Oracle Application Server provides a security framework that incorporates the different key components here I discuss oracle identity management
Oracle Identity Management supports a variety of complex password policies. These fall into two categories:
- Value-based policies (including minimum lengths and the presence of a minimum number of special characters)
- State-based policies (e.g., expiration and maximum number of retries)
Many users face a proliferation of passwords as they gain access to more applications and systems. Because it is so easy for users to forget passwords when they have so many to remember, users may end up writing them down in public places, thus creating a security risk. Oracle Identity Management can help lift this burden on users by enabling deployment of single sign-on, allowing a single user and password combination across these applications and systems.
Follow these steps to set up a basic single sign-on system:
- Install the identity management infrastructure database, database server, and single sign-on servers using the Oracle Universal Installer.
- Configure the HTTP servers in the single sign-on middle tier.
- Configure the HTTP hardware load balancer or Oracle AS Web Cache.
- Configure the identity management infrastructure database single sign-on server to accept authentication requests from an externally published address of the Oracle AS Single Sign-On server.
- Re Register the mod_osso (Oracle AS Single Sign-On extension) to the Oracle AS Single Sign-On middle tier.