37.1 Integrating Identity Federation with Access Manager

The Oracle Identity Management framework supports two approaches to cross-domain single sign-on. You cannot mix-and-match these approaches as each stands on its own.

Based on your setup, perform one of the following:.

1. Beginning with the 11g Release 2 (11.1.2), the Oracle Access Management Access Manager server (OAM Server) has been integrated with an Oracle Access Management Identity Federation server. All configuration for the Identity Federation server is performed using the Oracle Access Management Console.
2. Previous, separate releases of Oracle Identity Federation (11.1.1) and Oracle Access Manager can still be deployed to provide federation capabilities. Both servers must be configured and managed for this integration. This approach existed in 11g Release 1 (11.1.1) and is still available.

Note:

The topics in this book presume familiarity with federation and how it works. See Introduction to Oracle Identity Federation in the for background and conceptual information. This current document is limited to describing Oracle Identity Federation functionality as it has been integrated with Access Manager in 11g Release 2 (11.1.2.3).

Benefits of using the new Identity Federation 11g Release 2 (11.1.2.3) server integrated with Access Manager include:

• Eliminating the need to install and maintain separate servers.

• Simplifying post-install configuration of the federation features, particularly when accessing those features through the Oracle Access Management Console.

• Improving the scalability of the two services working together.

• Providing enhanced diagnostics and troubleshooting.