Index
A B C D E F G H I J K L M N O P R S T U W X
A
- access control list, 8.2.1.2
- access controller, 1.2.3
- Access Server
-
- cache, 10.2.6.1
- AccessGate
-
- configureAccessGate tool, 10.2.4.2.4, 10.2.10.6
- ACL, 8.2.1.2
- administration tools, 6.1
- administrative tasks, 6.4
- Administrators group, 3.5
- Anonymous and Authenticated Roles Properties, F.2.5
- anonymous role, 3.4, 3.4.1, 6.2
- anonymous role and authentication, 3.4.1
- anonymous SSL, 8.2.1
- anonymous user, 3.1, 3.4, 3.4.1
- anonymous user and role, 15.1
- app.context, 8.5.3.3
- Application Credential Migration Settings, 7.2.1
- Application Name or Stripe, 15.1
- Application Policy Migration Settings, 7.2.1
- application role, 3.1, 15.1
- application stripe, 15.1
- ApplicationRole, 3.2.1
- application-specific policies and roles, 4.2
- audit data
-
- bus-stop files, 12.2.5
- file management, C.6
- migrating, 12.5.5
- reports, 13.1
- audit data store
-
- backup and recovery, 12.5.6.2
- configuring for Java components, 12.2.3.2
- configuring for system components, 12.2.4
- data purge, 12.5.6.3
- de-configuring, 12.2.4.1
- partitioning, 12.5.6.1
- schema, 12.5.1
- tiered archival, 12.5.6.4
- Audit Flow, 11.3.1
- audit logs, 12.4.1
- audit policy, 12.3
- audit report
-
- example of, 13.4
- audit reports
-
- attributes, 13.5.2
- by component, C.2.2
- custom, 13.6.2
- list of standard, 13.5.1
- types of, 13.2
- viewing, 13.3
- Audit Schema, C.3
- audit-aware components, C.1.1
- auditing
-
- event attributes, C.1.3
- events, C.1.2
- filter expression syntax, C.5
- for Oracle Fusion Middleware components, 12.3
- in Oracle Fusion Middleware, 11
- Java components, C.1.1
- manual policy management, 12.3.4
- manually configure for Java components, 12.3.4.2
- manually configure for system components, 12.3.4.4
- Oracle Directory Integration Platform, C.1.2.1
- Oracle HTTP Server, C.1.2.3
- Oracle Identity Federation, C.1.2.5
- Oracle Internet Directory, C.1.2.4
- Oracle Platform Security Services, C.1.2.2
- Oracle Virtual Directory, C.1.2.6
- Oracle Web Cache, C.1.2.11
- Oracle Web Services Manager, C.1.2.12
- overview, 11.2
- OWSM-Agent, C.1.2.7
- OWSM-PM-EJB, C.1.2.8
- policy management with Fusion Middleware Control, 12.3.1, 12.3.2
- policy management with WLST, 12.3.3
- record storage, 11.3.3
- report filters, 13.1.5
- report setup for Oracle Business Intelligence Publisher, 13.1.3
- report templates, 13.1.4
- Reports Server, C.1.2.9
- system components, C.1.1
- WLST commands, C.4
- WS-Policy Attachment, C.1.2.10
- Authenticated Role, 15.1
- authenticated role, 3.3, 6.2, 15.1
- authenticated user, 3.1
- authentication provider, 4.1
- Authentication providers, 10.3.2.4
-
- DefaultAuthenticator, 10.2.4.3.4, 10.2.5.3, 10.2.6.3, 10.3.2.4
- LDAP Authentication, 10.2.4.3.1
- OAM, 10.2, 10.2.2
- OAM Authenticator, 10.2.5.3
- OAM Identity Asserter, 10.2.4.3.4, 10.2.6.3
- OID Authenticator, 10.2.4.3.4, 10.2.6.3, 10.3.1.2, 10.3.2.4
- OSSO Identity Asserter, 10.3.2.4
- WebLogic, 10.1
- authentication providers, 4.1.1
- authenticator flags, 4.1.3.1
- Authenticator for OAM, 10.2
- Auto login, 8.5.3.1
- autologin.url, 8.5.3.3
B
- basic authentication, 20.6
- basic security tasks, 6.2
- bootstrap credentials, 7.3.1
- bulkload, 7.5.2.3
C
- cache
-
- Access Server, 10.2.6.1
- callback handler, 1.3.2
- choosing
-
- the right SSO solution, 10
- cipher suite, 20.2
- class permission, 15.4.6
-
- CredentialAccessPermission, 15.4.6.2
- JpsPermission, 15.4.6.3
- PolicyStoreAccessPermission, 15.4.6.1
- commands to administer credentials, 8.4.2, 9.5.2
- Compliance, 11.1.1
- configuration file, 15.4.9
- configuration of multiple authenticators, 4.1.3.1
- configureAccessGate tool, 10.2.4.2.4, 10.2.10.6
- configuring
-
- global logout
-
- Oracle Access Manager, 10.2.7
- Identity Assertion
-
- for single sign-on with OAM, 10.2.4
- Oracle Web Services Manager, 10.2.6
- OAM Authenticator, 10.2.5
- OAM for single-sign on with OAMCfgTool, 10.2.4.2.4
- OAM for SSO with OAMCfgTool, 10.2.4.2
- OSSO, 10.3
- providers for Oracle Web Services Manager, 10.2.6.3
- Single Sign-On in Oracle Fusion Middleware, 10
- configuring domains, 6.4
- Configuring the Local Store Adapter, 8.1.2
- configuring WebLogic domains, 6.4
- createAppRole, 8.4.2.1
- createCred, 9.5.2.3
- creating user accounts, 3.6
- Credential Management, 7.3.1
- Credential Store, 3.1
- Credential Store Framework, 14.3.4
- Credential Store Framework API, 14.2.4
- Credential Store Types, 4.3
- CredentialAccessPermission, 15.4.6.2
- CredentialMapping permission, 8.5.3.3
- credential-related WSLT commands, 6.5
- CSF
-
- J2EE example with LDAP store, 17.7.4
- J2EE example with wallet, 17.7.3
- J2SE example with wallet, 17.7.2
- CSIv2 identity assertion, 4.1.2
- custom authorization providers, 4.2
- cwallet.sso, 5.3, 15, 15.4.3
- cwallet.sso file, 15.3
- cwallet.sso,, 7.2.1
D
- declarative security, 1.4.1
- Default Authenticator, 5.1
- default keystore, 20.2.1
- DefaultAuthenticator, 4.1, 10.2.4.3.4, 10.2.5.3, 10.2.6.3, 10.3.2.4
- default.auth.level, 8.5.3.3
- deleteAppPolicies, 8.4.2.10
- deleteAppRole, 8.4.2.2
- deployed application, 6.3
- deploying applications, 7.1
- deploying JavaEE applications, 7.4
- Deploying to a Test Environment, 7.3.1
- deployment tools, 7.2
- digest authentication, 20.6
- distribute environments, 8.1.1
- DN, 3.7.2
- Dynamic authentication, 8.5.3.1
E
- EAR file, 15.3, 15.3.1
- ejb-jar.xml, 4.2, 15.3
- embedded LDAP, 4.1.1, 5.2
- enterprise group, 3.1
- Enterprise Groups and Users Class, 15.2
- enterprise user, 3.1
- Enterprise-Level SSO, 10.1
- Event Source Type, 11.3.2.1
- Existing OSSO, 10.1
- exportAuditConfig, C.4.7
- EXTRA_JAVA_PROPERTIES, F.1, I.1.2
F
- fail over support, 6.4
- FAQ, 2.1
- file-based policy store, 4.2
- functional policy, 3.1
G
- generic credential, 9.1
- Generic LDAP Properties, F.2.4
- getAuditPolicy, C.4.2
- getNonJavaEEAuditMBeanName, C.4.1
- getSSLSession, 20.2.2
- Global logout, 8.5.3.1
- grant, 3.1
- grantAppRole, 8.4.2.3
- grantPermission, 8.4.2.7
- group, 3.1
- GUID, 3.7.2
H
- Hash function, 20.2.4
- Headers
-
- sent by Oracle HTTP Server, 10.3.1.3
- host name verification, 20.5.1
- HostnameVerifier, 20.5
- HTTPClient, 20.2
- HTTPConnection, 20.1
I
- Identity Asserter for Single Sign-on with OAM, 10.2
- Identity Management, 7.3.1
- Identity Store, 3.1
- identity store
-
- creating provider, 19.3.4
- provider configuration properties, 19.3.5
- selecting provider, 19.3.3
- identity store in JavaSE, 16.2.2
- importAuditConfig, C.4.8
- initializing an LDAP authenticator, 4.1.3.1
- invoking MBeans, E.2.2
- isCallerInRole, 2.5.1
- isUserInRole, 2.5.1
J
- J2EE
-
- authentication, 1.4.2
- declarative secutity, 1.4.1
- role, 1.4.3
- JAAS
-
- callback handler, 1.3.2
- login context, 1.3.2
- login module, 1.3.2
- principal, 1.3.1
- subject, 1.3.1
- JAAS mode, 15.1
- Java 2
-
- access crontroller, 1.2.3
- permission, 1.2.1
- protection domain, 1.2.2
- security manager, 1.2.3
- Java component, 3.1
- javadocs
-
- OPSS APIs, H.1
- OPSS MBeans APIs, H.1
- OPSS User and Role APIs, H.1
- javax.net.ssl.keyStore, 20.3
- javax.net.ssl.keyStorePassword, 20.3
- javax.net.ssl.keyStoreType, 20.3
- javax.net.ssl.trustStore, 20.3
- javax.net.ssl.trustStorePassword, 20.3
- javax.net.ssl.trustStoreType, 20.3
- jazn-data.xml, 5.3, 7.2.1, 15, 15.3, 15.3.1
- JKS keystore, 20.2, 20.4.1
- JpsApplicationLifecycleListener, 15.4.4
- jpsApplicationLifecycleListener, 15.4.1
- jps.apppolicy.idstoreartifact.migration, 15.4.1, 15.4.1
- JpsAuth.checkPermission API, 14.2.3
- jps-config-jse.xml, 2.5.3
- jps-config.xml, 15, A
- jps-config.xml example, 15.4.9
- jps-config.xml full example, 15.4.9
- jps.credstore.migration, 15.4.4
- JpsFilter, 15.1, 15.3
- JpsInterceptor, 15.1, 15.1.1, 15.3
- JpsPermission, 15.4.6.3
- jps.policystore.applicationid, 15.4.1
- jps.policystore.migration, 15.4.1
- jps.policystore.migration.validate.principal, 15.4.1
- jps.policystore.removal, 15.4.1
- JSSE, 20
K
- Key exchange, 20.2.4
- Keystore Properties, F.2.7
L
- large volume stores, 7.5.2.3
- LDAP authenticator, 4.1.3
- LDAP Credential Store Properties, F.2.2
- LDAP Identity Store Properties, F.2.3
- LDAP Policy Store Properties, F.2.1
- LDAP servers, 5.1
- ldapadd, 8.1.2
- LDAP-based credential, 9.2
- LDAP-based policy store, 4.2, 8.1
- ldapmodify, 8.2.1.2
- ldapsearch, 8.1.2
- LDIF file, 8.1.2
- ldifwrite, 7.5.2.3
- listAppRoleMembers, 8.4.2.6
- listAppRoles, 8.4.2.5
- listAuditEvents, C.4.6
- listPermissions, 8.4.2.9
- logical role, 3.1, E.3
- login context, 1.3.2
- login module, 1.3.2
- LoginService API, 14.2.1
- login.url.FORM, 8.5.3.3
- logout.url, 8.5.3.3
- LSA, 8.1.2
M
- management tools, 5.2
- Managing credentials, 7.3.1.1
- managing domain authenticators, 6.4
- managing identities, 5.2
- managing policies and credentials, 5.2, 5.2
- Managing system policies, 7.3.1.1
- managing users and groups, 5.2
- Mapping application roles to enterprise groups, 7.3.1.1
- mapping of application roles, 3.2
- mapping roles, 7.5.2
- MBean
-
- Administration Policy Store, E.2.1
- annotations, E.3.1
- Application Policy Store, E.2.1
- code sample, E.2.3
- Credential Store, E.2.1
- Global Policy Store, E.2.1
- Jps Configuration, E.2.1
- migrateSecurityStore, 6.5, 7.5.1.1, 7.5.2, 8.3.2, 9.4.2, 15.4.8
- Migrating Audit Policies, 7.5.3
- migrating credentials example, 7.5.2.2
- Migrating Identities, 15.4.8
- Migrating Identities Manually, 7.5.1.1
- Migrating Large Volume Stores, 7.5.2.3
- Migrating Policies and Credentials at Deployment, 7.5.2
- migrating policies example, 7.5.2.1
- Migrating Providers, 7.5.1
- Migration of credentials, 4.3
- Migration of policies, 4.2
- mod_osso, 10.3.2, 10.3.3.1
- modifyBootStrapCredential, 9.5.2.5
- Monitoring, 11.1.1
- multiple-node server domain, 8.1.1
N
- name comparison logic, 3.7.2
- NTLM, 20.6
O
- OAM
-
- Authentication provider, 10.2, 10.2.2
-
- parameter, 10.2.8
- Troubleshooting, 10.2.10
- Authenticator, 10.2, 10.2.5.3
- Identity Asserter, 10.2, 10.2.4.3.4, 10.2.6.3
- OAM solution, 8.5.3.1
- oamAuthnProvider.jar, 10.2.2.1, 10.2.3.2
- OAMCfgTool, 10.2.3.1, 10.2.3.2, 10.2.4, 10.2.4.2
-
- about using, 10.2.4.2.1
- Create mode parameters, 10.2.4.2.1
- host identifiers created, 10.2.4.2.3
- Known Issues, 10.2.9
- process overview, 10.2.4.2.2
- Validate mode parameters, 10.2.4.2.1
- oamcfgtool.jar, 10.2.2.1, 10.2.3.2
- ObSSOCookie, 10.2.2.2
- OID Authenticator, 10.2.4.3.4, 10.2.6.3, 10.3.1.2, 10.3.2.4
- one-way SSL, 8.2.1
- OPSS
-
- and Oracle Application Development Framework, 14.4
- and the development cycle, 14.1.1
- features for developers, 14.1.3
- OPSS APIs
-
- and JavaEE application, 14.3.1
- and JavaSE application, 14.3.7
- authentication with, 14.3.2
- authorization with, 14.3.3
- common uses, 14.3
- CSF, 14.3.4
- User and Role, 14.3.5, D
- OPSS Architecture, 14.1.4
- OPSS SSO Framework, 8.5.3.1
- OPSS System Properties, F.1
- Oracle Access Manager
-
- Integration with OSSO, 10.1, 10.1
- Oracle ADF security, 6.1
- Oracle Business Intelligence Publisher, 13.1
-
- audit report example, 13.4
- Oracle Fusion Middleware Audit Framework, 11.1, 11.1.3
-
- architecture, 11.3.1
- concepts, 11.3, 11.3.2
- Oracle Information Lifecycle Management Assistant, 12.5.6.4
- Oracle Internet Directory, 5.1
- Oracle Internet Directory 10.1.4.3 patch, 5.1
- Oracle Internet Directory tuning, 5.1
- Oracle JDeveloper 11g, 6.1
- Oracle Platform Security Services, 10.1
-
- developing with, 14
- Oracle Security Developer Tools, 14.5
- Oracle Virtual Directory, 5.1
- OracleAS Single Sign-On solution, See Also OSSO, 10.3
- OraclePKIProvider, 20.2.1
- oracle.security.jps.config, 2.5.3, A
- Oracle-specific applications, 6.1
- orapki, 20.2.1
- OSSO
-
- existing implementation, 10.1
- Identity Asserter, 10.3.1, 10.3.2.4, 10.3.2.4
-
- new users, 10.3.2
- processing, 10.3.1.2
- Tips and Troubleshooting, 10.3.3
- solution, 10, 10.1, 10.1
- OSSO Identity Asserter, 10.3.1.1
P
- packaging an J2EE application, 15.3
- Packaging Credentials, 15.3.2
- Packaging Policies, 15.3.1
- password credential, 9.1
- Password Validation, 3.6
- passwords, 3.6
- perimeter authentication, 10.2.2.2
- permission, 1.2.1, 3.1
- permission classes, 4.2, 8, 15.4.6
- permission inheritance, 3.2.1
- permissions to anonymous role, 3.4
- permissions to authenticated role, 3.3
- policy domain
-
- URL prefixes, 10.2.5.2.1, 10.2.5.2.2, 10.2.6.1
- Policy Management, 7.3.1
- Policy Store, 3.1, 4.2
- policy-related WLST commands, 6.5
- PolicyStoreAccessPermission, 15.4.6.1
- Post-installation tasks, 6.3
- principal, 1.3.1, 3.1
- principal name comparison, 3.7.1, 3.7.2
- PrincipalEqualsCaseInsensitive, 3.7.2
- PrincipalEqualsCompareDnAndGuid, 3.7.2
- Process overview
-
- OAMCfgTool, 10.2.4.2.2
- Oracle Access Manager Authenticator for Web and non-Web Resources, 10.2.2.3
- Oracle Access Manager Identity Asserter with Web-only applications, 10.2.2.2
- OSSO Identity Asserter, 10.3.1.2
- production environment, 6.2.1
- Programmatic Authorization, 14.3.3
- programmatic security
-
- J2EE
-
- programmatic security, 1.4.1
- props.auth.level, 8.5.3.3
- props.auth.uri, 8.5.3.3
- props.auth.url, 8.5.3.3
- protection domain, 1.2.2
R
- reassociateSecurityStore, 6.5, 8.4.2.11
- Reassociation of credentials, 4.3
- Reassociation of policies, 4.2
- ResourcePermission, 18.4
- revokeAppRole, 8.4.2.4
- revokePermission, 8.4.2.8
- role hierarchy, 3.2.1
S
- SAML 1.1 identiry assertion, 4.1.1
- SAML 2.0 identity assertion, 4.1.1
- scenarios, 5.4, 5.4
- security manager, 1.2.3
- Security Provider Configuration, 8.2.1, 8.5
- Security Provider for WebLogic SSPI, 10.2.1.3
- security role, 1.4.3
- security-related commands, 6.5
- server restart, 5.2, F
- service instance update script, E.1
- Service Providers, 19.3
-
- introduction, 19.3
- understanding, 19.3.1
- setAuditPolicy, C.4.3
- setAuditRepository, C.4.5
- setDefaultHostnameVerifier, 20.5.2
- setDomainEnv shell script, F.1, I.1.2
- setHostnameVerifier, 20.5.2
- Setting a Node in LDAP server, 8.1.2
- setting up providers
-
- OAM Asserter with Oracle Web Services Manager, 10.2.6.3
- OAM Authenticator, 10.2.5.3
- OAM Identity Assertion, 10.2.4.3.4
- OSSO Identity Asserter, 10.3.2.4
- Single Sign-On, 8.5.3
- single sign-on solutions for Fusion Middleware, See Also SSO, 10
- SPNEGO, 4.1.2
- SPNEGO tokens, 4.1.2
- SSL
-
- and User/Role APIs, 19.8
- anonymous, 8.2.1
- one-way, 8.2.1
- SSLSocketFactory, 20.4.2, 20.4.2
- SSO
-
- enterprise level, 10.1
- existing 10g SSO, 10.1
- Oracle Access Manager, 10.2
- Synchronization Filter, 10.4
- SSO service, 8.5.3.1
- SSO service configuration, 8.5.3.3
- sso.provider.class, 8.5.3.3
- StandardHostnameVerifier, 20.5.3
- storing policies and credentials, 5.1
- Subject, 3.7.1
- subject, 1.3.1, 3.1, 3.4.1
- Symmetric cipher, 20.2.4
- synchronizing
-
- user and SSO Sessions, 10.4
- system component, 3.1
- system-jazn-data.xml, 15
T
- Task overview
-
- Configuring the OAM Authenticator, 10.2.5
- Deploying and configuring OAM Identity Assertion for single sign-on includes, 10.2.4
- Deploying OSSO Identity Asserter, 10.3.2
- Deploying the Identity Asserter with Oracle Web Services Manager, 10.2.6
- Installing required components for OAM Authentication Provider, 10.2.3.2
- Setting policies in Oracle Web Services Manager, 10.2.6.2
- Test Environments, 7.3
- token.provider.class, 8.5.3.3
- typical security practices, 6.3
U
- updateServiceInstanceProperty, E.1
- updating instance with script, E.1
- upgradeSecurityStore, G
- User and Role API, 14.2.2, D
-
- Javadoc, 19.9
- programming tips, 19.3.9.1
- User and Role APIs
-
- and WebLogic authenticators, 19.1.1
- developing with, 19
- environment setup, 19.3.2
- introduction, 19.1
- programming tips, 19.3.9
- summary, 19.2
- UseRetrievedUserNameAsPrincipal, 4.1.3.1
- user.login.attr, I.8
- username.attr, I.8
W
- WAR file, 15.1
- WebLogic
-
- Authentication provider, 10.1, 10.2.4.3.1
- Authentication providers
-
- Identity Assertion, 10.2.4.3.1
- J2EE applications, 10.2.1.3
- WebLogic Administration Console, 5.2
- WebLogic Scripting Tool (WLST), 10.2.4.3.2
- weblogic-application.xml, 15
- web.xml, 4.2, 15, 15.3
- WLSGroupImpl, 3.2.1, 15.2
- WLSGroupImpl principal, 10.2.2.2
- WLST
-
- createAppRole, 8.4.2.1
- createCred, 9.5.2.3
- deleteAppPolicies, 8.4.2.10
- deleteAppRole, 8.4.2.2
- deleteCred, 9.5.2.4
- grantAppRole, 8.4.2.3
- grantPermission, 8.4.2.7
- listAppRoleMembers, 8.4.2.6
- listAppRoles, 8.4.2.5
- listCred, 9.5.2.1
- listPermissions, 8.4.2.9
- reassociateSecurityStore, 8.4.2.11
- revokeAppRole, 8.4.2.4
- revokePermission, 8.4.2.8
- updateCred, 9.5.2.2
- WLSUserImpl, 3.2.1, 15.2
- WLSUserImpl principal, 10.2.2.2
X
- X509 identity assertion, 4.1.1