Skip Headers
Oracle® Fusion Middleware Developer's Guide for Oracle Adaptive Access Manager
Release 11g (11.1.1)

Part Number E15480-06
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

16 Access and Password Management Integration

This chapter provides an overview of the benefits and a list of scenarios of Oracle Access Manager with Oracle Identity Manager and Oracle Adaptive Access Manager.

Detailed conceptual and procedural information is provided in the Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service.

16.1 Benefits and Features of the Integration

Integrating Oracle Access Manager, Oracle Adaptive Access Manager, and Oracle Identity Manager provides these features:

Oracle Adaptive Access Manager

Oracle Adaptive Access Manager is responsible for:

Oracle Identity Manager

Oracle Identity Manager is responsible for:

Oracle Access Manager

Oracle Access Manager is responsible for:

16.2 Secure Password Collection and Management Scenarios

In this integration, Oracle Access Manager redirects users to Oracle Adaptive Access Manager when a trigger condition for password management is in effect. The "trigger condition" is the authentication scheme used in Oracle Access Manager.

Oracle Adaptive Access Manager interacts with the user based on lifecycle policies retrieved from Oracle Access Manager, and when the condition is resolved, notifies Oracle Access Manager so that the user is redirected to the protected resource. In this integration, Oracle Identity Manager serves to provide password policy enforcement.

Challenge Registration Flow

The Challenge Registration flow allows the user to register challenge questions and answers.

The user is successfully authenticated but is required to register challenge questions. He cannot skip the registration. The user is not authorized to access protected resources until the challenges questions have been registered.

Note:

When adding Oracle Adaptive Access Manager to existing Oracle Identity Manager deployments, you will need to forego all the existing questions and answers that are registered in Oracle Identity Manager. Instead, users are asked to register the challenge questions again in Oracle Adaptive Access Manager on the next login.

Forgot Password Flow

The Forgot Password flow allows the user to reset the password after successfully answering all challenge questions.

A "Forgot Your Password" link is made available from the Oracle Adaptive Access Manager password page for the user.

Reset Password Flow

The Reset Password flow allows the user to reset the password.

The user is successfully authenticated. The "Change your password" link is available to the user at the Oracle Adaptive Access Manager password page.

Challenge Reset Flow

The Challenge Reset flow allows the user to reset challenge registration.

The user is successfully authenticated. The "Reset your challenge questions" link is available in the Oracle Adaptive Access Manager password page.