Skip Headers
Oracle® Identity Federation Administrator's Guide
10g (10.1.4.0.1)
B25355-02
  Go To Documentation Library
Home		 Go To Table Of Contents
Contents
Previous
Previous 		  

Index

A  B  C  D  E  F  H  I  K  L  M  N  O  P  R  S  T  U  W  X 

A

Access Manager domain
adding, 6.5.11
account linking, 1.1.3
administration console, 6.2
server configuration tab, 6.3.1
administrator password, 5.1.4
affiliation descriptor, 6.3.8.1
affiliations, 1.2.5, 6.3.8.1
configuring, 6.3.8.3
display, 6.3.8.5
runtime behavior, 6.3.8.4, 7.2
anonymous user, 6.3.3.4, 7.4
architecture
typical deployment, 2.6.2
architecture considerations, 2.6.1
assertion profile
adding, 6.5.5
Assertion Validity, 6.3.4.1, 6.3.4.3
assertion validity, 6.3.3.1, 6.3.4.6
AssertionIDRequest, 7.13
attribute mapping, 6.8
configuring, 6.8.2
attribute name mapping, 6.8.1.1
Attribute Requester Service interface, 6.7.4
attribute responder, 6.3.4.6
attribute sharing
components, 6.6.1
attribute value filtering, 6.8.1.3
attribute value mapping, 6.8.1.2
Authentication Engine, 4.2.6.1.1
authentication modes, 2.3.1
AuthnQuery, 7.12
auto account linking, 6.3.4.6

B

bilateral authentication, 2.2.2.3
binding parameters, 6.3.4.1, 6.3.4.3, 6.3.4.6
bindings
HTTP Artifact, 1.2.4.2
HTTP POST, 1.2.4.1
HTTP redirect, 1.2.4.4
bulk load utility, 9.2.1
example, 9.2.1.4
syntax, 9.2.1.4

C

certificate
self-signed
exporting to SP, 7.3
certificate repository, 2.1.4.3
certificate validation, 2.1.4.3
certificates
and trust, 5.1.1.1
certification matrix, 1.2.8
Circle of Trust, 1.1.3
and metadata signing support, 6.3.7.1.1
configuring, 5.2.1
command-line tools, 9.2
basic auth, 6.11.2.2
bulk federation, 9.2.1
change transient data store, 9.2.2
delete federation records, 9.2.4
common domain parameters, 6.3.3.1, 6.3.3.4
configuration assistants, 9.1
Configuration Settings
and metadata, 6.1.1
configuring
Access Manager access policy, 6.6.4.3
Access Manager plugins, 6.6.3
Access Manager schemes and policies, 6.6.4
as an IdP attribute responder, 6.6.6
as SP attribute requester, 6.6.5
assertion profiles, 6.5.4
attribute sharing, 6.6
attribute sharing authentication, 6.6.4.1
attribute sharing authorization, 6.6.4.2
Attributes in SSO Assertions, 7.5.4
audits and logs, 6.5.3
certificate store, 6.5.1
certificate validation store, 6.3.9
circle of trust, 6.3.7
connections, 9.3.1
COT trusted provider, 6.3.7.2
COT trusted provider attributes, 6.3.7.3
COT trusted provider NameID formats, 6.3.7.6
destination mappings, 6.5.8
domains, 6.5.9
F5 load balancer, 9.5
federation data store, 6.4.1
federation users, 5.2.3
federations for a provider, 5.2.2
federations for a user, 5.2.4
global IdP properties, 6.3.3.1, 6.3.4.1, 6.3.4.6
global server properties, 6.3.3
global SP properties, 6.3.3.4, 6.3.5.1
identity federations, 5.2
IdM data stores, 6.4
Liberty 1.1
IdP profiles, 6.3.4.2
SP properties, 6.3.5.1
Liberty 1.1 IdP properties, 6.3.4.1
Liberty 1.2
IdP NameID formats, 6.3.4.5
IdP properties, 6.3.4.3
Liberty 1.2 IdP profiles, 6.3.4.4
Liberty 1.2 SP profiles, 6.3.5.4
Liberty 1.2 SP properties, 6.3.5.3
MyDomain, 6.5.10
Name ID Formats, 7.5
Name ID formats for specific provider, 7.5.3
protocol-specific IdP properties, 6.3.4
protocol-specific SP properties, 6.3.5
SAML 1.x properties, 6.5
SAML 2.0
IdP properties, 6.3.4.6
SAML 2.0 IdP profiles, 6.3.4.7
SAML 2.0 SP attribute requester, 6.3.6
SAML 2.0 SP NameID formats, 6.3.5.7
SAML 2.0 SP profiles, 6.3.5.6
SAML 2.0 SP properties, 6.3.5.5
server, 6.3
server configuration tab, 6.3.1
server properties, 6.3.2
SSL, 6.6.7, 6.10
trusted providers, 5.2.1
user data store, 6.4.2
WebGate, 4.2.8
connection limits, 9.3.1
Cookie Lifetime, 6.3.3.1
Creating a custom authentication engine, 4.2.6.2
creating a custom SP Integration Engine, 4.2.6.3
Cryptographic Provider, 1.2.6
custom IAM, 4.2.6

D

data store
eTrust SiteMinder, 4.2.3.4
IBM TDS, 4.2.5
deconfig tool, 5.4.3
default IdP, 6.3.3.4
removing from CoT, 6.3.7.1
deinstallation, 5.4
deployment
architecture, 2.1
profiles and bindings, 2.2
protocols, 2.1.5
proxy server, 2.1.3
security, 2.1.4
server roles, 2.1.1
topology, 2.1.2
deployment planning, 5.1.1.1
deprovisioning, 6.1.2
Descriptor Validity, 6.3.3.1, 6.3.3.4
destination domain, 1.1.3
destination mappings, 6.5.7
modifying, 6.5.8
Documentation Updates, Preface
domain, 1.1.3

E

encryption key, 6.5.2
encryption parameters, 6.3.4.6
eTrust SiteMinder
deploying as data store, 4.2.3

F

F5 load balancer
configuring, 9.5
federated identity management, 1.1.1
account linking, 1.1.3
benefits, 1.1.1
concepts, 1.1.3
event flow, 1.2.7
evolution, 1.1.4.2
use cases, 1.1.2
federation data
deleting, 5.3.4
federation data store, 2.4.1
changing, 5.3.1
connection example, 4.2.1
federation profiles, 1.2.4
artifact, 1.2.4.2
federation termination, 1.2.4.8
global logout, 1.2.4.9
name identifier, 1.2.4.5
federation protocols, 1.1.4
federation record
structure, 6.1.2
uniqueness, 6.1.2
federation termination, 6.3.4.1, 6.3.4.3, 6.3.4.6, 6.3.5.1
profiles, 1.2.4.8
federations for provider
configuring, 5.2.2
Force SSL, 6.3.2
forcing reauthentication
not supported with Oracle Single Sign-On, 4.2.1

H

high availability, 2.6.1.6, 9.4
HTTP Basic Authentication, 2.3.6, 6.11.2
HTTP basic authentication, 4.2.7
HTTPS mode, 6.3.2

I

IBM TDS
as data store, 4.2.5
Identity Federation Engine, 4.2.6.1.1
identity federations
configuring, 5.2
identity management
challenges, 1.1.1
federated, 1.1.1
identity provider, 1.1.3
selecting at run-time, 6.3.3.4
IdMBridge, 1.2.2
IdP
Liberty 1.1, 6.3.4.1
Liberty 1.2, 6.3.4.3
IdP mode
protocols, 6.3.3.1
signed messages, 6.3.3.1
implementation checklist, 2.7
Infrastructure
changing, 3.6.1
installation
advanced, 3.4
basic, 3.3, 3.3
overview, 3.2
ports, 3.3
prerequisites, 3.1

K

keystore, 5.1.1.1

L

LD_ASSUME_KERNEL, A.1.4.3
Liberty 1.1
IdP profiles, 6.3.4.2
SP properties, 6.3.5.1
Liberty 1.2
IdP profiles, 6.3.4.3, 6.3.4.4
IdP properties, 6.3.4.3
Liberty Alliance, 1.1.4
Liberty ID-FF, 1.1.4
1.1, 1.1.4.4
1.2, 1.1.4.5
Liberty protocol, 1.1.3
load balancer, 9.5
and monitoring console, 9.5.2
and SAML 1.x, 9.5.1
and WS-Federation, 9.5.1
log files, 5.1.5
logout
non-fail-on-error for Liberty 1.x /SAML 2.0, 7.10.1
status, 7.11
logout service, 6.9

M

message binding parameters, 6.3.3.1, 6.3.3.4
Metadata, 6.1.1
properties that affect, 6.1.1
protocol URLs, 6.1.1
re-publishing, 6.1.1
metadata, 5.1.1.1
affected properties, 6.1.1
Metadata Signing Support, 6.3.7.1.1
metrics, 8.1.1
Microsoft Active Directory Federation Services, 7.9
configuring as IdP, 7.9.2
configuring as SP, 7.9.3
monitoring
components, 8.1.2
data flow, 8.1.3
features, 8.1
IdP statistics, 8.2.3
SP statistics, 8.2.7
Monitoring Agent, 8.1.2
home page, 8.2.2
Monitoring Console, 8.2
logging in, 8.2.1
monitoring console, 8.2
MyDomain, 6.5.10

N

Name ID Formats, 7.5
NameID formats
determined by IdP, 7.6
Liberty 1.2, 6.3.4.3
Liberty 1.2 IdP, 6.3.4.5
NameID registration, 6.3.4.1, 6.3.4.3
New Features, Preface
no-fail-on-error, 7.10.1
Non-Oracle Identity Federation domain, 6.5.12

O

OASIS, 1.1.4
Oracle Access Manager
authenticating with, 2.3.4
changing instance, 5.3.5
deleting policy objects, 5.3.6
deploying with, 4.2.2
Oracle HTTP Server
as proxy server, 9.6
Oracle HTTP Sever
tuning, 9.3.3
Oracle Identity Federation, 1.2
administration console, 6.2
logging in, 5.1.2
architecture, 1.2.2
benefits, 1.2.1
installation requirements, 2.5
log files, 5.1.5
start and stop server, 5.1.3
uninstallation, 5.4
Oracle Single Sign-On
authenticating with, 2.3.5
deploying with, 4.2.1
testing deployment, 4.2.1.1

P

password
administrator, changing, 5.1.4
performance
and assertion security, 2.6.1.4
and connection tuning, 2.6.1.5
and JDBC connection settings, 9.3.2
and Oracle HTTP Server settings, 9.3.3
and profiles, 2.6.1.1
and repositories, 2.6.1.2
and server tuning, 2.6.1.7
tuning, 2.6, 9.3
PKI, 5.1.1.1
principal, 1.1.3
profiles
artifact
request processing, 2.2.2.1
security, 2.2.2.3
using, 2.2.2.1
with proxy, 2.2.2.1
attribute sharing, 1.2.4.6
using, 2.2.2.4
choosing, 2.2.2
federation termination, 1.2.4.8
HTTP redirect, 1.2.4.4
logout, 1.2.4.9
passive requester, 1.2.4.7
POST, 1.2.4.1
request processing, 2.2.2.2
security, 2.2.2.3
using, 2.2.2.2
with proxy, 2.2.2.2
WS-Federation
using, 2.2.2.5
Provider ID, 6.3.3.4
proxy server
and Oracle Access Manager, 9.6
and Oracle Single Sign-On, 9.6, 9.6
setting up, 9.6

R

reassociation, 3.6.1, 5.3
reauthentication, 6.3.3.1, 6.3.4.3, 6.3.4.6
forcing not supported for Oracle Single Sign-On, 4.2.1
redundant LDAP servers, 9.4.3.1
reference footprint, 2.6.3
reinstallation, 5.4.6
requireSSLCert, 6.10.4

S

SAML, 1.1.4
assertions, 1.1.4.1
authentication example, 1.1.4.6
profiles, 1.1.4.1
protocol bindings, 1.1.4.1
request and response cycle, 1.1.4.1
request-response cycle, 1.1.4.1
SAML 1.x
service URLs, 6.5.13
SAML 2.0, 1.1.4.6
auto account linking, 6.3.4.6
binding parameters, 6.3.4.6
encryption parameters, 6.3.4.6
IdP NameID formats, 6.3.4.8
IdP profiles, 6.3.4.6, 6.3.4.7
IdP properties, 6.3.4.6, 6.3.4.6
NameID formats, 6.3.4.6
timeout parameters, 6.3.4.6
SAML 2.0 Assertion ID Request, 7.13
SAML 2.0 Authentication Query Response, 7.12
SAML attribute sharing profile, 6.6
SAML security considerations, 2.2.2.3
security considerations, 2.2.2.3
Server Clock Drift, 6.3.3.1, 6.3.3.4, 6.3.4.1, 6.3.4.3, 6.3.4.6
Server Hostname, 6.3.2
Server Port, 6.3.2
service provider, 1.1.3
service URLs, 6.5.13
session
active period, 6.3.2
Session Data Cleanup Interval, 6.3.2
Session Timeout, 6.3.2
single sign-on, 1.1
sizing guidelines, 2.6
SmartMarks, 6.5.10
SOAP Port, 6.3.2
SOAP port
protecting, 6.10.4
SOAP URL
and HTTP basic authentication, 6.11.2.1
connecting to a protected, 6.11.2.2
SP
Liberty 1.1, 6.3.5.1
SP mode
protocols, 6.3.3.4
signed messages, 6.3.3.4
SP-initiated IdP discovery, 6.5.10
SSL
and attribute requesters, 6.6.3
and PKI, 5.1.1.1
certificate authentication, 6.10.3
configuring for server, 3.4.1, 6.10
connections to remote providers, 6.10.1
enabling for server, 6.3.2
SSL Client Authentication, 6.11.1
SSL servers
authenticating to, 6.10.2
configuring on Oracle Identity Federation, 6.10.3
connecting to, 6.10.1
staticports.ini, 3.4
Sun Java System Web Server
deploying Oracle Identity Federation with, 4.2.4
Supported Standards and Applications, 1.2.8

T

Terminology Changes, Preface
timeout parameters, 6.3.3.1, 6.3.4.1, 6.3.4.6
timeout properties, 6.3.4.3
topology, 2.6.4
transient data store, 2.4.3
RDBMS
changing, 5.3.3
JDBC connection settings, 9.3.2
sharing RDBMS, 3.4
transient/one-time identifier, 7.4
troubleshooting
404 error, A.1.6.1
AccessGate permission error, A.1.4.1
back-ends with same cookie domain, A.1.4.4
bookmarked login page, A.1.3.2
bookmarked resource, A.1.6.3
changed IdP, A.1.6.2
crash with Oracle Access Manager back-end, A.1.4.3
file descriptor error, A.1.5.1
incorrect login page, A.1.3.1
LD_ASSUME_KERNEL, A.1.4.3
logout displays last page visited, A.1.2.5
No JSESSIONID cookie error, A.1.2.6
non-ASCII AccessGate ID, A.1.4.2
Operating System configuration, A.1.5
Oracle Access Manager configuration, A.1.4
Oracle Identity Federation configuration, A.1.2
Oracle Single Sign-On configuration, A.1.3
reissue SAML 1.x URL after timeout, A.1.3.3
runtime SSO issues, A.1.6
search fails against Microsoft Active Directory, A.1.5.2
unable to log into console, A.1.7.1
unknown requester error, A.1.2.4

U

uninstall tool, 9.2.3
Unknown Conditions, 6.3.3.4
unsolicited relay state, 6.3.7.2
User Consent, 6.3.3.1, 6.3.3.4
example, 6.3.3.4, 6.3.7.2
example page, 6.3.3.1
user data store, 2.4.2
changing, 5.3.2
connection data, 2.4.2
connection example, 4.2.1
user records
basic data, 6.1.2
deprovisioning, 6.1.2
federation data, 6.1.2
synchronizing, 6.1.2
users, 5.2.3

W

WebGate
integration, 4.2.8
WSDL
Attribute Requester Service, 6.7.4
WS-Federation, 1.1.4.7
service URLs, 6.5.13

X

X.509 certificates, 5.1.1.1
  Previous
Previous 
  Go To Documentation Library
Home		 Go To Table Of Contents
Contents