Online Authentication
Oracle Utilities Work and Asset Management delegates the responsibility of authentication of the online users to Oracle WebLogic. This means that any integration that Oracle WebLogic has with specific security protocols or security products can be used with the product for authentication purposes. The configuration of authentication is therefore performed within Oracle WebLogic itself.
Typically, Oracle WebLogic support one or more of the following:
Inbuilt Security: Oracle WebLogic supplies a default basic security store and associated security management capability that can be used if no other security repository exists.
LDAP Based Security: The Lightweight Directory Access Protocol (LDAP) is a protocol for accessing and maintaining distributed directory information services. LDAP is used to standardize the interface to common security repositories (such as Oracle Internet Directory, Microsoft Active Directory etc). LDAP support may be direct or indirect via Identity Management software like Oracle Virtual Directory or Oracle Identity Federation.
SAML Based Security: Security Assertion Markup Language (SAML) is an XML based data format for exchanging authentication and authorization information between parties.
DBMS Based Security: Oracle WebLogic can store, manage and retrieve security information directly from a database.
Operating System Based Security: Oracle WebLogic can store, manage and retrieve security information directly from the underlying operating system.
Oracle Utilities Application Framework Security Provider: The Oracle Utilities Application Framework includes an optional custom WebLogic Security Provider that allows implementations to verify user identity and whether the user is enabled as part of a security domain configuration. If the security provider is not used, these attributes are checked at login time.
These security configurations can be natively support or can be augmented with additional products. Refer to the Security Guides supplied with Oracle WebLogic for details of the security configuration process.