1. Enable SSO for Oracle E-Business Suite with OCI IAM using EBS Asserter in High Availability mode
  2. Learn About the OCI IAM E-Business Suite Asserter

Learn About the OCI IAM E-Business Suite Asserter

The OCI IAM E-Business Suite Asserter is a lightweight Java application. It helps businesses simplify the deployment topology for Oracle E-Business Suite single sign-on (SSO) by replacing Oracle Access Manager and Oracle Internet Directory.
You can use the E-Business Suite Asserter when you want to:
  • Have your Oracle E-Business Suite working in SSO with other applications
  • Enhance security to access your Oracle E-Business Suite by enabling OCI IAM security features such as multi-factor authentication, sign-on policies, account recovery, and adaptive security

You can deploy the E-Business Suite Asserter in Oracle WebLogic Server 12c by using secure communications such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS).

The E-Business Suite Asserter provides the following benefits:
  • Multiple access modes for SSO with Oracle E-Business Suite: You can access Oracle E-Business Suite by using one of the following modes:
    • The E-Business Suite Asserter direct URL (bookmark)
    • The OCI IAM My Apps page
    • The E-Business Suite Asserter direct URL with a redirect parameter
    • Previously bookmarked Oracle E-Business Suite URLs
  • Supports log out from multiple points including Oracle E-Business Suite, E-Business Suite Asserter, and OCI IAM

Considerations for Using the E-Business Suite Asserter

To use the E-Business Suite Asserter, you should understand the following considerations for installation and configuration.

  • The host names for the OCI IAM EBS Asserter's application server and the Oracle E-Business Suite's application server must have exactly same domain for SSO to work.
  • The E-Business Suite Asserter must be accessed over SSL, since OCI IAM can only be accessed over SSL. Failure to do so may cause SSO between OCI IAM and the EBS Asserter to fail.
  • Synchronize the server clock where the E-Business Suite Asserter runs, and the server clock where Oracle E-Business Suite runs.
  • You can deploy the asserter in Oracle WebLogic Server 12c by using secure communications such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS).

Network Requirements

To facilitate the communication between OCI IAM, EBS Asserter server and Oracle EBS Server, the following required firewall rules should be configured.
  1. The port used by Oracle EBS application should be accessible from EBS Asserter Server. In this document, we are using port 8000.
  2. The port used by EBS Asserter's Weblogic Server should be accessible from the internet and Oracle EBS application server. In this document we are using port 7002 and 7003.
  3. The port used by Oracle EBS application database server should be accesible from EBS Asserter WebLogic Server. Port 1521 is most commonly used.