On-Premise Identity & Access Management – Vendor + Product + Feature Matrix

Security keyboard button

As with any packaged, on-premise suite, finding the best Identity Management products for your enterprise is a not a trivial task. This is especially true when different products from different vendors, that accomplish different objectives or services, have remarkably similar (and therefore confusing) naming conventions. To make matters worse, not unlike other COTS enterprise suites, the ‘cloudification’ of these products has begun and many vendors have started to offer a version of these products as a PaaS or SaaS offering. Additionally, many of these vendors also offer an IaaS type deployment of these packaged products in their on-prem form. M&S has … Read More

Identity & Access Management – Vendor & Product Matrix

As with any packaged suite, finding the best Identity Management products for your enterprise is a not a trivial task. This is especially true when different products from different vendors, that accomplish different objectives or services have remarkably similar (and therefore confusing) naming conventions. To help layout the current Identity Management vendor / product landscape as we see it, we’ve put together the following matrix of products by vendors. Service Identity Governance User Life Cycle, Self-Service, Request / Role Based, Provisioning & Deprovisioning, Password Management, Attestation & Compliance / Separation of Duties Oracle Identity Manager IBM® Security Identity Manager CA … Read More

Oracle Identity Management 11gR1 vs. 11gR2 Packages

Many of our customers get hung up on the release cycles, version numbers, and included products of Oracle’s Identity Management offerings. Following is a quick breakdown of the latest versions of Oracle’s Identity Management products included in both 11gR1 and 11gR2 organized as the downloadable software packages. Most of Oracle’s Identity Management products can be licensed as either a part of a suite or individually, however, some can only be licensed individually. The packages have changed significantly between 11gR1 and 11gR2 and some 11gR2 licensing suites include 11gR1 products….confused yet? Don’t worry, we can help. Let’s Talk. Oracle Identity Management … Read More

Identity Management: From Oracle 10g to 11g – IdM, SSO, OAM

I have been running Oracle Identity Management 10g with heavy use of 10g SSO capabilities. Much of our web security architecture along with application authentication relies on this infrastructure. What do I do as development begins to shift from OracleAS to WebLogic, and our middleware stack goes from 10g to 11g? We will need to run 10g and 11g in production side-by-side for some period of time. This is a question many of our customers are asking and it is understandable that there is confusion around this. Oracle hasn’t provided the clearest of answers, and in general, identity management initiatives … Read More

Print REMOTE_USER CGI Variable in JSP on WebLogic 11g

There could be a number of reasons you want to verify the value of the REMOTE_USER variable in an app you are running in WebLogic. A quick way to check is by dropping in a JSP file that prints the value: <html> <body> REMOTE_USER: <%= request.getRemoteUser() %> </body> </html>

The day I “spun up” my OIM 11g VM in my private cloud

I had OIM installed in a sandbox VM a few months ago and decided to spin it back up in our private cloud environment. The novelty of being able to so very simply allocate, deallocate, and reallocate resources when needed to various environments still hasn’t worn off for me. I’m sure one day in the somewhat near future, this luxury will be commonplace even for lesser-sophisticated IT shops…and we will be telling stories to new team members of “the [not as good] old days” when we had to actually purchase physical hardware for each new project, how sizing hardware was … Read More

Kerberos Module for Apache – mod_auth_kerb Download (mod auth kerb)

In case you are having trouble finding the Kerberos Module for Apache like some of our customers have, we have decided to host it on our website as well. With more organizations interested in securing their applications with native Windows authentication, this is becoming more and more popular. We have been devising integrated Windows authentication identity management solutions with Apache for years, so we’re quite comfortable with the best ways to implement with this. Many large software vendors actually leverage this same approach in their enterprise identity management solutions. Feel free to download “mod_auth_kerb” using the below form. Following are … Read More

Four Middleware 11g Servers — Here we go!

We just started into installs for four middleware servers for a customer. These will each run DB, WebLogic, IdM, SOA/BPM, UCM, and WebCenter — all 11g. There’s nothing like getting fresh, fast, functionally-useless hardware and turning it into a powerful piece of problem-solving equipment. – Historic M&S Dogma