Index
A
B
C
D
E
F
G
H
I
J
K
L
M
O
P
R
S
T
U
V
W
X
A
- account lockout, 3-4
- addsub.csh script, 10-8
- Administer External Applications page, 5-2 to 5-5
- administration pages
- accessing, 2-7
- debugging, A-15
- external applications, 5-2
- application service providers, 10-2
- authentication adapters. See authentication plugins
- authentication dynamics
- certificate-enabled sign-on, 7-2
- identity management realms, 10-4 to 10-6
- third-party access management, 13-2, 13-3
- Windows native authentication, 8-2, 8-3
- authentication levels, 6-3, 6-4
- authentication plugins, 6-4
B
- backup and recovery, 9-23
- basic authentication method, 5-3, 5-8
- browser settings
- standard, 2-6
- Windows native authentication, 8-12
- Internet Explorer 5.0, 8-11
- Internet Explorer 6.0, 8-11, 8-12
C
- certificate revocation lists, 7-10
- certificate-enabled sign-on
- authentication dynamics, 7-2
- configuring
- Oracle HTTP Server, 7-3 to 7-5
- Oracle Internet Directory, 7-9, 7-10
- single sign-on server, 7-5 to 7-9
- user name mapping module, 7-6 to 7-9
- CRL maintenance, 7-10
- error messages, A-10, A-11
- sample files, 2-12
- change password page
- behavior, 3-3
- error messages, 12-8
- installing, 12-11
- overview, 1-8
- parameters, 12-6
- configuration files
- httpd.conf, 4-8, 4-9, 9-11, 9-12, A-10
- jazn-data.xml, 8-8
- krb5.conf, 8-5
- opmn.xml, 8-7
- osso.conf, 4-2 to 4-4, 4-10, 9-14
- policy.properties, 6-3 to 6-6, 7-6, A-10, A-13, C-1
- ssl.conf, 7-3, 7-4
- sso_apache.conf, 9-4
- targets.xml, 11-4, 11-5
- web.xml, 8-9
- x509CertAuth.properties, 7-6, 7-9
D
- debugging
- administration pages, A-15
- PL/SQL pages, A-13, A-14
- deployment scenarios
- geographically distributed instances, 9-20
- multilevel authentication, 6-4, 6-5
- multiple middle tiers, 9-9
- partner applications, 4-5
- replicated directory, 9-16
- deployment-specific pages
- examples, 12-12
- globalization support, 12-9
- guidelines, 12-11
- installing, 12-11, 12-12
- sample files, 2-12
- support for OracleAS Wireless, 12-11
- Details of Login Failures page, 11-4
- directory access
- configuring, 3-7
- scripts, 3-7
- directory entries, for OracleAS Single Sign-On, 3-4 to 3-6
- disaster recovery, 9-23
- Distributed Cluster Management, 4-10, 9-12
E
- Edit SSO Server page, 2-8
- enblhstg.csh script, 10-7
- error messages
- basic, A-3, A-8
- certificate-enabled sign-on, A-10, A-11
- export and import, 14-7 to 14-9
- password policies, A-12
- Windows native authentication, A-8, A-9
- export and import
- error messages, 14-7 to 14-9
- scenarios, 14-5
- scripts, 14-6
- external applications
- access using mod_osso/mod_proxy, 5-6 to 5-9
- adding, 5-2 to 5-5
- administration pages, 5-2
- authentication dynamics, 1-6, 1-7
- authentication methods
- basic, 5-3, 5-8
- GET, 5-3
- POST, 5-3
- editing, 5-5
- login, 5-5, 5-6
- overview, 1-2
- External Applications portlet, 5-6
F
- force change password feature, 3-4
G
- GET authentication method, 5-3
- global user inactivity timeout
- configuring, 2-9 to 2-12
- overview, 1-8, 1-9
- scripts, 2-10
- globalization support
- deployment-specific pages, 12-9
- standard pages, 2-8
- grace login, 3-3
H
- high server availability
- configuring, 9-23
- deployment options
- geographically distributed instances, 9-20 to 9-22
- multiple middle tiers, 9-8 to 9-15
- OracleAS Active Failover Clusters, 9-15, 9-16
- replicated directory, 9-16 to 9-18
- httpd.conf file, 4-8, 4-9, 4-11, 4-12, 9-11, 9-12, A-10
I
- iASAdmins administrative group, 2-2
- identity management infrastructure database
- configuring for SSL, 9-3
- replicating, 9-23 to 9-27
- support for multiple realms, 10-2
- identity management realms
- administrative privileges, 10-9
- authentication dynamics, 10-4 to 10-6
- benefits, 10-2
- configuring, 10-7 to 10-9
- DIT structure, 10-4
- overhead, 10-2
- overview, 10-2
- support for partner applications, 10-4
- IP checking, 2-8
J
- jazn-data.xml file, 8-8
K
- Kerberos protocol, 8-2
- krb5.conf file, 8-5
L
- LDAP command-line tools, 3-2
- LDAP connection cache, A-16
- load balancers
- OracleAS Web Cache, 9-12, 9-13
- with multiple partner applications, 4-5, 4-9
- with multiple single sign-on middle tiers, 9-8, 9-9, 9-11, 9-12, 9-13, 9-17, 9-18
- with OracleAS Active Failover Clusters, 9-15
- log files, A-2, A-3
- login page
- error messages, 12-7, 12-8
- installing, 12-11
- parameters, 12-3, 12-4
- password reset feature, 12-4
- login scenarios
- third-party access, 13-3
- Windows native authentication, 8-13
M
- master definition site, 9-17
- mod_osso
- compared with single sign-on SDK, 1-3
- overview, 1-3
- registering, 4-2 to 4-4
- reregistering, 4-9, 4-11, 9-13, 9-14, 9-28
- mod_osso.conf file, 2-11, 4-12
- monitoring home page, 11-2
- monitoring pages
- accessing, 11-2
- ports, 11-4, 11-5
- multilevel authentication
- authentication levels, 6-3, 6-4
- configuring, 6-4, 6-5
- flow, 6-2
- plugins, 6-4
- multimaster replication, 9-24
O
- oidprovtool, 9-30
- opmn.xml file, 8-7
- Oracle Delegated Administration Services, 1-8, 3-2
- Oracle Directory Manager, 2-4, 3-2
- Oracle HTTP Server
- configuring
- certificate-enabled sign-on, 7-3 to 7-5
- partner application middle tier, 4-8
- single sign-on middle tier, 9-11, 9-12
- SSL configuration, 9-3
- starting and stopping, 2-5
- Oracle Internet Directory
- configuring for certificate-enabled sign-on, 7-9, 7-10
- configuring for SSL, 9-5, 9-6
- configuring for Windows native authentication, 8-5
- role in third-party access management, 13-4
- synchronization with Microsoft Active Directory, 13-4
- OracleAS Active Failover Clusters, 9-15, 9-16
- OracleAS Certificate Authority, 7-4
- OracleAS Cold Failover Cluster, 9-23
- OracleAS Discoverer, 14-2, 14-3, 14-5
- OracleAS Portal
- External Applications portlet, 5-6
- registering, 4-2
- OracleAS Single Sign-On
- administrative pages, 1-5
- administrators, 2-2 to 2-4
- benefits, 1-1
- browser preferences, 2-6
- configuring directory access, 3-7
- directory information tree, 3-4 to 3-6
- external applications, 5-2 to 5-5
- globalization support, 2-8, 12-9
- home page, 1-5
- nondefault configuration, 9-1
- password policies, 3-3, 3-4
- passwords, 1-8
- sample files, 2-12
- schema, 1-5
- scripts
- addsub.csh, 10-8
- enblhstg.csh, 10-7
- ssocfg, 9-13, 9-18, 9-27
- ssogito.sql, 2-10
- ssomig, 14-2
- ssooconf.sql, 3-7, 9-26, A-4, A-6
- ssoreoid.sql, 3-8, A-6, A-16
- timeouts, 1-8, 1-9
- user accounts, 3-2
- user attributes, 1-3
- OracleAS Web Cache, 4-9, 9-12, 9-13, 9-28
- OracleAS Wireless, 1-9
- ossoca.jar tool, 2-9
- osso.conf file, 4-2 to 4-4, 4-10, 9-14
- ossoreg.jar tool
- example, 4-5
- parameters, 4-3, 4-4
- syntax, 4-2
P
- partner applications
- configuring for high availability, 4-5
- deploying, 4-5
- examples of, 1-2
- overview, 1-2
- registering, 4-2 to 4-4
- reregistering, 4-9, 4-11, 9-6, 9-13, 9-14
- password policies, 3-3, 3-4
- passwords
- changing, 1-8, 3-3
- configuring, 3-4
- expiry, 3-3
- external applications, 1-2
- force change password feature, 3-4
- management, 3-2
- resetting, 1-8, 3-3, 12-4
- rules, 3-3
- schema, 3-8, B-1
- policy.properties file
- in certificate-enabled sign-on, 7-6
- in debugging, A-10, A-13
- in multilevel authentication, 6-3 to 6-6
- in third-party access management, 13-5, 13-7
- purpose, 2-4
- sample, C-1
- POST authentication method, 5-3
- proxy authentication, 5-6 to 5-9
- proxy server
- configuring, 9-27 to 9-29
- function, 9-27
R
- refresh script, 3-8
- Remember My Login Information For This Application check box, 5-5
- remote master site, 9-17
- Replication Environment Management Tool, A-17
- reverse proxy, 9-27 to 9-29
S
- sample files
- certificate-enabled sign-on, 2-12
- deployment-specific pages, 2-12
- scripts
- ssogito.sql, 2-10
- ssomig, 14-2, 14-3
- ssooconf.sql, 3-7
- ssoreoid.sql, 3-8
- server cache, 3-8
- single sign-off page
- installing, 12-12
- parameters, 12-7
- single sign-on administrators
- assigning privileges to, 2-2
- duties, 2-2
- single sign-on server
- accessing, 1-4
- cache, 3-8
- configuring directory access, 3-7
- configuring for Windows native authentication, 8-5 to 8-10
- deployment options
- geographically distributed instances, 9-20 to 9-22
- multiple middle tiers, 9-8, 9-16
- OracleAS Active Failover Clusters, 9-15, 9-16
- replicated directory, 9-16, 9-16 to 9-18
- LDAP connection cache, A-16
- log files, A-2, A-3
- overview, 1-2
- role in third-party access management, 13-2
- starting and stopping, 2-5
- with reverse proxy, 9-27
- single sign-on session timeout, 2-8
- SSL (Secure Sockets Layer), 9-2 to 9-6
- ssl.conf file, 4-11, 4-12, 7-3, 7-4
- SSO Server Administration page, 2-8
- sso_apache.conf file, 9-4
- ssocfg script, 9-13, 9-18, 9-27
- ssogito.sql script, 2-10
- ssomig script
- executing, 14-6
- parameters, 14-2, 14-4
- syntax, 14-2
- ssomig.log file, 14-6
- ssooconf.sql script, 3-7, 9-26, A-4, A-6
- ssoreoid.sql script, 3-8, A-6, A-16
- ssoReplSetup.jar tool, 9-25, 9-26
- synchronization
- between directory and single sign-on server, 9-29, 9-30
- between Microsoft Active Directory and Oracle Internet Directory, 8-4
- between third-party directory and Oracle Internet Directory, 13-4
T
- targets.xml file, 11-4, 11-5
- third-party access management
- authentication dynamics, 13-2, 13-3
- code example, 13-7, 13-8
- logout, 13-8, 13-9
- migration, 13-9 to 13-12
- timeouts
- global user inactivity timeout, 1-8, 1-9, 2-9 to 2-12
- single sign-on session timeout, 2-8
U
- URLs, configuring for SSL, 9-5
- URLs, protecting, 9-3 to 9-5, 9-13
- user accounts
- lockout, 3-4
- management, 3-2
- user management tools, 3-2
- user name mapping module, 7-7
- custom implementation, 7-7, 7-8
- default implementation, 7-7
V
- virtual hosts, 4-11 to 4-13, 9-27
W
- web.xml file, 8-9
- Windows native authentication
- authentication dynamics, 8-2, 8-3
- browser settings, 8-11, 8-12
- configuring, 8-4 to 8-12
- error messages, A-8, A-9
- fallback authentication, 8-12
- login scenarios, 8-13
- overview, 8-2
- system requirements, 8-3, 8-4
X
- X509CertAuth.properties file, 7-6, 7-9