25.4 Managing Application Domains Using the Console

Managing an Application Domain involves adding, modifying, or deleting general and resource-related settings and policies.

Each Application Domain must have a unique name that matches the agent name. After entering a name and optional description for the new Application Domain, click Apply to create it. This manual creation makes available the complete series of tabs: Summary, Resources, Authentication Policies, Authorization Policies, Token Issuance Policies.

Note:

If the Application Domain was created using remote registration or while registering an agent, basic policy information is generated with it. For details, see Understanding Remote Policy and Application Domain Management and Managing Policies and Application Domains Remotely.

This section describes how to create and manage an Application Domain using the Oracle Access Management Console. It includes the following topics:

25.4.1 Creating a New Application Domain

Users with valid Administrator credentials can manually create an Application Domain using the Oracle Access Management Console. Alternatively, Application Domains can be generated automatically during agent registration, as described in Introduction to Agents and Registration and Registering and Managing OAM 11g Agents.

Decide whether you need a new Application Domain or if you can add resources to an existing Application Domain. You can protect multiple applications using the same Agent by manually creating one Application Domain and manually adding resources and policies.

Prerequisites

See Prerequisites to Managing Policies and Protecting Resources at the beginning of this chapter.

To create a new Application Domain

In the Oracle Access Management Console, click Application Security at the top of the window.
In the Application Security console, select Create Application Domain from the Create (+) menu in the Access Manager section.
On the Create Application Domains page, add a unique name, an optional description and other details, then click Apply and close the Confirmation window.

See Configuring Policy Ordering.
View and manage the following containers (tabs) within the Application Domain container:
- Resources: See "Adding and Managing Policy Resource Definitions".
- Authentication Policies: See "Defining Authentication Policies for Specific Resources".
- Authorization Policies: See "Defining Authorization Policies for Specific Resources".
- Token Issuance Policies: See "Managing Token Issuance Policies, Conditions, and Rules".

25.4.2 Searching for an Existing Application Domain

Users with valid Administrator credentials can to search for a specific Application Domain.

Note:

This Search operation is case sensitive.

To search for an Application Domain

In the Oracle Access Management Console, click Application Security at the top of the window.
In the Application Security console, click Application Domains.
In the page that appears, enter the name of the Application Domain you want to find (or partial name and wild card, *, or leave the field blank to retrieve all domains). For example:
```
DesiredDomain
```
Click the Search button to initiate the search.
Choose a name in the Search Results table to perform the desired task. For instance:
- Edit: Click the Edit button in the tool bar to display the configuration page and go to "Viewing or Editing an Application Domain".
- Delete: See "Deleting an Application Domain and Its Contents" before you perform this task.
- Detach: Click Detach in the tool bar to expand the table to a full page.
- View: Select a View menu item to alter the appearance of the results table.

25.4.3 Viewing or Editing an Application Domain

Users with valid Administrator credentials can view or modify an Application Domain (including its resources, policies, conditions, and responses) using the Oracle Access Management Console.

Oracle recommends that you consider grouping similar applications into the same Application Domain. While editing the Application Domain, be aware that different applications are using the same domain. Editing the description and domain name are supported.

25.4.4 Deleting an Application Domain and Its Contents

Users with valid Administrator credentials can delete an Application Domain (including its resources, policies, conditions, and responses) using the Oracle Access Management Console.

Deleting the Application Domain and its content removes all referenced objects, including the Agent registration. Using this method, if you later need to re-register the same Agent, you can because there are no remaining references to the previous Application Domain and its content.

Note:

During a Delete operation, if the Application Domain contains any policy elements, you are alerted.

Prerequisites

Ensure that resources in the domain to be deleted are placed in another Application Domain for protection.

To delete an Application Domain

Locate the desired Application Domain as described in "Searching for an Existing Application Domain".
Ensure that resources in the domain to be deleted are placed in another Application Domain for protection.
In the Search Results table, click the Serial Number beside the desired name, and then click the Delete (x) button in the tool bar.
In the Warning window, click Delete (or click Cancel to dismiss the window).
Check the results table to confirm the Application Domain has been removed.