List of Tables
- -1 Features in Access Manager 12.2.1.3.0
- 1-1 Access Manager Deployment Types
- 1-2 Oracle Access Management Post-Installation Tasks
- 2-1 Language Codes For Login Pages
- 2-2 Oracle Access Management Language Selection Methods
- 2-3 OAM_LANG_PREF Cookie
- 2-4 Application Integration for Language Preference
- 3-1 Configuration Options
- 3-2 Common Services
- 3-3 Common Settings
- 3-4 OCSP Responder Configuration Options
- 4-1 Roles for Delegating Administration
- 5-1 Data Sources for Oracle Access Management
- 5-2 Data Sources for Oracle Access Management Services
- 5-3 Components That Use Identity Stores
- 5-4 User Identity Store Elements
- 5-5 Access Manager Keys and Storage
- 5-6 Keystores for Access Manager and Security Token Service
- 6-1 Conditions Requiring Server Restart
- 6-2 OAM Server Instance Settings
- 6-3 OAM Proxy Settings for an Individual OAM Server
- 7-1 Logging Files
- 7-2 Logging Defaults
- 7-3 Oracle Access Management Server-Side Component Loggers
- 7-4 Oracle Access Management Shared-Service Engine Component Loggers
- 7-5 Oracle Access Management Foundation API Component Loggers
- 7-6 Mapping of ODL to Java Levels
- 7-7 Oracle Identity Federation Loggers
- 8-1 Oracle Business Intelligence Enterprise Edition Reports for OAM
- 8-2 Access Manager Administrative Audit Events
- 8-3 Access Manager Run-time Audit Events
- 8-4 Categories of Audit Events for Identity Federation
- 8-5 Identity Federation Session Management Events
- 8-6 Protocol Flow Events for Identity Federation
- 8-7 Server Configuration Identity Federation
- 8-8 Security Events for Identity Federation
- 8-9 Audit Configuration Elements
- 9-1 Logging Levels
- 9-2 Log Configuration File Names for Components
- 9-3 Log Writers
- 9-4 Global Parameters in the First Compound List
- 9-5 Factors that Determine Whether Logging Is Active
- 9-6 Mandatory Log Configuration File Parameters
- 9-7 Log Data File Configuration Parameters
- 9-8 ParamName Values You Can Configure for Per-Module Logging Threshold
- 10-1 Accounts_Locked_Out Report Fields
- 10-2 AuthenticationFromIPByUser Report Fields
- 10-3 AuthenticationPerIP Report Fields
- 10-4 Authentication_statistics Report Fields
- 10-5 AuthenticationStatisticsPerServer Report Fields
- 10-6 All Errors and Exceptions Report Fields
- 10-7 Authentication Failures Report Fields
- 10-8 Authentication History Report Fields
- 10-9 Authorization History Report Fields
- 10-10 Multiple Logins From Same IP Report Fields
- 11-1 OAM Proxy Metrics
- 11-2 OAM Proxy Tuning Parameters
- 12-1 Farm Page Sections
- 12-2 Resulting Pages for Selected Nodes and Targets
- 12-3 Summary of Performance Overviews in Fusion Middleware Control
- 12-4 Access Manager Component Metrics
- 12-5 Status and Controls on Performance Summary Pages
- 12-6 OAM Log Availability and Functions in Fusion Middleware Control
- 12-7 Log Levels Tab on Log Configuration Page
- 12-8 Log Files Elements
- 12-9 OAM Log Message Search Controls in Fusion Middleware Control
- 12-10 System MBean Browser
- 12-11 MBeans that Access Manager and Security Token Service Deploy
- 12-12 System MBean Browser
- 13-1 Access Manager Settings: Load Balancer
- 13-2 Server Error Mode
- 13-3 Error Trigger Condition, Modes, and Message Codes
- 13-4 External Error Codes, Trigger Conditions, and Recommended Messages
- 13-5 Access Manager Settings: SSO
- 13-6 Summary: Simple and Cert Mode
- 13-7 Server Common OAM Proxy Secure Communication Settings
- 13-8 Policy Evaluation Caches
- 14-1 Agent Types
- 14-2 Agent Registration and SSO Support
- 14-3 Run Time Processing Overview for Access Manager
- 14-4 Keys and Policies Generated During Agent Registration
- 14-5 Artifacts Associated with Agent Registration
- 14-6 Copying Generated Artifacts
- 14-7 Remote Registration Methods
- 14-8 Agent Registration and Configuration Update Artifacts
- 15-1 Elements on Create Pages for OAM Agents
- 15-2 User-Defined WebGate Parameters
- 15-3 Elements on Expanded OAM WebGate/Access Client Registration Pages
- 15-4 Agent Search Controls
- 15-5 Environment Variables to Set within oamreg
- 15-6 Remote Registration Command Arguments: mode
- 15-7 Remote Registration Command Samples
- 15-8 Common Elements in Remote Registration Requests
- 15-9 Remote Registration Request Templates for OAM Agents
- 15-10 Elements in Extended OAM Agent Remote Registration Requests
- 15-11 Variables Required for Remote Registration
- 15-12 Files Returned by in-band Administrator to out-of-band Administrator
- 15-13 Remote Agent Update Modes and Input Files
- 15-14 Delta: OAM Agent Update versus Registration Request
- 16-1 Features Supported when the Database is Unavailable
- 16-2 Features Not Supported when the Database is Unavailable
- 16-3 Session Lifecycle States
- 16-4 Session Checks for State Changes
- 16-5 Session Removal
- 16-6 Application Domain-Specific Overrides
- 16-7 Session Content: Single Authentication Scheme
- 16-8 Session Outcomes: Multiple Authentication Schemes
- 16-9 Global Session Settings
- 16-10 Default Polling Interval
- 16-11 Application-Specific Session Timing Overrides
- 16-12 Session Management Controls and the Results Table
- 17-1 Multi-Data Center Policy Configurations for Idle Timeout
- 17-2 Session Synchronization and Failover Scenarios
- 18-1 MDC Use Cases
- 19-1 Replication States
- 19-2 Modifying Replication Agreement Properties
- 21-1 Summary: SSO Components
- 21-2 Introduction to SSO Implementations
- 21-3 Access Manager Global, Shared Policy Components
- 21-4 Access Manager Policy Components
- 21-5 Condition Types
- 21-6 SSO Cookies
- 22-1 Resource Type Definition
- 22-2 Host Identifiers Examples
- 22-3 Host Identifier Definitions
- 22-4 Comparing the DCC and ECC
- 22-5 Native Authentication Modules
- 22-6 Native Kerberos Authentication Module Definition
- 22-7 Native LDAP Authentication Modules Definition
- 22-8 X509 Authentication Module Definition
- 22-9 Simple Form versus Multi-Step Authentication
- 22-10 General tab
- 22-11 Add New Step Entries, Steps Results Table, and Details Section
- 22-12 Parameter Details for Various Plug-ins
- 22-13 Steps Orchestration Tab
- 22-14 X509 Step Details (KEY_CERTIFICATE_ATTRIBUTE_TO_EXTRACT)
- 22-15 Steps and Plug-ins in a Customized Step-up Authentication Module
- 22-16 Custom Plug-ins Actions
- 22-17 Plugins Status Table
- 22-18 Example of Plugin Details Extracted from XML Metadata File
- 22-19 Authentication Scheme Definition
- 22-20 Pre-configured Authentication Schemes
- 22-21 Challenge Parameters in Pre-configured Schemes
- 22-22 User-Defined Challenge Parameters for Authentication Schemes
- 22-23 Advanced Rules Attributes
- 22-24 Sample Advanced Rules
- 22-25 Request Context Data
- 22-26 Location Context Data
- 22-27 Session Context Data
- 22-28 User Context Data
- 22-29 Challenge Parameters for 11g Encrypted Cookies
- 22-30 Resource Webgate Support of POST Data Preservation and Restoration
- 22-31 Parameters Required for Authentication POST Data Handling
- 22-32 ECC and DCC: Long URL Handling
- 22-33 Parameters Required for Long URL Handling
- 23-1 Login Processing with Access Manager-Protected Resources
- 23-2 DCC Deployment Support
- 24-1 Password Policy Configuration Parameters
- 24-2 Password Policy Elements
- 24-3 Specifying Credential Collectors and Related Forms for Authentication
- 24-4 Credential Collector Password Pages
- 24-5 Password Management Forms and Functions
- 24-6 Location of Oracle-provided LDIFs for LDAP Providers
- 24-7 Key Password Attributes in a Password Policy
- 24-8 User Password Step Details
- 24-9 Included LDIF Schema Files
- 25-1 Resource Definition Elements
- 25-2 HTTP Resources Sample URL Values
- 25-3 Supported Wildcards in Resource URL Patterns (Precedence Order)
- 25-4 Sample Resource URLs
- 25-5 Pattern Matching for Requested URLs
- 25-6 Query String Matching: Examples
- 25-7 Resource Evaluation Outcomes
- 25-8 Search Elements for a Resource in an Application Domain
- 25-9 Authentication Policy Elements and Descriptions
- 25-10 Authorization Policy Elements and Descriptions
- 25-11 Authorization Policy Condition Tab
- 25-12 Add Condition Window Elements
- 25-13 Add identities Elements
- 25-14 Add Search Filter Elements
- 25-15 LDAP Search Filter Examples for Access Manager
- 25-16 Temporal Condition Details
- 25-17 Access Conditions that Require Attribute-Type Conditions
- 25-18 Attribute Condition Elements
- 25-19 Attribute Names for Request Built-ins
- 25-20 Attribute Names for Session Built-ins
- 25-21 Attribute Condition Data (Aggregation of Conditions)
- 25-22 Authorization Policy Rules Elements
- 25-23 Rule Tab in Expression Mode
- 25-24 Operators for Expressions in Authorization Rules
- 25-25 Response Elements
- 25-26 Namespace Request Variables for Single Sign-On
- 25-27 Namespace Session Variables for Single Sign-On
- 25-28 Namespace User Variables
- 25-29 Simple Responses and Descriptions
- 25-30 Complex Responses
- 25-31 Remote Policy Management Modes, Templates, and Flags
- 25-32 Remote Management Template Elements
- 26-1 User Interactions: Tester Console Mode versus Command Line Mode Operations
- 26-2 Access Tester Supported System Properties
- 26-3 Access Tester Console Panels
- 26-4 Command Buttons in Access Tester Panels
- 26-5 Additional Access Tester Buttons
- 26-6 Access Tester Menus
- 26-7 Connection Panel Information
- 26-8 Protected Resource URI Panel Fields and Controls
- 26-9 Access Tester User Identity Panel Fields and Controls
- 26-10 Access Tester Capture Request Options
- 26-11 Generate Script Command
- 26-12 Test Script Control Parameters
- 26-13 Run Test Script Commands
- 26-14 Mismatched Results Reasons in the Statistics Document
- 27-1 Centralized Logout Circumstances
- 27-2 Logout Details After Registration (ObAccessClient.xml)
- 28-1 Supported SAML 2.0 NameID Formats
- 28-2 SAML 2.0 URLs for Identity Federation Acting As Identity Provider
- 28-3 SAML 2.0 URLs for Identity Federation Acting as Service Provider
- 28-4 Supported SAML 1.1 NameID Formats
- 28-5 SAML 1.1 URLs for Identity Federation Acting As Identity Provider
- 28-6 SAML 1.1 URL for Identity Federation Acting as Service Provider
- 28-7 OpenID 2.0 URLs for Identity Federation Acting As Identity Provider
- 28-8 OpenID 2.0 URLs for Identity Federation Acting as Service Provider
- 28-9 Configuring Identity Federation Settings
- 28-10 Implementing Identity Federation
- 29-1 Default Partner Profiles
- 29-2 Identity Provider Partner Settings
- 29-3 Attributes for Google OpenID Partner
- 29-4 Attributes for Yahoo OpenID Partner
- 29-5 Elements Used for IdP Provider Search
- 29-6 Service Provider Partner Settings
- 29-7 Sample SP Attribute Mappings
- 29-8 Attribute Mapping Value Expressions
- 29-9 Attribute Value Filtering Condtions
- 29-10 Sample IdP Attribute Mappings
- 29-11 Default Federation Authentication Method and Access Manager Authentication Scheme Mappings
- 29-12 Configuration Parameters for Attribute Sharing Plug-in
- 29-13 Session Attributes Accessible To Attribute Sharing Plug-in
- 30-1 Federation Settings in the Console
- 30-2 General Federation Settings
- 30-3 Federation Proxy Settings
- 30-4 Keystore Settings for Federation
- 31-1 FederationScheme Element Definitions
- 31-2 FederationPlugin Steps
- 31-3 Orchestration of FederationPlugin
- 31-4 OIFScheme Definition
- 31-5 IFMTLDAPPlugin Steps
- 31-6 Policy Response Elements
- 31-7 Message Attribute Mapping
- 31-8 Office 365 Service Provider Attribute Values
- 32-1 Adaptive Authentication Plugin Properties
- 32-2 Server Side Configuration for Adaptive Authentication Service
- 33-1 Location URL Parameter Definitions
- 33-2 Offline Configuration URL Parameters
- 36-1 Claims within the ID Token used by OpenIDConnect
- 36-2 Claims used by OpenIDConnect
- 36-3 Parameters used in the curl command for OpenIDConnect Authentication Flows
- 36-4 Authorization Code Grant Authentication flow: Parameters and Access tokens
- 36-5 Implicit Grant Authentication Flow: Parameters and Access tokens
- 36-6 scope values that are used to request Claims
- 36-7 Claims under each scope and the corresponding backend LDAP attribute.
- 36-8 Parameters to create new authentication module, UserInfoAuthModule
- 36-9 Fetch public certificate of given Identity domain: Parameters
- 37-1 OpenIDConnectPlugin: Parameters for plugin configuration
- 37-2 UserIdentificationPlugin: Parameters to modify filters
- 38-1 Identity Context Schema Attributes
- 38-2 Mapping Identity Context Operations
- 39-1 Access Manager Support for RSA Features
- 39-2 RSA Features Not Supported
- 40-1 Sample Naming
- 41-1 Component Requirements
- 41-2 Microsoft Requirements for this Integration
- 41-3 Create Web Application Options for Microsoft SharePoint Server
- 41-4 Create a Web Application to Host a Site Collection for SharePoint Server
- 42-1 Requirements for Impersonation with a Header Variable
- 44-1 Login Module Stacks for using Header Variables
- 44-2 Login Module Stacks for using Header Variables
- A-1 addOAMSSOProvider Command-line Arguments
- B-1 importcert Command Syntax
- D-1 oamMDC.properties Properties
- D-2 partnerInfo.properties Properties