Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mechanics of Oracle Portal and Identity Management Mechanics of Oracle Portal and Identity Management Paper 36768 Sanjeev Mohan Golden Gate University,

Published byMegan Ring Modified over 9 years ago

Similar presentations

Presentation on theme: "Mechanics of Oracle Portal and Identity Management Mechanics of Oracle Portal and Identity Management Paper 36768 Sanjeev Mohan Golden Gate University,"— Presentation transcript:

1 Mechanics of Oracle Portal and Identity Management Mechanics of Oracle Portal and Identity Management Paper 36768 Sanjeev Mohan Golden Gate University, San Francisco

2 Topics  Introduction  Business Requirements  Case Study: Golden Gate University  Portal  Identity Management (LDAP)  Single Sign On (SSO)

3 Case Study: Golden Gate University’s Legacy Environment  Operating systems: Solaris, Windows, MPE/ix, Netware, Mac OS, Digital Unix  Hardware platforms: SUN (Sparc), Dell (Intel), HP 3000, Macintosh, DEC Alpha  Databases: Oracle, SQL Server, Access, FoxPro, HP Image  Development: Coldfusion, HTML, Javascript, UniBasic  No common code, data, OS, management process, customer experience

4 GGU ’ s new Web Architecture

5 Business Requirements: Challenges  Profusion of stand alone servers and applications  Redundant storage of data  Inaccurate / Out-of-Sync data  Lack of Consolidated view of data  Inability to produce business intelligence

6 Business Requirements: Why Portal?  Higher productivity for the employees by providing single point of access to integrated applications.  Better employee communication and collaboration.  More efficient business process and improvements  Help make an organization more competitive. A well designed portal could provide an organization with a differentiation over its competition.  Better customer satisfaction and retention.  Lower cost and better utilization of the staff e.g. IT support, HR staff etc.  Lower cost by reducing the number of servers.

7 Integration Levels  Integration of Databases  Data Warehouse  Enterprise Application Integration (EAI)  Application Level Integration  Web Services  Portal

8 Integration Architecture ERPERP CRMCRM EM A I L LOBLOB LEGACyLEGACy

9 Portal Definition  The term portal is often misused and many describe it as an entry point into a site e.g. a company’s home page.  Portals provide an organizations’ customers and employee an integrated access to applications and services in a highly secure and customizable manner.

10 Portals  Enterprise Portal – Internal / Corporate Portal – eBusiness Portal  Public Internet Portal  Appliance Portal  Vertical Portal

11 Portal features – End User  Access to Enterprise Applications (Self Service)  Categorization of External / Unstructured Content (Taxonomy)  Collaboration Tools  Personal Organization Tools  Search Tool  Personalization / Customization Tools

12 Portal features – Technology  Identity Management  Single Sign On  Content Management System  Highly Available and Secure Infrastructure  Administration Tools  User Interface Services e.g. Wireless Support

13 Portal Vendors  Pure Play Vendors – Epicentric (acquired by Vignette), Plumtree, Hummingbird, Citrix NFuse, CA CleverPath, Corechange Coreport  Application Server Vendors – BEA WebLogic, IBM WebSphere, Oracle 9iAS, Sun One and BroadVision InfoExchange  ERP Vendors (Oracle, People Soft, SAP)  BI Vendors (Brio, Cognos, SAS, Business Objects)  Others (UPortal, TIBCO, ATG, Microsoft SharePoint )

14 Oracle Portal Architecture

15 Oracle 9iAS R2 Components Mid-tierInfrastructure HTTP Server BC4J; OC4J_Demo; OC4J_Home; OC4J_Portal OC4J_Demo; OC4J_Home; OC4J_DAS Clickstream PortalInternet Directory SSO Webcache

16  Strategic and primary interface for students, faculty, staff, alumni (through Oracle Single Sign On (OSSO)  Portal as a subset of the GGU web site  Support for portal standards (JSR 168, WSRP)  Robust Portal Integration Framework (PDK) – Ease of portal page and portlet development – Extensible portlets – calendar, eLearning, Business Intelligence, OEM 4.0, ERP – External 3 rd -party Portlets  Clickstream Analysis Why Oracle Portal?

17 Identity Management  An infrastructure to centralize the management of users and the privileges assigned to them  User life cycle management – creation of a new user account, modification, assignment of roles and privileges and finally deletion of the user account.

18 Business Requirements: Challenges  User information available in multiple systems – redundancy  Programs needed to sync user data  Data is not consistent / accurate  Security issues when accounts are not deleted for ex-employees

19 What is a Directory / What is it not?  Directory is a specialized database  Doesn’t contain tables, columns, relations  Contains attributes (single valued / multi valued)  Access is not via SQL but via a protocol such as LDAP (Lightweight Directory Access Protocol)  Tuned for fast reads but not writes

20 LDAP Schema – Building Blocks  Entries (details for persons / resources)  Attributes  Primary Key – E.g. Distinguished Name or DN  Examples: – dn: uid = jdoe, ou = hr, o = acme, dc = com – dn: cn = smohan, dc = ggu, dc = edu

21 Object Class  Group of attributes  Uniquely identified by Abstract Syntax Notation (ASN.1) object identifiers (OID)  Vendor includes standard classes as well as proprietary.  Example “Person” object class contains: – Mandatory attributes: cn (common name) and sn (surname) – Optional attributes: userPassword, telephoneNumber etc.

22 Object Class Hierarchy inetOrgPerson (2.16.840.113730.3.2.2) Top (2.5.6.0) Person (2.5.6.6) organizationalPerson (2.5.6.7)

23 Proprietary / User-Defined Object Class  Oracle proprietary: orclSubscriber  GGU user-defined: gguPerson  Internet Assigned Numbers Authority (IANA) assigns a “private enterprise number”  gguPerson attributes: ClassesEnrolledIn, StudentId etc.

24

25 Directory Integration  Identify Systems of record: HR, email, PBX  Some data only in directory – MD5 hashed user password  Synchronization of sources of data with directory  Create users’ roles and group memberships (Access Control Policy)  Setup Delegated Administration

26 OID Applications at GGU  Intranet / Portal user authentication  Database User Authentication  OS Authentication  Oracle Net Directory Naming  Wireless User Authentication using RADIUS  Integration with Oracle 11i eBusiness Suite

27 LDAP Product Vendors  Novell eDirectory  Sun One  Oracle Internet Directory (OID)  Microsoft Active Directory  OpenLDAP  Entrust (GetAccess) / IBM (Tivoli Policy Director) Netegrity (SiteMinder) / Entegrity (AssureAccess) RSA Security (ClearTrust) / Oblix (NetPoint)

28 Oracle Internet Directory (OID)  Underlying storage is the database so we get all the benefits of Oracle 9i R2 (RMAN backup, Replication)  Required by Oracle Portal, Collaboration Suite and future Oracle products and Oracle SSO  Integrates with Oracle HRMS, iPlanet and Microsoft Active Directory  Oracle Delegated Administration Service

29 Business Requirements: Challenges  Help desk inundated with password resets  Users leaving passwords on their desks  Users wasting time trying to remember passwords  Applications forcing password changes causing more confusion  Applications not securing password adequately

30 Single Sign On - Benefits  Ease of administration  User convenience  Higher security  Eases development  Reduces help desk support calls

31 SSO Standards and Vendors  Microsoft.NET Passport (Kerberos)  Liberty Alliance (Security Assertion Markup language - SAML) ---  Oracle Single Sign On (OSSO)  Computer Associates (eTrust)  IBM (Access360)

32 Single Sign On - Architecture Client Web browser Apache web server (mod_sso) SSO Server / Identity Provider LDAP Authenticated Portal Page / application 1 2 3 6 9 4 5 8 7

33 Question & Answers

Download ppt "Mechanics of Oracle Portal and Identity Management Mechanics of Oracle Portal and Identity Management Paper 36768 Sanjeev Mohan Golden Gate University,"

Similar presentations

Directory Infrastructure Roadmap Overcoming Fragmented Identities - Roadmap to a Reliable Directory Infrastructure Thorsten Butschke & Dr. Martin Dehn.

Directory Infrastructure Roadmap Overcoming Fragmented Identities - Roadmap to a Reliable Directory Infrastructure Thorsten Butschke & Dr. Martin Dehn.
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Welcome to Middleware Joseph Amrithraj

Welcome to Middleware Joseph Amrithraj
Common ISO/RTO Architecture ISO/RTO Information Technology Committee Walter A. Pfuntner, Jr, PhD, PE Chairman, ITC Architecture Working Group

Common ISO/RTO Architecture ISO/RTO Information Technology Committee Walter A. Pfuntner, Jr, PhD, PE Chairman, ITC Architecture Working Group
Introduction to z/OS Security Lesson 4: There’s more to it than RACF

Introduction to z/OS Security Lesson 4: There’s more to it than RACF
Microsoft Learning Gateway for HE Rob Miles – Hull University, Lecturer Romola Ganguli – Microsoft Education Technology Advisor.

Microsoft Learning Gateway for HE Rob Miles – Hull University, Lecturer Romola Ganguli – Microsoft Education Technology Advisor.
FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University

FSU Directory Project The Issue of Identity Management Jeff Bauer Florida State University
IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – 6.0.1 Domino Access for MS Outlook - Notes Domino.

IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.
Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.

Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park

June 1, 2001 Enterprise Directory Service at College Park David Henry Office of Information Technology University of Maryland College Park
CS603 Active Directory February 1, 2001.

CS603 Active Directory February 1, 2001.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Building Enterprise Information Portal using Oracle Portal 3

Building Enterprise Information Portal using Oracle Portal 3
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Identity and Access Management

Identity and Access Management
Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.

Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.
E-Business: Intra-Business E-Commerce

E-Business: Intra-Business E-Commerce
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Copyright 2005 © Persistent Systems (http://www.persistentsys.com)http://www.persistentsys.com 1 Overview of Persistent’s Custom Connector Offering.

Copyright 2005 © Persistent Systems ( 1 Overview of Persistent’s Custom Connector Offering.

Similar presentations

Ads by Google