As you design your deployment architecture, be sure to consider the benefits, tradeoffs. The following lists may help you determine if enabling federation using Oracle Access Manager and OpenSSO Enterprise is appropriate to meet your business needs.
OpenSSO Enterprise allows you to continue using an existing Oracle Access Manager deployment for authentication while leveraging the more advanced features of OpenSSO Enterprise.
OpenSSO Enterprise quickly enables federation protocols for Oracle Access Manager with few changes to the existing infrastructure.
OpenSSO Enterprise supports a variety of industry standard protocols such as SAMLv2 , ID-FF, ID-WSF, WS-Federation, XACML, WS-*, and others.
OpenSSO Enterprise supports any generic LDAP repository for users, and can work with the existing Oracle Access Manager database.
OpenSSO Enterprise leverages its own configuration data store, which minimizes the need to migrate data from a different data store.
In general, when integrating any two access management products, you must consider the increased costs in resources and maintenance.
When co-locating Oracle Access Manager and OpenSSO Enterprise, session management for both the products must be synchronized.
Full integration requires you to set up session synchronization, possibly by using notification mechanisms effectively.
Administrators must be trained and proficient in the use of both products.