Oracle Enterprise Gateway

Download PDF
25 downloads 183 Views 416KB Size Report
Comment
Oracle Entitlement Server 11g Integration. Guide. Applies to OEG 11.1.1.6.1 .... resource (Web Service) that they are tr
Oracle Enterprise Gateway

An Oracle White Paper February 2012

Oracle Entitlement Server 11g Integration Guide Applies to OEG 11.1.1.6.1 and Higher software

Oracle Enterprise Gateway

Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

Oracle Enterprise Gateway

1. Introduction....................................................................................... 4 1.1 Structure Of this Guide............................................................... 4 1.2 Architecture................................................................................. 4 1.3 Oracle Entitlements Server........................................................ 5 2. Prerequisites for connecting to Oracle Entitlements Server..............7 2.1 Installing Oracle Client Software on the Gateway.......................7 2.2 Configuring the OES client.......................................................... 7 2.3 Modify the Oracle Enterprise Gateway Classpath.......................9 2.4 Start the Gateway....................................................................... 10 3. Configure OEG to delegate authorization to OES.............................11 3.1 Configure the Authentication Filter.............................................. 11 3.2 Configure Oracle Entitlements Server Authorization Filter .........12 4. Testing the OES Policy in the Oracle Enterprise Gateway................15 5. Conclusion........................................................................................ 16 6. Appendix A. jvm.xml for win32 ......................................................... 17

Oracle Enterprise Gateway

1. Introduction This document describes how to configure the Oracle Enterprise Gateway to authorize using Oracle Entitlements Server (OES) 11g. This is demonstrated by configuring the Gateway to delegate authorization to OES using the OES 11g authorization filter. The OES 11g authorization filter assumes that an authentication filter has been configured prior to it. Thus by the time the authorization filter is executed, the authentication.subject.id attribute is populated and its value is used as the subject in the authorization request to OES. 1.1 Structure Of this Guide This introductory section explains the general concept of the integration between Oracle Enterprise Gateway(OEG) and OES. Section 2 explains the prerequisite steps, which must be performed for the Gateway to communicate with OES. Section 3 explains how to set up and test a policy that authenticates a request, and then communicates with OES for an authorization decision based on the authenticated subject and the resource being accessed. 1.2 Architecture The following diagram shows the sequence of events that occurs when a client sends a message to OEG that needs to be authenticated and authorized to Oracle Entitlements Server.

4 / 18

Oracle Enterprise Gateway

1. A client application sends a message containing credentials to the Oracle Enterprise Gateway. 2. Oracle Enterprise Gateway extracts the credentials and delegates authentication to a third- party system (LDAP, value="/home/oes/Oracle/Middleware/oes_client" />

17 / 18

Oracle Enterprise Gateway

Oracle Enterprise Gateway

Copyright © 2011, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only and the

May 2011

contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other

Author:

warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document and no contractual obligations are

Oracle Corporation

formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any

World Headquarters

means, electronic or mechanical, for any purpose, without our prior written permission.

500 Oracle Parkway Redwood Shores, CA 94065

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

U.S.A. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. Intel Worldwide Inquiries:

and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are

Phone: +1.650.506.7000

trademarks or registered trademarks of SPARC International, Inc. UNIX is a registered trademark licensed through X/Open Company,

Fax: +1.650.506.7200

Ltd. 0410

oracle.com

18 / 18