Skip Headers
Oracle® Role Manager Integration Guide
Release 10g (

Part Number E14611-07
Go to Documentation Home
Go to Book List
Book List
Go to Table of Contents
Go to Index
Go to Feedback page
Contact Us

Go to previous page
Go to next page
View PDF

1 Introducing the Oracle Role Manager Integration Library

This chapter provides an overview of the Oracle Role Manager Integration Library and includes the following sections:

1.1 About the Oracle Role Manager Integration Library

The section outlines the features available in the Oracle Role Manager Integration Library (Integration Library) used to integrate Oracle Role Manager with provisioning systems.

Oracle Role Manager manages roles and resolves role memberships, both memberships that result from direct grants and those that are derived based on rules and grant policies. Through the Integration Library, external systems can use these roles for role-based provisioning.

The Integration Library is currently available for Oracle Identity Manager and includes the following features:

1.2 Important Considerations

Before using the Oracle Role Manager Integration Library, you may want to modify existing access policies in Oracle Identity Manager, depending on whether you have complex access policies in your system.

Access policies that contain only entitlement information will be reconciled by the Oracle Role Manager Integration Library. If any access policies exist in Oracle Identity Manager that have extra information attached to them (such as complex rules or accounts), the extra information will not be retained when imported into Oracle Role Manager. Similarly, any access policies that do not contain entitlement information will not be imported into Oracle Role Manager.

It is recommended that an Oracle Identity Manager administrator break up any access policies with extra information into separate access policies for management purposes. When making these kinds of changes to access policies, it is strongly recommended that administrators review and analyze the impact that these changes might have to their operational system.

1.3 Architecture

Figure 1-1illustrates the deployment and communication architecture of the Integration Library architecture with Oracle Role Manager and Oracle Identity Manager.

The Integration Library is run in the same application server as Oracle Identity Manager. It communicates with Oracle Identity Manager through the Oracle Identity Manager Java API and a JMS message bus. It communicates with Oracle Role Manager through the EJB-based Oracle Role Manager Java API.

Figure 1-1 High-Level Architecture

High-level architecture