1. Security Administration Guide
  2. Understanding JD Edwards EnterpriseOne Single Sign-On Through Oracle Access Management

Understanding JD Edwards EnterpriseOne Single Sign-On Through Oracle Access Management

Oracle Access Management (OAM) provides single sign-on functionality for Oracle applications, including JD Edwards EnterpriseOne. It provides a secure internet infrastructure for identity management for EnterpriseOne applications and processes. This infrastructure provides:

  • Identity and access management across EnterpriseOne applications, enterprise resources, and other domains.

  • Foundation for managing the identities of customers, partners, and employees across internet applications. These user identities are protected by security policies for web interaction.

Integration with OAM provides EnterpriseOne implementations with these features:

  • OAM authentication, authorization, and auditing services for EnterpriseOne applications.

  • OAM single sign-on for EnterpriseOne applications and other OAM-protected resources in a single domain or across domains.

    Note: EnterpriseOne single sign-on through OAM is supported only by the EnterpriseOne web client, not Collaborative Portal.

  • OAM authentication schemes that provide single sign-on for EnterpriseOne applications:

    • Basic Over LDAP (Lightweight Directory Access Protocol): Users enter a user name and password in a window supplied by the web server.

      This method can be redirected to Secure Socket Layer (SSL).

    • Form: Similar to the basic challenge method, users enter information in a custom HTML form.

      You choose the information that users must provide in the form.

    • X509 Certificates: X.509 digital certificates over SSL.

      A user's browser must supply a certificate.

    • Integrated Windows Authentication (IWA): Users will not notice a difference between an OAM authentication and IWA when they log on to the desktop, open a browser, request an OAM-protected web resource, and complete single sign-on.

    • Microsoft .NET Passport: NET Passport is a component of the Microsoft .NET Framework. The .NET plug-in is a web-based authentication service that provides single sign-on for Microsoft-protected web resources.

    • Custom: You can use other forms of authentication through the OAM Authentication Plug-in API.

  • Session timeout: OAM enables you to set the length of time that a user session is valid.

  • Ability to use Oracle Identity Manager for identity management. Oracle Identity Manager provides identity management features such as portal inserts, delegated administration, workflows, and self-registration EnterpriseOne applications.

    You can determine how much access to provide to users upon self-registration. Oracle Identity Manager workflows enable a self-registration request to be routed to appropriate personnel before access is granted. OAM also provides self-service, enabling users to update their own identity profiles.

See also: