The available Oracle Identity Federation authentication mechanisms are listed in

Deploying Oracle Identity Federation 3-19 After integrating Oracle Identity Federation with Oracle Access Manager and creating authentication schemes, you can now protect resources using the schemes you have created. Protecting a resource with a specific scheme has the following effect: 1. When a non-authenticated user or an authenticated user with authentication level lower than that of the scheme tries to access a resource protected by an Oracle Identity Federation authentication scheme, the Oracle Access Manager server redirects the user to Oracle Identity Federation for Federation SSO. 2. Oracle Access Manager provides Oracle Identity Federation the resource being requested and the Oracle Identity Federation authentication scheme name to be used. 3. Oracle Identity Federation maps that authentication scheme to an authentication mechanism, and then to a SAMLWS-Fed authentication method. 4. Oracle Identity Federation starts the Federation SSO flow by sending the user to an identity provider and by specifying the authentication method to use in challenging the user for authentication. 5. The IdP will challenge the user, create an assertion and send the user back to Oracle Identity Federation with the assertion. 6. Oracle Identity Federation processes the assertion, extracting from it the method used to authenticate the user and map it to an authentication mechanism. 7. After successful processing, Oracle Identity Federation maps the authentication mechanism to an authentication scheme and creates an Oracle Access Manager session for the user. 8. Oracle Identity Federation redirects the user to the requested resource. 9. Finally Oracle Access Manager grants access to the resource for the authenticated user.

3.2.4 Deploying Oracle Identity Federation with Oracle Access Manager 11g

You can integrate Oracle Identity Federation with Oracle Access Manager 11g. For details, see Integrating Oracle Identity Federation in the Oracle Fusion Middleware Integration Guide for Oracle Access Manager.

3.2.5 Oracle Identity FederationSP Authenticating to Oracle Access Manager

You can configure Oracle Identity Federation, when acting as service provider, to authenticate itself to the Oracle Access Manager server when creating an Oracle Access Manager user session. Topics in this section include: ■ Authentication Overview ■ Enabling Authentication with Existing Federation Schemes ■ Enabling Authentication when Creating New Federation Schemes ■ Updating Oracle Identity Federation Credentials ■ Disabling Authentication to Oracle Access Manager