Skip Headers
Oracle® Application Server 10
g
Security Guide
10
g
(9.0.4)
Part Number Part No. B10377-01
Home
Solution Area
Index
Contents
Title and Copyright Information
List of Figures
Send Us Your Comments
Preface
Audience
Documentation Accessibility
Organization
Related Documentation
Conventions
1 Oracle Application Server Overview
Introduction to Oracle Application Server
System Security and Non-Oracle Components
Web Browsers
Firewalls
Load Balancers
Virtual Private Networks (VPNs)
Security Objectives
Providing Basic Security Services
Supporting Standards
Ensuring Deployment and Configuration Flexibility
Minimizing Application Development and Deployment Cost
Providing Security In Depth
Oracle Application Server Middle-Tier Components
Oracle Application Server Web Cache
Oracle HTTP Server
Oracle Application Server Containers for J2EE (OC4J) and OracleAS JAAS Provider
Applications and Tools
OracleAS Portal
Identity Management Infrastructure
Repositories
Configuration Options and Common Topologies
New Security Platform Capabilities in Oracle Application Server 10
g
Oracle Identity Management Enhancements
General Security Enhancements
2 Oracle Application Server Security Architecture
Security Architecture of Oracle Application Server
Elements of Oracle Application Server Security Architecture
Oracle HTTP Server Security
J2EE Security and JAAS
Oracle Application Server Portal Security
Oracle Application Server Web Cache Security
Security for Other Oracle Application Server Components
Oracle Advanced Security
3 Oracle Identity Management
The Role Of Oracle Identity Management
Dependencies on Oracle Identity Management
Leveraging Third-Party Identity Management Services
Features and Benefits Of Oracle Identity Management
Centralized User Management
Password Management Policies
OracleAS Single Sign-On for Authentication
Secure and Transparent Sign-On To Oracle Database
Delegated Administration and Self-Service Interfaces
Role-Based Access Control and Privilege Delegation
Provisioning Integration
Public Key Infrastructure (PKI) and OracleAS Certificate Authority
Integrating Third-Party Identity Management Solutions
4 Recommended Deployment Topologies
The Need for Firewalls and Hardware Load Balancers
General Architecture and Concepts
DMZ Zones
Configuring DMZ-Based Architectures
Hardware Load Balancers and HTTPS to HTTP Appliances
Enterprise Data Center Topologies
J2EE Applications
Mod_plsql Applications
OracleAS Portal, OracleAS Wireless, and Business Intelligence Applications
OracleAS Forms Services, OracleAS Reports Services, and OracleAS Discoverer Developer Topology
OracleAS Reports Services Recommended Topology
OracleAS Forms Services Recommended Topology
OracleAS Discoverer Recommended Topology
OracleAS Single Sign-On and OracleAS Web Cache Considerations
Oracle Application Server Single Sign-On Considerations
Oracle Application Server Web Cache Considerations
5 Privilege Delegation
Introduction
How Delegation Works
Delegating Privileges
How Privileges Are Granted for Managing User and Group Data
Security Goals for Privilege Model
Roles and Responsibilities
Delegation of Privileges for Component Runtime
A Managing PKI Credentials with Oracle Wallet Manager
Oracle Wallet Manager Overview
Wallet Password Management
Strong Wallet Encryption
Microsoft Windows Registry Wallet Storage
Backward Compatibility
Public-Key Cryptography Standards (PKCS) Support
Multiple Certificate Support
LDAP Directory Support
Starting Oracle Wallet Manager
Managing Wallets
Required Guidelines for Creating Wallet Passwords
Creating a New Wallet
Enabling Wallets to Open on Windows
Opening an Existing Wallet
Closing a Wallet
Importing Third-Party Wallets
Exporting Oracle Wallets to Third-Party Environments
Exporting Oracle Wallets to Tools that Do Not Support PKCS #12
Uploading a Wallet to an LDAP Directory
Downloading a Wallet from an LDAP Directory
Saving Changes
Saving the Open Wallet to a New Location
Saving in System Default
Deleting the Wallet
Changing the Password
Using Auto Login
Managing Certificates
Managing User Certificates
Managing Trusted Certificates
Using OracleAS Certificate Authority Certificates
Glossary
Index
Copyright © 2003 Oracle Corporation.
All Rights Reserved.
Home
Solution Area
Index