4/57
List of Tables
1-1 Deployment Types
1-2 Enhancements in Oracle Access Manager 11g
1-3 OAM 10g Functionality Not Available with Oracle Access Manager 11g
1-4 Comparison: OAM 11g versus OAM 10g versus OSSO 10g
1-5 Oracle Security Token Service Terms
1-6 Oracle Security Token Service 11g Infrastructure
1-7 Integrated Oracle Web Services Manager
2-1 OAM 11g Co-existence Summary
3-1 Role Mapping from an LDAP Group to Administrator
3-2 Welcome Page and Shortcuts
3-3 Function Tabs and Descriptions
3-4 Command Buttons in the Tool Bar
3-5 View Menu Command Descriptions
3-6 System Configuration, Actions Menu, Command Descriptions
3-7 Controls for Open Pages
3-8 Page Elements and Descriptions
3-9 Selection Tasks and Controls
3-10 Policy Configuration Subtabs
3-11 Policy Configuration Search Controls
3-12 Common System Configuration Search Controls
4-1 Common Configuration Nodes in Navigation Tree
4-2 Common Settings
4-3 Common Coherence Settings
5-1 Oracle Access Manager 11g, 10g, and OSSO Key Comparison
5-2 User Identity Store Elements
6-1 Summary: Server-side Differences with OAM 11g versus OAM 10g versus OSSO 10g
6-2 OAM Server Instance Settings
6-3 OAM Proxy Settings for an Individual OAM Server
6-4 Default Coherence Settings for Individual OAM Servers
7-1 Common Session Settings
7-2 Session Management Controls and the Results Table
8-1 Access Manager Settings
8-2 Access Manager Settings: Load Balancer
8-3 External Error Codes, Trigger Conditions, and Recommended Messages
8-4 Access Manager Settings: SSO
8-5 Summary: Simple and Cert Mode
8-6 Server Common OAM Proxy Secure Communication Settings
8-7 Policy Evaluation Caches
8-8 Kerberos Authentication Module Definition
8-9 LDAP Authentication Module Definition
8-10 X509 Authentication Module Definition
8-11 Add New Step Entries, Steps Results Table, and Details Section
8-12 Steps Orchestration Subtab
8-13 X509 Step Details: Attributes to Extract from a Certificate
9-1 Agents for OAM 11g
9-2 Comparing Agent Types and Differences
9-3 Comparing IAMSuiteAgent and 11g and 10g Webgates
9-4 Create Pages for OAM 10g and 11g Webgates
9-5 Expanded OAM 11g and 10g Webgate Elements and Defaults
9-6 User-Defined Webgate Parameters
9-7 OAM Agent Search Controls
9-8 Webgate Caches
9-9 Create OSSO Agent Page Elements
9-10 Expanded OSSO Agent Elements
10-1 Remote Registration Request Files
10-2 Remote Registration Sample Commands
10-3 Results of Remote Registration
10-4 Elements Common to Remote Registration Requests
10-5 OSSO-Specific Elements in a Remote Registration Request
10-6 Elements Common to Full Remote Registration Requests
10-7 Variables Required for Remote Registration
10-8 Remote Agent and Policy Updates
10-9 Remote Application Domain Management Modes
10-10 <rregApplicationDomain> Remote Management Template Elements
11-1 Login Module Stacks for using Header Variables
12-1 Comparing OAM 11g Policy Model with OAM 10g
12-2 Host Identifiers Examples
12-3 OAM 11g SSO versus OSSO 10g Component Summary
12-4 SSO Cookies
13-1 Resource Type Definition
13-2 Host Identifier Definition
13-3 Authentication Scheme Definition
13-4 Pre-configured Authentication Schemes
13-5 Challenge Parameters in Pre-configured Schemes
13-6 Challenge Parameters for Encrypted Cookies
13-7 ECC and DCC: Long URL Handling
13-8 Parameters Required for Long URL Handling
14-1 Resource Definition Elements
14-2 HTTP Resources Sample URL Values
14-3 Resource URLs for.jsp
14-4 Resource Evaluation Outcomes
14-5 Search Elements for a Resource in an Application Domain
14-6 Authentication Policy Elements and Descriptions
14-7 Authorization Policy Elements and Descriptions
14-8 Response Elements
14-9 Namespace Request Variables for Single Sign-On
14-10 Namespace Session Variables for Single Sign-On
14-11 Namespace User Variables
14-12 Simple Responses and Descriptions
14-13 Complex Responses
14-14 Authorization Policy General Details
14-15 Add Constraint Window Elements
14-16 Identity Class Constraint Details
14-17 Temporal Constraint Class Details
15-1 User Interactions Using Tester Console Mode versus Command Line Mode Operations
15-2 Access Tester Supported System Properties
15-3 Access Tester Console Panels
15-4 Command Buttons in Access Tester Panels
15-5 Additional Access Tester Buttons
15-6 Access Tester Menus
15-7 Connection Panel Information
15-8 Protected Resource URI Panel Fields and Controls
15-9 Access Tester User Identity Panel Fields and Controls
15-10 Access Tester Capture Request Options
15-11 Generate Script Command
15-12 Test Script Control Parameters
15-13 Run Test Script Commands
15-14 Mismatched Results Reasons in the Statistics Document
16-1 Centralized Logout Circumstances
16-2 Logout Elements in OAM 11g Webgate Registration
16-3 Sample end_url Parameter Specifications
18-1 Policies Transport Security when Message-level Security Not Required
18-2 Security Token Service Settings
18-3 Configuring a Non-Oracle WSM Client for WSS Kerberos Policies
18-4 Oracle Security Token Service Configuration Management Operations
18-5 Oracle Security Token Service-specific Run-time Events
19-1 OSTS Public Keys Used at Run Time
19-2 Keystores for Oracle Access Manager with Oracle Security Token Service
19-3 Keystore Mbeans
19-4 Partner Keys for WS-Trust Communications
19-5 Conditions for Oracle Security Token Service Certificate Validation
19-6 Successful Certificate Validation Requirements
20-1 Template Search Controls
20-2 Issuance Template Requirements
20-3 Issuance Template: General Details
20-4 Issuance Properties: Username Token Type
20-5 Issuance Properties: SAML Token Types
20-6 Security Details: SAML Tokens
20-7 Issuance Template: Attribute Mapping, SAML Token
20-8 Validation Template Protocols
20-9 New Validation Template: General Details
20-10 New Validation Template: Authentication Details
20-11 New Validation Template: Token Mapping
20-12 Endpoints Page
20-13 Constraints Tab: Token Issuance Policy
21-1 Elements for Oracle Security Token Service Partners
21-2 Profile: General
21-3 Requester Profile: Token and Attributes
21-4 Relying Party Profile Requirements
21-5 Token and Attributes Elements: Issuing Authority
21-6 Issuing Authority Token Mapping Elements
23-1 Oracle Access Manager Server-Side Components
23-2 Oracle Access Manager Shared-Service Engine Components
23-3 Oracle Access Manager Foundation APIs Components
23-4 Mapping of ODL to Java Levels
23-5 Oracle Security Token Service Logger
24-1 Logging Levels
24-2 Log Configuration File Names for Components
24-3 Log Writers
24-4 Global Parameters in the First Compound List
24-5 Factors that Determine Whether Logging Is Active
24-6 Mandatory Log Configuration File Parameters
24-7 Log Data File Configuration Parameters
24-8 ParamName Values You Can Configure for Per-Module Logging Threshold
25-1 Oracle Access Manager Administrative Audit Events
25-2 OAM Run-time Audit Events
25-3 Audit Configuration Elements
26-1 OAM Proxy Metrics
26-2 OAM Proxy Tuning Parameters
27-1 Farm Page Sections
27-2 Resulting Pages for Selected Nodes and Targets
27-3 Summary of Performance Overviews in Fusion Middleware Control
27-4 Access Manager Component Metrics
27-5 STS Component-Specific Metrics
27-6 Status and Controls on Performance Summary Pages
27-7 OAM Log Availability and Functions in Fusion Middleware Control
27-8 Log Levels Tab on Log Configuration Page
27-9 Log Files Elements
27-10 OAM Log Message Search Controls in Fusion Middleware Control
27-11 System MBean Browser
27-12
27-13 System MBean Browser
27-14 Farm Topology
28-1 Installation Comparison with OAM 10g Webgates
28-2 Preparing for 10g Webgate Installation with OAM 11g
30-1 IIS 7 Webgate Windows Server 2008
A-1 Partner Applications Protected by OSSO 10g
B-1 Deployment Types
B-2 Differences when Transitioning Data to New versus Existing Target Environments
B-3 Full Replication
B-4 Delta-Replication
B-5 Export Partner and Policy Commands
B-6 Import Partners, Policy, and Delta Commands
C-1 addOAMSSOProvider Command-line Arguments
D-1 Languages for Localized Messages in Oracle Access Manager
E-1 importcert Command Syntax
F-1 Operational Modes for WLST commands for OAM
F-2 WLST Oracle Access Manager Commands
F-3 WLST Commands Oracle Security Token Service
H-1 Login Page Parameters Submitted to the Page by the Single Sign-On Server
H-2 Login Page Parameters Submitted by the Page to the Single Sign-On Server
H-3 Change Password Parameters Submitted to the Page
H-4 Change Password Page Parameters Submitted by the Page
H-5 Parameters Submitted to the Single Sign-Off Page
H-6 Parameters Submitted to the External Application Login Page
H-7 Parameters the External Application Login Page Submits to the Application
H-8 Login Page Error Codes
H-9 Post-Login Messages
H-10 Change Password Page Error Codes
H-11 External Application Login Page Error Codes
H-12 External Application Login
H-13 Authentication Method
H-14 Additional Fields
Scripting on this page enhances content navigation, but does not change the content in any way.