Oracle® Access Manager Customization Guide 10g (10.1.4.2.0) Part Number E10354-01 |
|
|
View PDF |
This section describes new features of the Oracle Access Manager 10g (10.1.4.0.1) and provides pointers to additional information. Information from previous releases is also retained to help those users migrating to the current release.
The following sections describe the new features in Oracle Access Manager that are covered in this book:
Note:
For a comprehensive list of new features and functions in Oracle Access Manager 10g (10.1.4.0.1), and a description of where each is documented, see the chapter on Oracle Access Manager in the Oracle Application Server Release Notes.The original product name, Oblix NetPoint, has changed to Oracle Access Manager. Most component names remain the same. However, there are several important changes that you should know about, as shown in the following table:
All legacy references in the product or documentation should be understood to connote the new names.
Globalization, localization, and multibyte encoding schemes are discussed
Oracle Access Manager has undergone a globalization process to provide international languages, and multibyte support through the use of Unicode to enable processing of internationalized data.
To prepare your environment for modifying the PresentationXML stylesheets, you need an XML editor and local XML and image files for the Identity application function that you want to customize.
Information has been added about preparing your work environment and using XMLSpy to test stylesheet modifications.
You can modify the Subject line of the default email notifications that are sent as part of a workflow step.
You can customize the confirmation page that is displayed after a user completes self-registration.
To verify that a stylesheet is coded correctly, open it in Internet Explorer. The browser will indicate the line number of any errors in the code.
See Also:
"Verifying XSL Files".WebGates have been updated to use the same code as the Access System, and WebGate configuration parameters that once existed in WebGateStatic.lst have been moved to the Access System GUI.
After upgrading your WebGates, you can now configure such parameters as IPValidation and IPValidationExceptions from the Access System GUI. The WebGateStatic.lst file no longer exists.
See Also:
"Customizing to Allow Auto-Login", "Denying Access to Unprotected Resources Automatically", the discussion of the isBackwardCompatible flag in the globalparams.xml file in "Parameter Reference".If you use complex stylesheets, you may want to increase the value of the StringStack
parameter in globalparams.xml.
In the file globalparams.xml, the useLanguageSort
and the sortRulesFile
options have been removed from the locale_params parameter. Information is now always sorted in a case-insensitive manner based on the language being used.
In the file globalparams.xml, the description of the compound_data_threshold
parameter has been revised.
In the file globalparams.xml, two parameters—heartbeat_ldap_connection_timeout_in_millis
and heartbeat_enabled
—have been added to control LDAP failover.
In the file globalparams.xml, the samAccountNameLength
parameter enables you to increase the number of characters permitted as a SamAccountName
attribute value.
For Active Directory environments that are running in native mode, you may want to increase the default value for this parameter.
In the file globalparams.xml, the DBAuditTruncateDataToColLength
parameter enables you to determine if data is truncated according to a set number of characters or according to the column length in the auditing .
In the file globalparams.xml, the LDAPOperationTimeout parameter enables you to configure the Identity Server, Access Server, and Policy Manager to fail over to a secondary directory server if the primary directory server takes too long to respond.
In the file basedbparam.xml, the enableAllowAccessCache
parameter turns caching of evaluated access control policies on or off.
The cache helps when an access control policy needs to be evaluated more than once in the same request.
In the file globalparams.xml, the ExcludeOCsForTreeInApplet
parameters specifies what object classes to exclude from display in the Identity System Console.
By default, the Identity System does not display every object class in the directory. This parameter enables you to expose object classes in the Identity System tree that would otherwise be hidden.
In the file globalparams.xml, the TurnOffNestedGroupEvaluation
parameter allows you to enable or disable searches of nested groups in the directory.
This parameter is used by the Access System when evaluating authentication and authorization schemes that require evaluation of group membership.
In the file globalparams.xml, the XSLProcessor
parameter indicates the processor to use when generating a page using IdentityXML.
In the file globalparams.xml, the client_request_retry_attempts
parameter enables you to set a limit on the number of retries a WebPass can attempt when connecting to an Identity Server.
In the file globalparams.xml, the LargeStaticGroups
parameter enables you to to disable evaluation of a static group in the Identity System.
You would set this parameter when the group has become so large that it is causing significant performance issues.
In the file globalparams.xml, the MigrateUserDataTo1014
parameter enables you to automatically migrate directory schema and data when upgrading to version 10.1.4.2 and higher versions.
In the file globalparams.xml, the LDAPMaxNoOfRetries
parameter enables you to to set a limit on the number of retries an Oracle Access Manager component can make per request to a directory server.
See Also:
"Parameter Reference".