As a prerequisite for Oracle Identity Management Collections, the user is required to log on to Fusion Middleware Enterprise Manager Console once before running the configuration collection.
24.4 Oracle Identity Federation
The configuration categories and their associated configuration items for the Oracle Identity Federation target type follow:
24.4.1 Server Configurations
Server Host Name
Server Port
Port - SSL Enabled
Port - Force SSL
SOAP Port
SOAP Port - SSL Enabled
SOAP Port - Force SSL
SOAP Port - Require Client Certificate
Server Clock Drift (sec)
Session Timeout (sec)
Request Timeout (sec)
Default XML Data Encryption Algorithm
Logout Option - Fail on Error
Logout Option - Return Status
Logout Option - Local Logout Only
Logout Option - Parallel Logout
Maximum SOAP Connections
Maximum SOAP Connections per Server
Proxy Host
Proxy Port
Proxy Username
Non-Proxy Hosts
24.4.2 Data Store Configurations
Federation Store LDAP Connection URL
Federation Store LDAP Bind DN
User Federation Record context
LDAP Container Object Class
Unique Federation ID Attribute
Federation Store LDAP Maximum Connections
Federation Store LDAP Connection Wait Timeout (sec)
Federation Store RDBMS JNDI Name
User Store LDAP Connection URL
User Store LDAP Bind DN
LDAP User ID Attribute
LDAP User Description Attribute
Person Object Class
Base DN
User Store LDAP Maximum Connections
User Store LDAP Connection Wait Timeout (sec)
User Store RDBMS JNDI Name
User Store RDBMS Login Table
RDBMS User ID Attribute
RDBMS User Description Attribute
24.4.3 Identity Provider Configurations
Enable Identity Provider
Provider ID
Assertion Validity (sec)
Re-authenticate After (sec)
Send Signed Assertion
Artifact Timeout (sec)
Enable Common Domain
Common Domain URL
Common Domain Cookie Domain
Common Domain Cookie Lifetime (day)
SSO User Opt-In/Out Mode
Opt-In/Out User Attribute
Opt-In/Out Attribute Value
Re-authenticate when Missing User Session Attributes
24.4.4 Identity Provider SAML 2.0 Assertion Properties
Enabled NameID Formats
Default NameID Format
Get Value from User Session for X.509 Subject Name
Get Value from User Session for Email Address
Get Value from User Session for Windows Domain Qualified Name
Get Value from User Session for Kerberos Principal Name
Get Value from User Session for Unspecified
Get Value from User Session for Custom
User Attribute Mapping for X.509 Subject Name
User Attribute Mapping for Email Address
User Attribute Mapping for Windows Domain Qualified Name
User Attribute Mapping for Kerberos Principal Name
User Attribute Mapping for Kerberos Principal Name
User Attribute Mapping for Custom
Name of the Custom Format
Federation Creation User Consent URL
Force User Consent
Send Encrypted Assertions
Send Encrypted Assertions
Send Encrypted NameID
Send Signed Assertion
24.4.5 Identity Provider SAML 2.0 Protocol Properties
Enable SAML 2.0 Protocol
Enable Register NameID Protocol
Enable Federation Termination Protocol
Enable Attribute Query Responder
User Identity Federation for Attribute Response
Enable Authentication Query Responder
Enable Assertion ID Responder
Enable Protocol Bindings
Default Binding
Default SSO Response Binding
Authentication Request message to Require Signed
Request | XML/HTTP Post message to Require Signed
Request | URL/HTTP Redirect message to Require Signed
Request | XML/SOAP message to Require Signed
Response | XML/HTTP Post message to Require Signed
Response | URL/HTTP Redirect message to Require Signed
Response | XML/SOAP message to Require Signed
Request | XML/HTTP Post message to Send Signed
Request | URL/HTTP Redirect message to Send Signed
Request | XML/SOAP message to Send Signed
Response | XML/HTTP Post message to Send Signed
Response | URL/HTTP Redirect message to Send Signed
Response | XML/SOAP message to Send Signed
Response (Assertion) | XML/HTTP Post message to Send Signed
Response (Assertion) | XML/SOAP message to Send Signed
24.4.6 Identity Provider SAML 1.0 Assertion and Protocol Properties
Enabled NameID Formats
Default NameID Format
Get Value from User Session for X.509 Subject Name
Get Value from User Session for Email Address
Get Value from User Session for Windows Domain Qualified Name
Get Value from User Session for Unspecified
Get Value from User Session for Custom
User Attribute Mapping for X.509 Subject Name
User Attribute Mapping for Email Address
User Attribute Mapping for Windows Domain Qualified Name
User Attribute Mapping for Unspecified
User Attribute Mapping for Custom
Name of the Custom Format
Send Signed Assertion
Enable SAML 1.1 Protocol
Enable SAML 1.0 Protocol
Enable Attribute Query Responder
Enable Authentication Query Responder
Enable Assertion ID Responder
SSO Response Binding
Request | XML/SOAP message to Require Signed
Response (Assertion) | XML/HTTP Post message to Send Signed
Response (Assertion) | XML/SOAP message to Send Signed
24.4.7 Identity Provider WSFed 1.1 Properties
Enable WS-Federation 1.1 Protocol
SSO Token Type
Use Microsoft Web Browser Federated SSO Profile
24.4.8 Service Provider Configurations
Service Provider Configurations
Provider ID
Enable Map Assertion to User Account
Anonymous User ID
Ignore Unknown Conditions
Require Signed Assertions
Default SSO Identity Provider
Enable IdP Discovery Service URL
IdP Discovery Service URL
Enable Common Domain Service
Common Domain Service URL
Enable Attribute Requester Service
Default Attribute Authority
DN Pattern | Identity Provider
Authentication Mechanism | Identity Provider
24.4.9 Service Provider SAML 2.0 Assertion Properties
Map User via Federated Identity
Enable Auto Account Linking
Map User via Attribute Query
Attribute Query
Map User via NameID
Enabled NameID Formats
User Attribute Mapping for X.509 Subject Name
User Attribute Mapping for Email Address
User Attribute Mapping for Windows Domain Qualified Name
User Attribute Mapping for Kerberos Principal Name
User Attribute Mapping for Unspecified
User Attribute Mapping for Custom
Name of the Custom Format
Error when User Mapping Fails
Error when User Mapping Fails
Required Signed Assertion
24.4.10 Service Provider SAML 2.0 Protocol Properties
Enable SAML 2.0 Protocol Enabled
Enable Register NameID Protocol
Enable Federation Termination Protocol
Send Encrypted NameIDs
Send Encrypted Attributes
Allow Federation Creation
User Consent URL
Force User Consent
Enable Protocol Bindings
Default Binding
Default SSO Request Binding
Default SSO Response Binding
Default Authentication Request NameID Format
Request Authentication Context Mechanism
Request Authentication Context Comparison
Request Authentication Context Comparison
Request | XML/HTTP Post message to Send Signed
Request | URL/HTTP Redirect message to Send Signed
Request | XML/SOAP message to Send Signed
Response | XML/HTTP Post message to Send Signed
Response | URL/HTTP Redirect message to Send Signed
Response | XML/SOAP message to Send Signed
Request | XML/HTTP Post message to Require Signed
Request | URL/HTTP Redirect message to Require Signed
Request | XML/SOAP message to Require Signed
Response | XML/HTTP Post message to Require Signed
Response | URL/HTTP Redirect message to Require Signed
Response | XML/SOAP message to Require Signed
Response (Assertion) | XML/HTTP Post message to Require Signed
Response (Assertion) | XML/SOAP message to Require Signed
24.4.11 Service Provider SAML 1.x Assertion and Protocol Properties
Map User via Attribute Query
Map User via Attribute Query
Map User via NameID
Enabled NameID Formats
User Attribute Mapping for X.509 Subject Name
User Attribute Mapping for Email Address
User Attribute Mapping for Windows Domain Qualified Name
User Attribute Mapping for Unspecified
User Attribute Mapping for Custom
Name of the Custom Format
Error when User Mapping Fails
Ignore Unknown Condition
Required Signed Assertion
Enable SAML 1.0 Protocol
Enable SAML 1.1 Protocol
Enable Protocol Binding
Enable Protocol Binding
Response (Assertion) | XML/HTTP Post message to Require Signed
Response (Assertion) | XML/SOAP message to Require Signed
24.4.12 Service Provider WSFed 1.1 Properties
Enable WD-Federation 1.1 Protocol
24.4.13 Admin Server Details
Admin Server Host
Admin Server Port
WebLogic Domain Name
24.4.14 WebLogic Application Configuration
Path
Load Order
Type