Skip Headers
Oracle® Role Manager Integration Guide
Release 10
g
(10.1.4.2)
Part Number E14611-07
Home
Book List
Index
Contact Us
Next
View PDF
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Introducing the Oracle Role Manager Integration Library
1.1
About the Oracle Role Manager Integration Library
1.2
Important Considerations
1.3
Architecture
2
Installing the Oracle Role Manager Integration Library
2.1
Verifying Requirements
2.2
Before You Start
2.3
Overview of Installation and Deployment steps
2.4
Distributing the Oracle Role Manager Integration Library Software
2.5
Configuring the Commons Logging Level
2.6
The Integration Library Files and Directories
2.7
Determining the Release Number of the Integration Library
3
Upgrading the Oracle Role Manager Integration Library
3.1
Before You Start
3.2
Upgrading the Oracle Role Manager Integration Library Software and Configuration
3.3
Resetting the oimSystem System User Privileges
3.4
Running the User Groups Cleanup Task
4
Automated Configuration for Oracle WebLogic Server
4.1
Overview
4.1.1
Oracle Identity Manager Setup Script
4.1.2
Oracle Role Manager Setup Script
4.2
Prerequisites
4.2.1
Oracle Identity Manager Prerequisites
4.2.2
Oracle Role Manager Prerequisites
4.2.3
Configuring Signed Messages (Encryption)
4.3
Running the Configuration Script for Oracle Identity Manager
4.4
Running the Configuration Script for Oracle Role Manager
4.5
Required Manual Configuration
4.5.1
Configuring the IT Resource
4.5.2
Modifying the oimORMUser ID
4.5.3
Resetting the System User Passwords
4.5.4
Configuring the JMS Connection Factory for XA on the Oracle Role Manager Server
4.5.5
Configuring the JMS Connection Factory for XA on the Oracle Identity Manager Server
4.5.6
Disabling Authentication on the Oracle Role Manager Node
4.5.7
Configuring the Role Grant Approval Workflow
4.6
Testing the Installation
5
Configuring Oracle Role Manager
5.1
Deploying the Integration Library Configuration
5.2
Creating the oimSystem System Identity
5.3
Loading the oimSystem System Identity Relationship Data
5.4
Resetting the Password for the oimSystem System Identity
5.5
Configuring Signed Messages (Encryption)
5.5.1
Enabling Encryption
5.6
Modifying Component Configuration
5.6.1
Obtaining the Standard Configuration Files
5.6.2
Modifying the Batch Resolution Timer
5.6.2.1
Batch Resolution Timer Configuration Settings
5.6.3
Modifying the Role Membership Update Timers
5.6.3.1
Role Membership Update Timers Configuration Settings
5.6.4
Modifying the Incoming Event Manager
5.6.4.1
Incoming Event Manager Settings
5.6.5
Modifying the Outgoing Event Manager
5.6.5.1
Outgoing Event Manager Settings
5.6.6
Modifying the Business Logic for User Reconciliation
5.6.6.1
Business Logic Settings
5.6.7
Packaging Configuration Modifications
6
Configuring Oracle Identity Manager
6.1
Before You Configure
6.2
Configuring the Oracle Identity Manager Home Directory
6.3
Creating the System User and User Group for Oracle Role Manager (WebLogic)
6.4
Creating the System User and User Group for Oracle Role Manager (WebSphere and JBoss)
6.5
Creating the Proxy User for Role Grant Approval Workflow
6.6
Importing the Prepared Configuration
6.6.1
Importing the Base Configuration
6.6.2
Importing the Sample Configuration for Approver Role Resolution
6.7
Assigning the System User to the User Group
6.8
Assigning the Proxy User to the System Group
6.9
Configuring the IT Resource
6.10
Configuring Role Grant Approval Workflow
7
Configuring WebLogic Server
7.1
Before You Configure
7.2
Configuring the Oracle Role Manager Server
7.2.1
Configuring the JMS Connection Factory
7.2.2
Configuring the Foreign JNDI Providers
7.2.3
Configuring the Security Credentials
7.2.4
(Clustered Mode Only) Configuring the Subdeployment of the Connection Factory
7.2.5
Disabling Authentication on the Oracle Role Manager Node
7.3
Configuring the Oracle Identity Manager Server
7.3.1
Modifying the Oracle Identity Manager Startup Script
7.3.2
Configuring the Shared Libraries
7.3.3
(Clustered Mode Only) Configuring JMS Queues and Connection Factories
7.3.4
(Nonclustered Mode Only) Configuring JMS Queues and Connection Factories
7.3.5
Configuring Foreign JMS Queues and Connection Factories
7.3.6
Configuring Security Credentials
7.3.7
(Clustered Mode Only) Adding the Integration Library System Properties
7.4
Deploying the Oracle Role Manager Integration Library Application on WebLogic
8
Configuring IBM WebSphere
8.1
Before You Configure
8.2
Configuring the Oracle Role Manager Server
8.2.1
Deploying the WebSphere Configuration
8.2.2
Creating the Custom User for the Integration
8.2.3
Creating the Alias for Custom User for the Integration
8.2.4
(Clustered Mode Only) Creating the Database Users for the JMS Engines
8.2.5
(Clustered Mode Only) Creating the Aliases for the JMS Engine Database Users
8.2.6
Creating the JMS Messaging Buses
8.2.7
Configuring the Oracle Role Manager Bus
8.2.8
Configuring the Role Update Bus
8.2.9
Configuring the JMS Queue Connection Factory
8.2.10
Configuring JMS Queues
8.2.11
Configuring Security Credentials on the Oracle Role Manager Bus
8.2.12
Configuring Security Credentials on the Role Update Bus
8.2.13
Granting Sender Roles to the System User
8.2.14
Disabling Transaction Security
8.2.15
Modifying the Oracle Role Manager Deployment Descriptor
8.3
Configuring the Oracle Identity Manager Server
8.3.1
(Clustered Mode Only) Creating the Oracle Identity Manager Database Users for the JMS Engines
8.3.2
Creating the Authentication Alias for connections to Oracle Role Manager
8.3.3
(Clustered Mode Only) Creating the Additional Authentication Aliases for the New Data Stores
8.3.4
(Clustered Mode Only) Creating the JDBC Data Sources for the New Data Stores
8.3.5
Creating the JMS Messaging Buses
8.3.6
Configuring the OIM ORM Bus
8.3.7
Configuring the Role Update Bus
8.3.8
Configuring JMS Queue Connection Factories
8.3.9
Creating the Oracle Role Manager JMS Queue
8.3.10
Creating the OIM ORM JMS Queue
8.3.11
Configuring JMS Activation Specifications
8.3.12
Configuring Security Credentials on the Role Update Bus
8.3.13
Configuring Security Credentials on the OIM ORM Bus
8.3.14
Configuring Outbound Authentication
8.3.15
Granting Sender Roles to the System User
8.3.16
Creating the Shared Libraries
8.3.17
Adding the Integration Library System Properties
8.4
Configuring Signer Certificates
8.4.1
Exporting the Oracle Role Manager Certificates
8.4.2
Importing and Exporting Certificates on Oracle Identity Manager
8.4.3
Importing the Oracle Identity Manager Certificates
8.5
Deploying the Oracle Role Manager Integration Library Application on WebSphere
9
Configuring JBoss
9.1
Before You Configure
9.2
Configuring the Oracle Role Manager Server
9.3
Configuring the Oracle Identity Manager Server
9.3.1
Modifying the Oracle Identity Manager Startup Command
9.4
Deploying the Oracle Role Manager Integration Library Application on JBoss
10
Testing the Oracle Role Manager Integration Library Installation
10.1
Testing User Reconciliation
10.1.1
Real-Time User Synchronization
10.1.2
Scheduled Tasks for User Reconciliation
10.2
Testing Entitlement Reconciliation
10.3
Testing Role and Role Membership Reconciliation
10.3.1
User Provisioning through Role/User Group Membership
10.3.2
User De-provisioning by Deleted Roles
10.4
Testing One-Time Import of User Groups
10.5
Testing One-Time Import of Access Policies
10.6
Testing Approver Role Resolution
10.6.1
Oracle Role Manager Setup
10.6.2
Oracle Identity Manager Setup
10.6.3
Performing the test
10.7
Testing Role Grant Approver Workflow
11
Troubleshooting
11.1
Log Files
11.2
Oracle Role Manager Application Server Console Errors
11.3
Oracle Identity Manager Application Server Console Errors
A
Cron Expressions
Index