Configuring Single Sign-On with Oracle Access Manager 11g 15-5 Figure 15–1 illustrates details of the seeded Application Authenticator application domain in the OAM 11g Administration Console. The page shown describes the pre-seeded User ID Assertion authentication policy, which protects the AuthenUsernameAssertion resource. The authentication scheme for this policy is also shown along with the resources that are protected by the policy. Figure 15–1 Pre-seeded Resources in the User ID Assertion Authentication Policy Figure 15–2 illustrates pre-seeded Responses for the User ID Assertion authentication policy. For more information about Responses, see the Oracle Fusion Middleware Administrators Guide for Oracle Access Manager with Oracle Security Token Service. Figure 15–2 Pre-seeded Responses in the User ID Assertion Policy Figure 15–3 illustrates the pre-seeded Application SSO authentication policy, the resources protected by this policy, and the authentication scheme. 15-6 Oracle Fusion Middleware Application Security Guide Figure 15–3 Pre-seeded Application SSO Authentication Policy and Resources Figure 15–4 illustrates Pre-seeded Responses for the Application SSO authentication policy in the application domain. Figure 15–4 Pre-seeded Responses for the Application SSO Authentication Policy Figure 15–5 illustrates the pre-seeded Application SSO authorization policy and Resources in the application domain. Configuring Single Sign-On with Oracle Access Manager 11g 15-7 Figure 15–5 Pre-seeded Application SSO Authorization Policy and Resources Authorization Constraints : There are no pre-seeded Application SSO authorization policy Constraints in this application domain. However, you can add constraints as described in the Oracle Fusion Middleware Administrators Guide for Oracle Access Manager with Oracle Security Token Service. Authorization Responses : There are no pre-seeded Application SSO authorization policy Responses in the application domain. However, you can add responses as described in the Oracle Fusion Middleware Administrators Guide for Oracle Access Manager with Oracle Security Token Service.

15.2 Deploying the Oracle Access Manager 11g SSO Solution

This section introduces how to implement OAM 11g with the Authentication Provider when you have applications that are or will be deployed in a WebLogic container. This section provides the following topics to help you implement OAM 11g SSO when you have applications deployed in a WebLogic container. Aside from these uniquely OAM 11g methods, implementing OAM solutions are the same whether you have OAM 11g or OAM 10g: ■ Installing the Authentication Provider with Oracle Access Manager 11g ■ Provisioning an OAM Agent with Oracle Access Manager 11g ■ Configuring Identity Assertion for SSO with Oracle Access Manager 11g ■ Configuring the Authenticator Function for Oracle Access Manager 11g ■ Configuring Identity Assertion for Oracle Web Services Manager and OAM 11g ■ Configuring Centralized Log Out for Oracle Access Manager 11g See Also: ■ Configuring the Authenticator Function for Oracle Access Manager 11g ■ Configuring Identity Assertion for Oracle Web Services Manager and OAM 11g See Also: Oracle Fusion Middleware Administrators Guide for Oracle Access Manager with Oracle Security Token Service for details about the scenario for Identity Propagation with the OAM Token.