Oracle® Adaptive Access Manager Installation and Configuration Guide Release 10g (10.1.4.5) Part Number E12050-03 |
|
|
View PDF |
Oracle Adaptive Access Manager by default is enabled for multitenancy. A single instance of Oracle Adaptive Access Manager can support multiple client applications. Models and Rules can be centrally administrated and can be shared between applications, with the option to personalize for individual applications. Customer Care Admin users can be restricted to create and view cases only for users from their applications. Adaptive Strong Authenticator can also be personalized for each application for look and feel.
In the bharosa_server.properties file, please update the following properties:
#This enables check for access control for CSR users in ARM bharosa.multitenant.enforce.admin.check=true #List the admin roles have super user roles. Users with this role will have access to all the users with OAAM. You can provide multiple roles separated by comma bharosa.multitenant.superuser.ldap_groups=
For each application (tenant), create an Oracle Adaptive Access Manager User Defined Enum element. An example of the properties is shown below.
#Replace Tenant1, Tenant2, ... with your appIds bharosa.extgroupid.enum.Tenant1=2 bharosa.extgroupid.enum.Tenant1.name=Tenant1 bharosa.extgroupid.enum.Tenant1.description=Tenant one group #List the roles (separated by comma) who have access to this Tenant. bharosa.extgroupid.enum.Tenant1.ldap_groups=Tenant1 #If this is true, then access control will be enforced for this tenant. bharosa.extgroupid.enum.Tenant1.access_control_adminusers=true bharosa.extgroupid.enum.Tenant2=3 bharosa.extgroupid.enum.Tenant2.name=Tenant2 bharosa.extgroupid.enum.Tenant2.description=Tenant two group bharosa.extgroupid.enum.Tenant2.ldap_groups=Tenant2 bharosa.extgroupid.enum.Tenant2.access_control_adminusers=true