ORA SPACE

OracleAS Infrastructure Services, logical component of Oracle Application Server 10g, provides security services for OracleAS Middle-Tier applications as well as external applications integrated with OracleAS Infrastructure services. OracleAS Infrastructure has evolved to a state where it can be deployed along with other Identity Management products like Microsoft AD and SunONE Directory Server.

It can be broken down into two sub-components:- Oracle Identity management: Group of applications providing authentication, authorization, policy definition, policy enforcement, entity lifecycle management for integrated applications e.g. OracleAS Portal, Oracle Database, E-Business Suite, Oracle Collaboration Suite, and third party applications.

Brief description of Identity Management Components:

o Oracle HTTP Server: It provides web-interface for Infrastructure Services e.g. Delegated Administration Service and Single Sign-On. OHS is based on Apache 1.3.31. This is not a standard Apache available at http://www.apache.org/. It does contains Oracle’s extensions to standard Apache.

o Oracle Internet Directory: At core of Oracle IDM Infrastructure, an LDAPv3 Directory Service, providing LDAP interface for storage and retrieval of applications configuration data. It stores information about Users, Groups, Network Configurations, Databases, OracleAS Products, and Access Control Lists etc. It stores that complete information in Oracle Database known as OracleAS Metadata Repository. In other words, Oracle Internet Directory is an application running on Oracle Database.

o Oracle Delegated Administration Service: This is a web-based Self Service Console to define users, groups, realms, and configuration entries for custom object classes. In other words, this is a web interface for Users Management of Users data stored in Oracle Internet Directory.

o Directory Integration: A very useful component of IDM stack. Using this you can integrate your Oracle Internet Directory with 3^rd Party Directory Services like Microsoft AD, SunONE Directory etc. You can push data from OID to other directories as well as pull data from them.

o Oracle Directory Integration Provisioning Service: Alongwith its counterpart Directory Integration, DIP Service extends the integration capabilities. DIP will help you to achieve integration of Oracle E-Business Suite with Oracle Internet Directory for synchronization of Users data.

o OracleAS Single Sign-On: A gateway to OracleAS Identity Management for web-applications. It protects the web resources of Oracle Application Server like Portal, Delegated Administration Service (Partner Applications) and third-party applications like Yahoo Mail (External Applications)

o Oracle Certificate Authority: A component to generate X.509V3 certificates for OracleAS.

Oracle Metadata Repository: It contains OracleAS configuration data stored in Oracle Database 10g. Alongwith configuration data, OracleAS components Schemas also reside in Metadata Repository. But these can be installed in another database as well, provided that has been prepared for, by Metadata Repository Creation Asisstant. By default, Portal schemas are installed in Metadata Repository.

During installation of OracleAS Infrastucture, Metadata Repository will be installed in Oracle Database 10g. OracleAS component uses this database. In order to store data for custom applications, you must use a separate database known as Customer Database. It helps in more granular control on both these databases.

OracleAS Infrastructure services can be deployed independent of OracleAS Middle-tier i.e. no need to deploy complete Oracle Application Server. To leverage the centralized storage of application Users and Groups, Oracle Internet Directory can be deployed. Alongwith Single Sign-On can be used protect web resources using same centralized Users and Groups information.

In past, Oracle has done couple of acquisitions that has really extended the Identity Management offering and solutions provided by Oracle.

My focus is to first explain the base Oracle Application Server product, followed by advanced topics, integration, and extensions.

Coming Up Next:

OracleAS Middle-Tier Services