JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle GlassFish Server 3.1 Security Guide
search filter icon
search icon

Document Information


1.  Administering System Security

2.  Administering User Security

3.  Administering Message Security

4.  Administering Security in Cluster Mode

5.  Managing Administrative Security

6.  Running in a Secure Environment

7.  Integrating Oracle Access Manager

About OAM Security Provider for Glassfish

Obtaining Oracle Access Manager Group Information

About Oracle Access Manager

Understanding OAM Security Provider Use Cases

Use Case: Authentication for Web Resources Via Access Gate

Use Case: Identity Assertion for Web Resources via WebGate

Use Case: Authorization Checks Based on Policy Manager

Configuring the OAM Security Provider

Determining Which Authentication Method is Used

Integrating OAM Security Provider with Oracle Access Manager 10g

Integrating OAM Security Provider with Oracle Access Manager 10g

Integrating OAM Security Provider with Oracle Access Manager 11g

Integrating OAM Security Provider with Oracle Access Manager 11g

Addtional Considerations for Certificate Authentication

Integrating OAM Security Provider with Oracle Access Manager 11g and WebGate

Integrating OAM Security Provider with Oracle Access Manager 11g and WebGate

Additional Considerations for Certificate Authentication With a WebGate

Session Synchronization


About Oracle Access Manager

Oracle Access Manager allows users of your applications to log in once and gain access to a broad range of resources. Oracle Access Manager provides an identity management and access control system that is shared by all of your applications. The result is a centralized and automated single sign-on (SSO) solution for managing who has access to what information across your entire IT infrastructure.

To integrate the OAM Security Provider with Oracle Access Manager, you need to understand the Oracle Access Manager component concepts shown in Table 7-1.

Note - The OAM Security Provider integrates with versions 10g and 11g of Oracle Access Manager. Between these two versions of Oracle Access Manager, many component names remain the same. However, there are several important changes that you should know about, as described in Product and Component Name Changes in the Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager.

Table 7-1 Oracle Access Manager Concepts

Oracle Access Manager 10g
Oracle Access Manager 11g
Access System
Access System
The Access System is the access-control system that provides single sign-on across any Web application. It supports a variety of access policies, and is fully integrated with the Identity System so that changes in user profiles are instantly reflected in the Access System's policy enforcement. The Access System consists of the Policy Manager, Access Server, and WebGate.
Access Server
OAM Server
Access Server receives requests and then queries authentication, authorization, and auditing rules in the directory server. Based on the information in the directory server, the Access Server sends the authentication scheme, validates user credentials, authorizes the user, audits, and manages the session.
Policy Manager
OAM Administration Console
The Policy Manager provides a Web-based interface where administrators can create and manage access policies. The Policy Manager also communicates with the directory server to write policy data, and communicates with the Access Server when certain policy modifications are made.
OAM Agent
WebGate is a server plug-in Oracle Access Manager access client that intercepts HTTP requests for Web resources and forwards them to the Access Server for authentication and authorization. A WebGate is shipped out-of-the-box with Oracle Access Manager.
OAM Agent
An AccessGate is a custom access client that is specifically developed using the Software Development Kit (SDK) and Oracle Access Manager APIs, either by the customer or by Oracle. An AccessGate processes requests for Web and non-Web resources (that is, non-HTTP) from users or applications.

The component names described in this section reflect the 10g version of Oracle Access Manager.