This chapter summarizes the main changes introduced in this release and previous 12c releases.
The new features and major changes introduced in release 12.1.3.0.0 include the following:
Support for IBM DB2 and Microsoft SQL server databases. OPSS supports two new databases as repositories for security stores. See Section 4.1, "Supported File, LDAP, and DB Stores."
The ability to create database views of audit records at registration time using the Dynamic Metadata Model. See Section 15.2.1, "Audit Views Created at Registration."
The new audit createIAUView and getIAUViewInfo commands, that allows you to create and to get information about audit database views. See Audit Configuration Commands in Oracle Fusion Middleware Infrastructure Security WLST Command Reference.
The new merge.jdkcacerts.with.trust property, which specifies whether to return public certification authority certificates in the kss://system/publicacerts keystore with a keystore query to kss://system/trust. See Section 12.4, "About Certificates."
The OPSS REST API.
Updates in this document refresh include the following:
The version number of the document has been corrected.
Updates in this document refresh include the following:
Topic titles revised according to 12c standards.
The Identity Governance Framework. See Oracle Fusion Middleware Java API Reference for Identity Governance Framework Identity Directory
The new features and major changes introduced in release 12.1.3.0.0 follow.
OPSS and Audit schemas support Edition-Based Redefinition (EBR). For references to EBR support, see Section 9.3, "Using a DB Security Store."
The Java Required Files (JRF) template automatically creates data sources. When you create a domain with the JRF template, the process creates three data sources: one for the OPSS schema, one for the OPSS audit viewer schema, and one for the OPSS audit append schema. See Section 7.3.1, "Using a New Database Instance."
Upgrading component audit definitions to the dynamic metadata model. Components using the static model can upgrade audit definitions to the 12c dynamic model with the AuditSchemaUpgradeTool command. See Section 7.7, "Upgrading Component Audit Definitions to 12c.".
Recommended naming conventions and guidelines for audit event names and audit names. See Section 14.7, "Best Practices for Audit Event Definitions.".
New audit events. See the following even categories in Table C-2, "Core OPSS Events"
RolePolicyManagement
ResourceManagement
KeyStoreManagement
PermissionSetManagement
The OPSS diagnostic framework. This framework helps support personnel reduce the resolution time of reported problems. Using this framework, you extract internal states of a domain into a dump that may illuminate the cause of a particular problem. See Section J.1, "The OPSS Diagnostic Framework."
Two new arguments for the reassociateSecurityStore command. The new migrate argument allows specifies whether to append the source data to the target store. The new skip argument allows to skip the migration of incompatible artifacts. See Section 10.4.1, "reassociateSecurityStore."
A new argument for the migrateSecurityStore command. The new skip argument specifies whether to skip migrating incompatible artifacts or to terminate execution when an incompatible artifact is found in the source repository. See Section 9.5.2, "Migrating the Security Store with migrateSecurityStore."
Enhancements to the JpsStartup class. This class now includes:
A set of OPSS states for the JpsStartup.start method
Several runtime options for the JpsStartup.start method
A new constructor for the JpsStartup class
The JpsStartup.getState method
Support for exporting and importing keystores to and from wallets. See task list in Section 12.3, "Managing Keystores with WLST."
Support for Federal Information Processing Standards (FIPS). FIPS-140 is now enabled in the entire Oracle Fusion Middleware stack. See Section 4.3, "FIPS Support in OPSS."
The new features and major changes introduced in release 12.1.2.0.0 follow.
The use of templates to seed security artifacts at domain creation or extension, and a new procedure to upgrade to 12.1.2. See Chapter 7, "Life Cycle of Security Artifacts."
Reference information about WLST commands has been removed from the guide. That content now resides in the Oracle Fusion Middleware Infrastructure Security WLST Command Reference.
Two approaches to audit reporting: the Dynamic Metadata Model, and the Report Template Model. See Section 15.1, "About Audit Reporting."
Reference details are available for audit system attributes and events. See Section C.1.1, "What Components Can Be Audited?."