In this series of exercises, you use Fusion Middleware Control to manage Oracle Identity Federation. The exercises include:
Create a wallet for the Oracle Identity Federation server's signing certificates.
Access Oracle Enterprise Manager Fusion Middleware Control as described in "Accessing Fusion Middleware Control".
Select the Oracle Identity Federation instance in the navigation pane on the left.
Navigate to Oracle Identity Federation, then Administration, then Security and Trust.
Click the Update button corresponding to Wallet Properties - Signatures.
For JCE Keystore Type, select the PKCS#12 radio button.
For Wallet Location, click Browse. Locate the operating system file for the wallet, and click Open in the file dialog.
For Password, enter the password that is used to encrypt the private key.
For Signing Key Alias, enter the alias under which the private key is stored in the wallet.
Click OK.
In this section you will learn how to configure Oracle Identity Federation to use Oracle Database and Oracle Internet Directory as data stores.
Configure a database as the user data store:
Create a JDBC Data Source
Log in to the WebLogic Administration Console, as described in "Accessing the Oracle WebLogic Server Administration Console".
Navigate to Services, then JDBC, then Data Sources.
Click New.
Choose a name and a JNDI name for the new data source, and enter the database information. Choose the WebLogic managed server where Oracle Identity Federation is deployed as the target of this data source.
Configure an RDBMS user data store
Log in to Fusion Middleware Control and navigate to the Oracle Identity Federation instance.
Navigate to Administration, then Data Stores.
In the User Data Store section, click Edit.
Select Database from the Repository Type dropdown list.
Enter the following properties:
- For JNDI Name, enter the JNDI of the data source created in the WebLogic Administration Console.
- For Login Table, enter the name of the user table.
- For User ID Attribute, enter the name of the User ID column in the user table.
- For User Description Attribute, enter the name of the User Description column in the user table.
Click OK.
Configure Oracle Internet Directory as the LDAP user data store:
Log in to Fusion Middleware Control and navigate to the Oracle Identity Federation instance.
Navigate to Administration, then Data Stores.
In the User Data Store section, click Edit.
Select LDAP Directory from the Repository Type dropdown list.
Provide the following details:
For Connection URL, enter the LDAP URL to connect to the server. For example, ldap://ldap.oif.com:389.
For Bind DN, enter the administrator account DN to use to connect to the LDAP server. For example, cn=orcladmin.
For Password, enter the administrator password to connect to the LDAP server.
For UserID attribute, enter uid.
For User Description attribute, enter uid.
For Person Object Class, enter inetOrgPerson.
For Base DN, enter the directory to which the search for users should be confined.
For Maximum Connections, enter the maximum number of LDAP connections that Oracle Identity Federation will simultaneously open to the LDAP server.
For Connection Wait Timeout, enter the timeout, in minutes, to use when Oracle Identity Federation opens a connection to the LDAP server.
Click OK.
This integration enables Oracle Identity Federation to interact with Oracle Access Manager to create an authenticated user session. You can:
For details, see Deploying Oracle Identity Federation with Oracle Access Manager in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation.