Access Manager uses Oracle Coherence to replicate session states within a distributed installation. Coherence is used to communicate state changes between the Oracle Access Management Console and OAM Servers.
Consider the following 2 distributed deployment topologies. Coherence relies on User Datagram Protocol (UDP) for cluster discovery and heartbeat. If a firewall exists between certain components of Access Manager, then the corresponding UDP ports used by Coherence must be open. Otherwise, Access Manager might not work correctly.
For example, the UDP ports used by Coherence must be opened as follows:
The Oracle Access Management Console is deployed within the intranet, and OAM Servers are deployed in the DMZ. In this case, the UDP ports used by Coherence must be opened on the firewall between the DMZ and the intranet.
The Oracle Access Management Console and OAM Servers are deployed in different security zones of the DMZ, with firewalls between any two adjacent zones. In this case, the UDP ports used by Coherence must be opened on the firewall between the adjacent security zones, where one or more instances of Oracle Access Management Console and OAM Servers run.
Access Manager 11g uses Oracle Coherence to provide a distributed cache with low-data access latencies and to transparently move data between distributed caches (and into the session store). Session data is redundant across these tiers. For example, when a session is created, it then exists within the local cache on the server that created it, the distributed cache, and (if enabled) within the session store database as well. For more information, see Maintaining Access Manager Sessions.
WARNING:
Oracle recommends that you do not modify Oracle Coherence settings unless requested to do so by an Oracle Support Representative.
Whether you are viewing Oracle Coherence settings for an individual server instance or Oracle Coherence details that are common to all OAM Servers, Oracle recommends that you do not modify Oracle Coherence settings unless requested to do so by an Oracle Support Representative.
Oracle Coherence logging appears in the WebLogic Server log only. There is no bridge from Oracle Coherence logging to Access Manager logging.
See Also:
Oracle Coherence documentation.