Friday, January 21, 2011

How to Integrate Web SSO with REST web-services using Oracle Access Manager

Nothing inspires me to blog like being stuck in an airport. I'm stuck in DC on a return from my first Vordel customer trip. We saw customers in San Diego, Los Angeles, Bay Area, and Seattle. Some of them there were very interested in the integration between Oracle Access Manager and Vordel. Once again, Mark O'Neill, CTO of Vordel to the rescue.


video


  • Authentication - By simply selecting Oracle Access Manager as a repository, usernames and passwords are authenticated against OAM - encapsulating the directory specifics and optimizing connections
  • Identity Propagation - Once authenticated, the OBSSO cookie is available to down stream applications
  • Single Sign On - By adding another filter - Validate Oracle Access Manager Token - the token is validated by the ASDK and the identity available to the service.
The thing that impresses me about this demo is how easy it is to do. I'm still a relatively new to the Vordel product, but the UI metaphor on building the policies using filters and wiring them together is really simple and easy to grasp. Also, the way that you can pull the output of one filter into the input of another is really useful. The UI will also mark filters as RED is you're missing an upstream input.

Having seen experts like Mark and some of the long time Solutions Architects work with the product, you can get very productive with the tool and build super complicated security scenarios with amazing ease. The biggest challenge is that the 6.0 product ships with over 140 filters. This is not a bad thing...it means that the product provides tremendous value out of the box....its not just a framework. But as some one trying to come up to speed, you realize that there is a 99% chance that there is a filter (or set of filters) that will allow you to do the job.

The other really amazing thing about the filters, is that when you're trying to debug a policy, you can use the real-time monitoring, and see the success/failures of each of the individual filters. This is super useful in diagnosing problems in any environment.

Well, they're calling my flight. Wish me luck getting home. Time stuck on the tarmac is just more time to get up to speed on the product :)



No comments:

Post a Comment