Session and Message Data Stores Configuration Data Store

Planning Oracle Identity Federation Deployment 2-25 – Oracle Internet Directory – Microsoft Active Directory – Sun Java System Directory Server ■ One of these versions of Oracle Database for the RDBMS transient data store: – Oracle Database 10.2.0.4 or higher – Oracle Database 11.1.0.7 or higher – Oracle Database 11.2.x ■ Oracle HTTP Server for proxy implementation; this is the only proxy server supported by Oracle Identity Federation, and is bundled with the installation.

2.6 Sizing Guidelines

When planning to deploy a federated identity system that leverages Oracle Identity Federation, it is critical to understand the performance considerations, choices, and trade-offs involved in the architecture. This section considers various factors that have an impact on performance in a federated environment, and provides some guidelines to help you assess hardware requirements for a production system with a standalone Oracle Identity Federation server. The following topics are included: ■ Deployment and Architecture Considerations ■ Typical Deployment Scenario ■ Reference Server Footprint ■ Topology

2.6.1 Deployment and Architecture Considerations

Before deploying Oracle Identity Federation, you must define the architecture and role that Oracle Identity Federation will play in a federated authentication setting. Here are some decisions that you must make: ■ Which federation specifications will be used with various trusted partners? Choices include: – SAML 2.0. With additional flows in comparison to SAML 1.x, performance considerations may play a greater role. – SAML 1.0 and 1.1 Note: A user federation data store is not absolutely required for Oracle Identity Federation in all cases: it is required for Liberty 1.x and SAML 2.0 opaque persistent identifiers, but is optional for SAML 1.x, WS-Federation, and SAML 2.0 non-opaque identifiers such as email address, subject DN, and so on. Note: Check the certification matrix for the most current version information.