This chapter is intended to provide guidance for those planning to deploy or integrate Oracle E-Business Suite Release 12.2 in an enterprise single sign-on environment. Aimed primarily at project managers, DBAs, and system administrators, it describes how to integrate Oracle E-Business Suite Release 12.2 with the appropriate supporting products to provide an enterprise-wide single sign-on solution.
In large organizations, users often have a large number of userids for a variety of network-based resources such as corporate web sites and custom applications. As the number of available resources grow, users and security administrators are faced with the increasingly difficult challenge of managing a proliferation of userids and passwords across different systems.
Enterprise identity management solutions allow security administrators to define a user in a single location such as an LDAP (Lightweight Directory Access Protocol) directory and share that common user definition throughout multiple parts of their enterprise.
In its default configuration, Oracle E-Business Suite Release 12.2 allows registered users to log in using credentials stored directly in Oracle E-Business Suite. In this default configuration, Oracle E-Business Suite system administrators are responsible for maintaining the local repository of registered Oracle E-Business Suite users. Authentication is also handled by Oracle E-Business Suite.
As an alternative to this, you may integrate Oracle E-Business Suite for single sign-on with one of the following options:
Integrate Oracle E-Business Suite with Oracle Access Manager and Oracle Internet Directory or Oracle Unified Directory. See My Oracle Support article KA1041, Overview of Single Sign-On Integration Options for Oracle E-Business Suite.
Integrate Oracle E-Business Suite with Oracle Identity Cloud Service (IDCS). For details, see Configure Oracle E-Business Suite (EBS) to use Oracle Identity Cloud Service for Single Sign-On (SSO).
If a third-party authentication mechanism is used, Oracle Access Manager with Oracle Internet Directory or Oracle Unified Directory or Oracle Identity Cloud Service is still required: they provide bridge functionality between Oracle E-Business Suite and the third-party single sign-on solution. Direct integration with third-party authentication systems and third-party directory services is not supported.