Wednesday Apr 09, 2014

Standards Corner: Basic Auth MUST Die!

Basic Authentication (part of RFC2617) was developed along with HTTP1.1 (RFC2616) when the web was relatively new. This specification envisioned that user-agents (browsers) would ask users for their user-id and password and then pass the encoded information to the web server via the HTTP Authorization header. This form of authentication is still being requested today. Why?[Read More]

Wednesday Feb 19, 2014

Management of Oracle Database Authorization with Oracle Identity Manager

Oracle Identity Manager projects usually starts with management of user identity life-cycle from trusted resource to target systems. After completed user's identity management in first step second step is entitlement management of user's. For example role management of user's on Oracle Databases or Windows Servers or any custom applications.

I want to share my experience about management of Oracle Database authorization through Oracle Identity Manager in a project on this post.

We used three component for management of Oracle Database Authorization. These are Oracle Database Enterprise User Security(EUS), Oracle Unified Directory(OUD) and Oracle Identity Manager(OIM).  

Enterprise User Security enables you to centrally manage database users across the enterprise. This is a component of Oracle Database.

Oracle Unified Directory is a comprehensive next generation directory service that is designed to address large deployments, to provide high performance, to be highly extensive and to be easy to deploy, manage, and monitor. Oracle Unified Directory is used to role management integrated with Enterprise User Security.Integrating Oracle Unified Directory with Oracle's Enterprise User Security (EUS) enables you to store user identities in Oracle Unified Directory for Oracle Database authentication.

Oracle Identity Manager is used to management of Oracle Unified Directory user's life-cycle with right value and user's group.All of this process stars from Oracle Identity Manager and then insert user to OUD group or delete user from OUD group.So user will have rights via Oracle Unified Directory and Enterprise User Security.


Following steps explain integration of these three tools.

1- Enabling Oracle Unified Directory for Enterprise User Security by using Oracle Directory Services Manager(ODSM).

  • Connect to the directory server from ODSM.
  • Select the Home tab.
  • Under the Configuration menu, select Create Base DN.
  • On the Configuration Wizard, enter the details of the new suffix.
  • Select the EUS Enabled check box.
  • Click Create to add the new, EUS-enabled suffix.

2- After OUD has been enabled for EUS, you must update the realm information in the OUD configuration by performing the following steps:

  • Locate the LDIF template file at install_dir/config/EUS/modifyRealm.ldif.
  • Edit the modifyRealm.ldif file as follows:

-Replace dc=example,dc=com with the correct naming context for your server instance.

-Replace ou=people and ou=groups with the correct location of the user and group entries in your DIT.

  • Use the ldapmodify command to update the configuration with the edited LDIF template file, for example:

- $ ldapmodify -h localhost -p 4444 -D "cn=directory manager" -j pwd-file -v -f modifyRealm.ldif

3- Complete below configuration on Oracle Database

  • Configure your database for directory usage by using NetCA.
  • Register the database with the directory by using DBCA.
  • Creating a shared schema in the database.
  • Mapping enterprise users to the shared schema.

4-Install Oracle Internet Directory Connector to Oracle Identity Manager because of user provisioning to Oracle Unified Directory and manage groups so roles.

When complete all of above steps.First Enterprise User Security enabled on DB,then create DB roles -enterprise role- and map this roles to the Oracle Unified Directory global roles.And last manage user's Oracle database authorization with Oracle Identity Manager through Oracle Unified Directory.

P.S.: if you want to manage Oracle Database 9i you have to use Oracle Internet Directory instead of Oracle Unified Directory.

About me:

Mustafa Kaya is a Senior Consultant in Oracle Fusion Middleware Team, living in Istanbul. Before coming to Oracle, he worked in teams developing web applications and backend services at a telco company. He is a Java technology enthusiast, software engineer and addicted to learn new technologies,develop new ideas.

Follow Mustafa on Twitter,Connect on LinkedIn, and visit his site for Oracle Fusion Middleware related tips.

Thursday Dec 12, 2013

Going Mobile?...ORACLE is!

If you didn’t hear about it at Oracle Open World, if you didn’t read our Press Releases … if you didn’t see our homepage banner, OR EVEN IF YOU DID .... you definitely need to register for our Oracle Mobile Strategy Update - to get the latest on what Oracle's Mobile Strategy. Mobile is hot and it is here to stay … but today the complexity is no longer just about how to develop mobile apps, it is also about how to integrate, secure, deploy and manage with the backend systems.

In this video webcast, Gartner, leading industry analyst, will provide an overview of the current mobile landscape, the challenges and opportunities for enterprises, then our top Oracle executives will discuss how Oracle is simplifying enterprise mobility and demonstrate how you can easily develop, integrate, secure, deploy and manage .

Let’s chat  or tweet #OracleMobile during the webcast at Dec. 12, 2014 at 10:00AM (PT) and be sure to visit: www.oracle.com/mobile

Tuesday Oct 22, 2013

It's Coming: Chalk Talk with John

...John Brunswick that is.

Who is this John Brunswick, you ask? John Brunswick is an Enterprise Architect with Oracle. As an Oracle Enterprise Architect, John focuses on the alignment of technical capabilities in support of business vision and objectives, as well as the overall business value of technology. What's more he is pretty handy with animation and digital videos as you will see shortly. Starting tomorrow, we will host a bi-weekly column with John called "Chalk Talk with John".

In our "Chalk Talk with John" series, John will leverage his skills, experience and expertise (& his passion in digital animation) to discuss technology in business terms or as he puts it "so my ma understands what I do for a living". Through this series, John will explore the practical value of Middleware in the context of two fictional communities, shared through analogies aligned to enterprise technology.  This format offers business stakeholders and IT a common language for understanding the benefits of technology in support of their business initiatives, regardless of their current level of technical knowledge.

So, be sure to tune in tomorrow and every 2 weeks for "Chalk Talk with John".


About

Get the latest on all things Middleware. Join Oracle's Middleware Community today.

Find Us on facebook Follow us on twitter Catch Us on YouTube 

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
5
6
12
13
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today