What's New in Oracle Access Manager?

This section describes new features of Oracle Access Manager 11g.

The following sections describe the new features in Oracle Access Manager that are reflected in this book:

Product and Component Name Changes

Many Oracle Access Manager component names remain the same. However, there are several important changes that you should know about, as shown in the following table:

Area Oracle Access Manager 10g Oracle Access Manager 11g
Deployment Stand alone server Deployed in a container
Component Names Access Server

Policy Manager

Identity Server


OAM Server

OAM Administration Console



Agents WebGate


OAM Agent

OAM Agent

Console Names Policy Manager

Identity System Console

Access System Console

OAM Administration Console



Directory Profiles Directory Profiles User-Identity Stores
Identity Administration Identity Server Identity agnostic (Oracle Identity Manager 11g is used by default)
Administrators Master Administrator

Master Identity Administrator

Master Access Administrator

Delegated Administrators

OAM Administrator




Agent and partner application registration N/A OAM Administration Console

Remote registration tool provides automated Agent registration and application domain creation with default security policies

Automated creation of Oracle Access Manager 10g form-based authentication scheme, policy domain, access policies, and WebGate profile for the Identity Asserter for single sign-on OAMCfgTool

Platform-agnostic tool and scripts

Configuration Store LDAP XML file
Policy Store LDAP RDBMS
Policy Model Open (default allow) Closed (default = deny access)
Policy Domain Policy Domain Application Domain
Session management Stateless, stored in a cookie Stateful, stored on the server
Authentication to LDAP LDAP defined system wide LDAP defined in an authentication scheme
Resource Types Resource Type Resource Type
Resources Resource Resource
Host Identifiers Host Identifiers Host Identifiers
Authentication Authentication

Authentication Scheme

Authentication Plug-ins


Authentication Rule


Authentication Scheme

Authentication Plug-ins

Authentication Modules

Authentication Policy

Authorization Authorization

Authorization Rule

Authorization Expression



Authorization Policy

Actions Actions Responses
Software Developer Kit Access SDK Access SDK
Access Protocol NetPoint Access Protocol (NAP) Oracle Access Protocol (OAP)
Access Protocol port number 6021 5575 (assigned by the Internet Assigned Numbers Authority (IANA))

Oracle Access Manager 11g Software Developer Kit

Oracle Access Manager 11g provides a pure Java software developer kit (SDK) for the creation of custom AccessGates and extensions of authentication and authorization functionality. Oracle Access Manager 11g also provides compatibility with the Oracle Access Manager 10g JNI SDK, which can be migrated to use the Oracle Access Manager 11g.