4 Federation

Oracle Identity Federation provides a comprehensive implementation of federation standards delivered via Oracle Universal Federation Framework - the unified, extensible and customizable architecture for rapid deployment in any multi-vendor environment.

Oracle Identity Federation allows customers to quickly achieve cross-domain SSO by providing a complete end-to-end federation deployment package, including a simple and lightweight deployment option for Service Providers.

This chapter introduces the integrations for Oracle Identity Federation:

4.1 Oracle Identity Federation for Oracle Identity Management

Oracle Identity Federation integrates with several Oracle Identity Management products to provide integrated federation solutions. Table 4-1 shows the supported integrations:

Table 4-1 Oracle Identity Federation for Oracle Identity Management

Oracle Identity Federation Integrated with Additional Information

Oracle Access Manager

For 11g webgates, see Integrating Oracle Access Manager with Oracle Identity Federation in the Oracle Fusion Middleware Integration Guide for Oracle Access Manager

For 10g webgates, see Oracle Access Manager in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation

Oracle Single Sign-On 10g

See Oracle Single Sign-On in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation


4.2 Oracle Identity Federation for Oracle Fusion Middleware

Oracle Identity Federation integrates with Oracle Fusion Middleware products supporting a variety of federation use cases. Table 4-2 shows the supported integrations:

Table 4-2 Oracle Identity Federation for Oracle Fusion Middleware

Oracle Identity Federation Integrated with Additional Information

Oracle HTTP Server for Oracle Access Manager integration

Deploying Oracle Identity Federation with Oracle Access Manager in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation

Oracle HTTP Server to set up proxy for Oracle Identity Federation

Setting Up a Proxy for Oracle Identity Federation in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation


4.3 Oracle Identity Federation Authentication Engines

In Oracle Identity Federation, an authentication mechanism defines a method or policy for verifying an entity's claimed identity using submitted credentials. An authentication engine is a module implementing a particular authentication method.

Oracle Identity Federation provides several out-of-the-box authentication engines and supports custom authentication engines. Table 4-3 shows the supported integrations:

4.4 Oracle Identity Federation Service Provider Integration Modules

A service provider (SP) integration module creates a user authenticated session at an identity and access management (IAM) system like Oracle Access Manager.

Oracle Identity Federation provides several out-of-the-box SP integration modules, and also supports custom service provider integration modules. Table 4-4 shows the supported integrations:

Table 4-4 Oracle Identity Federation SP Integration Modules

Oracle Identity Federation SP Integration Module for Additional Information

Oracle Access Manager

SP Integration module - Oracle Access Manager in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation

Oracle Single Sign-On 10g

SP Integration module - Oracle Single Sign-On in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation

Custom SP Integration Module for third-party IAM system

SP Integration Module - Custom in the Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation