Identity Management Realms in an Enterprise Deployment

This section discusses deployments with single identity management realms and those with multiple ones. It contains these topics:

• Single Identity Management Realm in the Enterprise

• Multiple Identity Management Realms in the Enterprise

Single Identity Management Realm in the Enterprise

This is the default configuration of all Oracle products. In this case, an enterprise has a single set of users, all of whom are managed with the same identity management policies. There is only one default identity management realm in Oracle Internet Directory. All Oracle components in the enterprise serve users in the default realm. Figure 19-1 illustrates this usage.

Figure 19-1 Enterprise Use Case: Single Identity Management Realm

Text description of the illustration oidag112.gif

In the example in Figure 19-1, there is a single identity management realm in which all users and groups are managed and share access to the same applications.

Multiple Identity Management Realms in the Enterprise

Certain enterprises can use the same identity management infrastructure to serve both internal as well as external, self-registered users. Because the identity management policies for internal and external users are different, the enterprise can deploy two realms, one for internal and one for external users. Figure 19-2 illustrates this usage.

Figure 19-2 Enterprise Use Case: Multiple Identity Management Realms

Text description of the illustration oidag111.gif

In the example in Figure 19-2, the default identity management realm is for internal users--namely, employees--and these have access to Applications A, B, and C. The external identity management realm is for external users, and they have access to Applications C and D.