Sample URL Values
13-3 Resource URLs for.jsp
13-4 Resource Evaluation Outcomes
13-5 Search Elements for a Resource in an Application Domain
13-6 Authentication Policy Elements and Descriptions
13-7 Authorization Policy Elements and Descriptions
13-8 Response Elements
13-9 Namespace Request Variables for Single Sign-On
13-10 Namespace Session Variables for Single Sign-On
13-11 Namespace User Variables
13-12 Simple Responses and Descriptions
13-13 Complex Responses
13-14 Authorization Policy General Details
13-15 Add Constraint Window Elements
13-16 Identity Class Constraint Details
13-17 Temporal Constraint Class Details
14-1 User Interactions Using Tester Console Mode versus Command Line Mode Operations
14-2 Access Tester Supported System Properties
14-3 Access Tester Console Panels
14-4 Command Buttons in Access Tester Panels
14-5 Additional Access Tester Buttons
14-6 Access Tester Menus
14-7 Connection Panel Information
14-8 Protected Resource URI Panel Fields and Controls
14-9 Access Tester User Identity Panel Fields and Controls
14-10 Access Tester Capture Request Options
14-11 Generate Script Command
14-12 Test Script Control Parameters
14-13 Run Test Script Commands
14-14 Mismatched Results Reasons in the Statistics Document
15-1 Centralized Logout Circumstances
15-2 Logout Elements in OAM 11g Webgate Registration
15-3 Sample end_url Parameter Specifications
17-1 Policies Transport Security when Message-level Security Not Required
17-2 Security Token Service Settings
17-3 Configuring a Non-Oracle WSM Client for WSS Kerberos Policies
17-4 Oracle Security Token Service Configuration Management Operations
17-5 Oracle Security Token Service-specific Run-time Events
18-1 OSTS Public Keys Used at Run Time
18-2 Keystores for Oracle Access Manager with Oracle Security Token Service
18-3 Keystore Mbeans
18-4 Partner Keys for WS-Trust Communications
18-5 Conditions for Oracle Security Token Service Certificate Validation
18-6 Successful Certificate Validation Requirements
19-1 Template Search Controls
19-2 Issuance Template Requirements
19-3 Issuance Template: General Details
19-4 Issuance Properties: Username Token Type
19-5 Issuance Properties: SAML Token Types
19-6 Security Details: SAML Tokens
19-7 Issuance Template: Attribute Mapping, SAML Token
19-8 Validation Template Protocols
19-9 New Validation Template: General Details
19-10 New Validation Template: Authentication Details
19-11 New Validation Template: Token Mapping
19-12 Endpoints Page
19-13 Constraints Tab: Token Issuance Policy
20-1 Elements for Oracle Security Token Service Partners
20-2 Profile: General
20-3 Requester Profile: Token and Attributes
20-4 Relying Party Profile Requirements
20-5 Token and Attributes Elements: Issuing Authority
20-6 Issuing Authority Token Mapping Elements
22-1 Oracle Access Manager Server-Side Components
22-2 Oracle Access Manager Shared-Service Engine Components
22-3 Oracle Access Manager Foundation APIs Components
22-4 Mapping of ODL to Java Levels
22-5 Oracle Security Token Service Logger
23-1 Logging Levels
23-2 Log Configuration File Names for Components
23-3 Log Writers
23-4 Global Parameters in the First Compound List
23-5 Factors that Determine Whether Logging Is Active
23-6 Mandatory Log Configuration File Parameters
23-7 Log Data File Configuration Parameters
23-8 ParamName Values You Can Configure for Per-Module Logging Threshold
24-1 Oracle Access Manager Administrative Audit Events
24-2 OAM Run-time Audit Events
24-3 Audit Configuration Elements
25-1 OAM Proxy Metrics
25-2 OAM Proxy Tuning Parameters
26-1 Farm Page Sections
26-2 Resulting Pages for Selected Nodes and Targets
26-3 Summary of Performance Overviews in Fusion Middleware Control
26-4 Access Manager Component Metrics
26-5 STS Component-Specific Metrics
26-6 Status and Controls on Performance Summary Pages
26-7 OAM Log Availability and Functions in Fusion Middleware Control
26-8 Log Levels Tab on Log Configuration Page
26-9 Log Files Elements
26-10 OAM Log Message Search Controls in Fusion Middleware Control
26-11 System MBean Browser
26-12
26-13 System MBean Browser
26-14 Farm Topology
27-1 Installation Comparison with OAM 10g Webgates
27-2 Preparing for 10g Webgate Installation with OAM 11g
29-1 IIS 7 Webgate Windows Server 2008
A-1 Partner Applications Protected by OSSO 10g
B-1 Deployment Types
B-2 Differences when Transitioning Data to New versus Existing Target Environments
B-3 Full Replication
B-4 Delta-Replication
B-5 Export Partner and Policy Commands
B-6 Import Partners, Policy, and Delta Commands
C-1 addOAMSSOProvider Command-line Arguments
D-1 Languages for Localized Messages in Oracle Access Manager
E-1 importcert Command Syntax
F-1 Operational Modes for WLST commands for OAM
F-2 WLST Oracle Access Manager Commands
F-3 WLST Commands Oracle Security Token Service
H-1 Login Page Parameters Submitted to the Page by the Single Sign-On Server
H-2 Login Page Parameters Submitted by the Page to the Single Sign-On Server
H-3 Change Password Parameters Submitted to the Page
H-4 Change Password Page Parameters Submitted by the Page
H-5 Parameters Submitted to the Single Sign-Off Page
H-6 Parameters Submitted to the External Application Login Page
H-7 Parameters the External Application Login Page Submits to the Application
H-8 Login Page Error Codes
H-9 Post-Login Messages
H-10 Change Password Page Error Codes
H-11 External Application Login Page Error Codes
H-12 External Application Login
H-13 Authentication Method
H-14 Additional Fields
Scripting on this page enhances content navigation, but does not change the content in any way.