M 01 EBS OAM Architecture Concepts Ed1

EBS R12 - OAM Integration
Architecture & Concepts
Atul Kumar
Corporate Office : Email :

8 Magnolia Place, Harrow London, UK, HA2 6DS contact@k21acdemy.com
1
Atul Kumar
Ø Oracle ACE
Ø  16+ IAM, Apps DBA & FMW
Ø  Author of two Books

Ø  Blog on h"p://onlineAppsDBA.com 9000+ view/day
Ø  Founder of K21 Academy, specialising in

IAM, EBS (R12), FMW, Cloud Trainings
www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

2
Getting Help
support@k21academy.com

3
Workshop Protocol
Ø  Check K21Academy Login ID for membership Portal

Ø  Ask as Many QuesYons as you can
Ø  Make Session InteracYve
Ø  Learn at your own pace
Ø  Ask in Facebook Group
Ø  Do lot of Hands-‐On
Ø  Check Pace (Interrupt if going too slow or fast)
Ø  Check VPN & Linux Login ID

4
Agenda : Module
Ø  Concepts -‐ How & Why
Ø  SSO Flow
Ø  EBS R12.2 IntegraYon Architecture
Ø  EBS R12.1 & Prior IntegraYon Architecture
Ø  EBS-‐SSO Request Flow
Ø  OAM Architecture
Ø  WebGate / PEP
Ø  EBS AccessGate
Ø  OID/OUD Server
Ø  DIP Server
Ø  Profile OpYons
5
Concepts
Why & How

6
EBS R12.2 Default Login
Ø Default Login Page /OA_HTML/AppsLocalLogin.jsp
Ø Username/Password validaYon against
FND_USR
Ø Challenges
Ø If 1000 users, and 4 environments (TST, UAT,
DEV, OAT) then 4000 login with different
password
Ø If 4 applicaYons (MS-‐AD, FMW, SAP, EBS) that
each user 16 username/password
Ø SoluYon : Single Sign-‐On (SSO)
7
SSO Flow : Check If Protected

8
SSO Flow : ATN Flow

9
SSO Flow : ATZ Flow

10
Architecture & Components
EBS-OAM Integration

11
Architecture: EBS R12.2 - OAM
Ø EBS R12 with
Ø AccessGate
Ø WebGate
Ø Oracle Access Manager
Ø Oracle Directory Server
Ø Oracle Internet Directory
Or
Ø Oracle Unified Directory


12
Architecture: EBS R12.1/12.0 - OAM
Ø EBS R12 (Apps Tier & DB Tier)
Ø Oracle WLS with AccessGate
Ø Oracle HTTP Server + WebGate
Ø Oracle Access Manager
Ø Oracle Directory Server
Ø Oracle Internet Directory
Or
Ø Oracle Unified Directory

13
Request Flow: EBS - OAM
Ø User Access EBS Apps URL
Ø Profile opYon XXX redirects user to
EBS AccesGate
Ø User is redirected to OHS front
ending EBS Access Gate Oracle
WLS with AccessGate
Ø Request is intercepted by
WebGate deployed on OHS
Ø WebGate forward request to
OAM for AutenYcaYon
14
Request Flow: EBS - OAM
Ø OAM validates username/password
with ODS (OID/OUD)
Ø On successful ATN user is redirected
to WebGate to EBS AccessGate
Ø EBS AccessGate validated user with
EBS Database (FND_USER)
Ø  If user is found with same GUID then account is
linked & EBS session created
Ø  If matching GUID is not found then maYng UID
is checked
Ø  Else Account Link Page from EBS is displayed
15
Architecture: OAM
Ø  OAM DB: Policy Store & Metadata
Ø  LDAP Store: Users/Groups
Ø  OAM Domain
Ø Admin Server
Ø Managed Server (OAM): PDP
Ø  WebServer
Ø  WebGate: PEP
Ø  ApplicaYon: Resource

16
WebGate: PEP
•  Agent acts as PEP
•  Deployed with WebServer
•  Separate WebGate per Web Server Type
•  For EBS-‐OAM only OHS WebGate is
cerYfied
•  In R12.2 deploy webgate with OHS part of
R12.2 FMW
•  In 12.1 and prior, install OHS/WebServer
and deploy WebGate on Standalone

17
EBS AccessGate
Ø  J2EE App deployed on WebLogic Server
Ø  Accepts USER_ID from WebGate and
validates against EBS Database
Ø  Creates EBS Session in EBS
Ø  In R12.2 deploy EBS AccessGate with
WebLogic part of R12.2 FMW
Ø  In 12.1 and prior, install separate
WebLogic Server and deploy EBS
AccessGate
Ø  Deployed using txkrun.pl script in EBS

18
OID Server
Ø  LDAP Server from Oracle
Ø  Configured as IdenYty Provider in OAM
Ø  User is sync between EBS-‐OID using DIP
Ø  Managed Using OPMN
Ø  Requires Database to store Data
Ø  Installed and Configured as part of Oracle
IdenYty Management
Ø  User in OID is linked to user in FND_USER
table with GUID (orclguid)

19
OUD Server
Ø  Recommended LDAP Server from Oracle
Ø  Configured as IdenYty Provider in OAM
Ø  User is sync between EBS-‐OUD using DIP
Ø  Data is stored in berkeley java database
Ø  Contains
Ø  LDAP Directory Server
Ø  Proxy Server
Ø  ReplicaYon Server
Ø  User in OID is linked to user in FND_USER
table with GUID (orclguid)

20
DIP: EBS-OID/OUD
Ø  J2EE App deployed on WebLogic Server
Ø  Sync data from OID/OUD to LDAP & APPS
Ø  Two Modules
Ø  SynchronizaYon
Ø  Provisioning
Ø  Provisioning Module of DIP sync data from
OID/OUD to EBS
Ø  DIP is installed and configured during OID/
IDM Sonware

21
Profile Options in EBS
Ø  Set in EBS Controls how EBS behaves
Ø  Depending on profile opYon, can be set
Ø  Site Level
Ø  Server Level
Ø  User Level
Ø  Important Profile Oprionss
Ø  ApplicaYon SSO Login Types
Ø  ApplicaYon SSO LDAP SynchronizaYon
Ø  ApplicaYon SSO Auto Link User

22
Summary : Module
Ø  Concepts -‐ How & Why
Ø  SSO Flow
Ø  EBS R12.2 IntegraYon Architecture
Ø  EBS R12.1 & Prior IntegraYon Architecture
Ø  EBS-‐SSO Request Flow
Ø  OAM Architecture
Ø  WebGate / PEP
Ø  EBS AccessGate
Ø  OID/OUD Server
Ø  DIP Server
Ø  Profile OpYons
23
Find Us
hop://facebook.com/K21Academy

hop://twioer.com/K21Academy

hops://www.linkedin.com/company/K21Academy

hops://www.youtube.com/user/k21technologies

24

M 01 EBS OAM Architecture Concepts Ed1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

M 01 EBS OAM Architecture Concepts Ed1

Uploaded by

Copyright:

Available Formats

EBS R12 - OAM Integration

Architecture & Concepts

Corporate Office : Email :

Ø  16+ IAM, Apps DBA & FMW

Ø  Author of two Books

Ø  Founder of K21 Academy, specialising in

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

Ø  Check K21Academy Login ID for membership Portal

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

You might also like

M 01 EBS OAM Architecture Concepts Ed1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

M 01 EBS OAM Architecture Concepts Ed1

Uploaded by

Copyright:

Available Formats

EBS R12 - OAM Integration

Architecture & Concepts

Corporate Office : Email :

Ø 16+ IAM, Apps DBA & FMW

Ø Author of two Books

Ø Founder of K21 Academy, specialising in

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

Ø Check K21Academy Login ID for membership Portal

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

www.k21academy.com © Copyright 2016 | K21 Academy | All Rights Reserved

You might also like

Ø  16+ IAM, Apps DBA & FMW

Ø  Author of two Books

Ø  Founder of K21 Academy, specialising in

Ø  Check K21Academy Login ID for membership Portal