In this 5-minute tech tip video, We are going to look at Oracle Access Manager (OAM) Architecture.
Oracle Access Manager is a part of Oracle Identity & Access Manager Suite and a recommended Single Sign-on (SSO) solution for Web Applications .
As shown in Video, Oracle Access Manager (OAM) is consists of .
- Application Tier: In this tier, you have OAM and the Application that you want to protect via OAM. Oracle Access Manager is deployed on a Weblogic Domain. The domain consists of an Admin Server and Managed Server. On Admin Server, you have Access Manager Console deployed that is a Graphical User Interface (GUI) to manage Oracle Access Manager. OAM Managed Server is where actual authentication and SSO happens.
- DB tier: In this tier, you have Database and LDAP Server. The database is used to store metadata and all the policies which are nothing but the rules governing how a particular URL is protected. Then you have User data store which is LDAP Server something similar to Microsoft Active Directory (AD) or Oracle Internet Directory (OID) or Oracle Unified Directory (OUD) or third party LDAP server. In this LDAP server, you store Users and groups.
- Web Tier: In this tier, you have the web server. You put a web server in front of the application that you want to protect via OAM. On this Web Server, you put a policy enforcement point or a gatekeeper or Policy Enforcement Point (PEP) called Webgate.
Any request that comes to the webserver, the Webgate will collect the URL, take it to the OAM and ask OAM what login page user should be redirected to. Then OAM will submit collected userid/password to the LDAP Server (OID/OUD or AD). LDAP server will validate the username and password and on successful authentication, a session will be created in OAM. Then OAM will return to the
LDAP server will validate the username and password and on successful authentication, a session will be created in OAM. Then OAM will return request back to the web Server with an authenticated user ID. The WebServer will forward that request to the application with authenticated user id and the application will create its own session related to that user. After that application can be accessed by the user as long as SSO cookie is valid or someone has not terminated User session from Oracle Access Manager or the user has not Logged out from the application itself.
So this is all in nutshell about Oracle Access Manager Architecture.
We Cover this in Detail in our Oracle Access Manager & Oracle Identity Manager Administration Training also we cover Architecture, Install, Configure, Integrate, HA, DR, Troubleshooting etc in training.
If you are looking for a Job change or Preparing for Your Job as an IDM Expert? Download Your FREE Copy of Interview Questions guide for Oracle Identity Manager and Oracle Access Manager
Related Posts
- Oracle Identity & Access Management (OAM/OID) 12c/11g Click here
- Oracle Access Manager (OAM/SSO) Training : Step by Step Activity Guides /Hands-On Lab Exercise Click here
- Oracle Access Manager 12c (12.2.1.3.0): Download & Installation: Part I Click Here
- Oracle Access Manager 12C: RCU & Configure Domain (12.2.1.3.0) [Part2] Click Here
- Overview of Oracle Identity & Access Management Products (OAM, OIM, OID, OUD, OES, OIF….) Click Here
- Documentation & Download of Oracle IDM 12cPS3 here
- IDM 12cPS3 installation and Configuration here.
- Download IDM Software and create Schema click here
- Console in OAM: OAM Console, WebLogic & EM
- OID Consoles Overview: ODSM, Weblogic & EM
Next Task For You
Want to move ahead in your career and want to get a higher Earning Job?
Get 7+ Courses for DBAs & Apps DBA in a bundle program and learn from the Industry’s best Experts.
Balagurunathan says
Hi Atul,
This video is very helpful. Please release such videos in future.
Thank you very much.
Bala.
Atul Kumar says
Thanks @Balagurunathan more coming on weekly basis. Share topic if you have in mind that you want me to cover .
Isaac says
Thanks so much for the video, more of it please.
Kushal Patil says
Video have good overview , question is if we protect complete root of application / web server then why we need to protect a particular resource explicitly like /xyz.jsp etc
AtulEBSCloudLatest Kumar says
@Kushal If / is protected then only URL / is protected. For you to protect / and subdirectory you must protect /…/*
If you have done / and subdirectory then /xyz.jsp is not required
Ramesh says
Hi Atul
This 5 min video coverd entire architecture with simple understanding langague.
In future please release such videos.
Thanks
Ramesh
Suresh Kukutla says
Hi Atul,
Thank you very much for the video.
Really helped me.
Please share oim architecture and functional videos.
Thank you,
Atul Kumar says
Thanks, We’ll be covering these in future posts. Keep an eye on this Blog or Subscribe to Blog for our weekly update.
Gayathri Ramani says
Hi Atul, thank you so much for your guiding. And my doubt is, in db side how user data store and db will be separated. From the db only ,data can be retrieve right? I think my doubt is so much basic , but am not able to understand.
Gayathri Ramani says
The question is why. Why they separated and what difference of keeping desperate and together.
Atul Kumar says
Gayathri Ramani , User Data Store means users/groups details. These are stored in LDAP (default WebLogic’s embedded LDAP Server), you can add additional LDAP Servers like OID or OUD.
Policy Store will have Policies and Data for Policy are stored in Policies. Policy will have link to Users/Groups and these two stores will be different as one is LDAP server and another is RDBMS .
This has been done so that Enterprise User/Group Stores can be integrated with OAM.
Mahesh says
Please provide oim architecture video.
Narasaraju says
Hi Atul,
This vedio covered the architecture in a simple way. I need complete oracle identity&access managment online course. Please share the content, duration, and price details.
Thank you.
NARASARAJU
Alekhya says
Hi Narasaraju,
Thanks for writing to us!
kindly check the url: https://k21academy.com/oam03 for the course content, duration and course fee structure.Also please check the url: https://k21academy.com/oam05 for the Activity Guides which we cover during the course and Also,which you need to perform the Hands-on.
And If you want to attend for the free master class,then kindly check the url and try to register for the same: https://k21academy.com/oam02
Thanks and Regards,
Alekhya