What is meant by OAM Server ?
This article will go to explain the customer / user what is meant by OAM Server (Oracle Access Management Server) and about its role. Besides, one can also see the OAM agent modes and communicate with the server of OAM.
Oracle Access Manager:
Oracle Access Manager offers a full range of the security functions of the Web perimeter which can be included with authentication, Web single sign-on, and authorization, auditing, policy administration, and so on. The Single sign-on (SSO) enables the customers / users and user groups in order to access various applications after the authentication. Hence, the SSO eliminates various sign-on requests. Oracle Access Manager 11g can be used on the Oracle Fusion Middleware 11g single sign-on. Oracle Access Manager 11g or the Enterprise Edition (Java EE) can be based on the security of the enterprise-level application which offers the restricted access in order to have the confidential data / information and can be centralized authentication services. An application server, web server, or any third-party application should be protected by a webgate which is registered with the Oracle Access Manager as a good agent. In order to enforce policies, the agent can be acted as the filter for the requests of the HTTP. Oracle Access Manager can enable the administrators in order to define the authorization and authentication policies.
The Agent OAM can be defined as the software installed on the HTTP Server and acts as a PEP which is a policy. The OAM Agent can be a gatekeeper in order to secure the management and resources of all interactions with the customer / user who is trying to access all the resources. All the Authorization and Authentication policies can be stored in a database accessed by the server of the OAM. In fact, the OAM Agent can ask the Server of OAM if the customer / user can get the access for the particular resource. If the Server of OAM accepts, the customer / user will also receive the resource which they have demanded.
OAM Agent can send the request in order to OAM Server in knowing if that user accesses that type of resource. OAM Agent can communicate with the server of OAM by using the OAP (Oracle Access Protocol). This protocol can also be known as NAP (Network Access Protocol). In fact, OAM Agent communicates with the Proxy Server of the OAM. This communication can be simple and open by using the certified certificate. Servers of OAM Proxy can be used for communicating with the OAM Agents ! 14100 port is used for the communications of the HTTP.
OAM 11g supports the below agents.
- OAM 10g WebGate agent : It is known as the C-based agent intended to be deployed in the Web (HTTP) Server.
- OAM 11g WebGate agent : It is known as the Java-based agent intended to be deployed in the Web (HTTP) Server. OAM 11g WebGate agent supports a per-agent secret key for SSO.
- OSSO agent (mod_osso) : It is known as the C-based agent intended to be deployed in the Oracle HTTP Server (OHS) with the mod_osso module.
- OAM 10g AccessGate agent : It is known as the custom agent intended to be deployed in the Web (HTTP) Server. This is created using the OAM Software Development Kit (SDK).
- An integrated OAM Proxy is installed on each OAM managed server.
- When you install OAM server it automatically registers the WebLogic Managed server (oam_server1) as an OAM Server instance;
- Security Mode at Agent side must be the same as Security Mode configured at OAM Proxy.
Oracle Access Manager is most of the key components of Oracle Identity Management, and we can see in this article the value OAM brings to an organization / company / enterprise. Let us dive a bit deeper into OAM. Once, we know how OAM can save us from repeatedly entering the passwords for various applications in the enterprise. For the beginners it is very essential to note the Oracle Access Manager can also be used only to the protected applications or for the services which can be accessed the protocol.
Webgate: It is known as the security guard, guarding the application or resource. Once the Webgate can be setup, it can be intercepts all the http(s) based on the request. It can also act as the policy enforcement point (PEP).
OAM Server: After intercepting the request, Webgate can pass the request to server OAM. This type of server can act as the PDP (Policy Decision Point). If a resource can be a protected resource, it also checks for the authorization and authentication policy attached with that. Users / customers are based on the authentication policy against the configured user store of identity. Once the user can be authenticated, it can be checked for the policy of authorization. It can be possible that the customer / user can be authenticated; moreover he / she may not be authorized to access the resource. So the OAM server can act as the policy server that can be based on the policy attached for the necessary action.
Let us consider at the apps2fusion.com we can set up the new transport portal for all the employees such that they can be updated and manage their shift schedule on their own to avail cabs.
When there is a first time user / customer logs in to the system for the application, he / she will be getting the challenge with the default On page to enter both the username and password. After having the details, the OAM server will go to validate the credentials of the users / customers against the user / customer identity store. If the user can be valid, he / she can be authenticated.
The OAM Agent can be a gatekeeper in order to secure the management and resources of all interactions with the customer / user who is trying to access all the resources. All the Authorization and Authentication policies can be stored in a database accessed by the server of the OAM. In fact, the OAM Agent can ask the Server of OAM if the customer / user can get the access for the particular resource. If the Server of OAM accepts, the customer / user will also receive the resource which they have demanded.
Conclusion:
Hope this article helps you to know the complete details about Oracle Access Manager. Still, you have any queries, comment in the below section. Happy Learning!