- Oracle Identity Manager 11gR2-PS2 has a component architecture that includes a self-contained J2EE application, SOA for workflow and notifications, OES for authorization, BI for reporting, and external dependencies like LDAP and databases.
- The functional architecture has four tiers - presentation, business services, integration services, and data. Key services include identity provisioning, common services, and integration with target applications.
- Identity provisioning services within OIM handle tasks like resource management, account management, provisioning workflow, role integration, and reconciliation.
Data Lake allows an organisation to store all of their data, structured and unstructured, in one, centralised repository. Since data can be stored as-is, there is no need to convert it to a predefined schema and you no longer need to know what questions you want to ask of your data beforehand. In this session we will explore the architecture of a Data Lake on AWS and cover topics such as storage, processing and security.
Data Lake allows an organisation to store all of their data, structured and unstructured, in one, centralised repository. Since data can be stored as-is, there is no need to convert it to a predefined schema and you no longer need to know what questions you want to ask of your data beforehand. In this session we will explore the architecture of a Data Lake on AWS and cover topics such as storage, processing and security.
Ranger’s pluggable architecture allows resource access policy administration and enforcement for standard and custom services from a “single pane of glass”. Apache Ranger has a rich Authorization Model, which provides the mechanism to author Policy in a Ranger Admin Server and serves as policy decision and audit point in authorizing user’s resource access within various components of Hadoop ecosystem.
This session will provide a deep dive into Ranger framework and a cook-book for extending Ranger to do authorization / auditing on resource access to external applications, including technical details of Rest APIs, Ranger policy engine and enriching authorization requests, with a demo of a sample application.We will then demonstrate a real-world example of how Ranger has simplified security enforcement for Hadoop-native MPP SQL engine like Apache HAWQ (incubating),which previously used its built-in Postgres-like authorization mechanisms. The integration design includes a Ranger Plugin Service that allows transparent authorization API calls between C-based Apache HAWQ and Java-based Apache Ranger.
Apache Spark Based Reliable Data Ingestion in Datalake with Gagan AgrawalDatabricks
Ingesting data from variety of sources like Mysql, Oracle, Kafka, Sales Force, Big Query, S3, SaaS applications, OSS etc. with billions of records into datalake (for reporting, adhoc analytics, ML jobs) with reliability, consistency, schema evolution support and within expected SLA has always been a challenging job. Also ingestion may have different flavors like full ingestion, incremental ingestion with and without compaction/de-duplication and transformations with their own complexity of state management and performance. Not to mention dependency management where hundreds / thousands of downstream jobs are dependent on this ingested data and hence data availability on time is of utmost importance. Most data teams end up creating adhoc ingestion pipelines written in different languages and technologies which adds operational overheads and knowledge is mostly limited to few.
In this session, I will talk about how we leveraged Sparks Dataframe abstraction for creating generic ingestion platform capable of ingesting data from varied sources with reliability, consistency, auto schema evolution and transformations support. Will also discuss about how we developed spark based data sanity as one of the core components of this platform to ensure 100% correctness of ingested data and auto-recovery in case of inconsistencies found. This talk will also focus how Hive table creation and schema modification was part of this platform and provided read time consistencies without locking while Spark Ingestion jobs were writing on the same Hive tables and how we maintained different versions of ingested data to do any rollback if required and also allow users of this ingested data to go back in time and read snapshot of ingested data at that moment.
Post this talk one should be able to understand challenges involved in ingesting data reliably from different sources and how one can leverage Spark’s Dataframe abstraction to solve this in unified way.
Integrating Apache Kafka Into Your Environmentconfluent
Watch this talk here: https://www.confluent.io/online-talks/integrating-apache-kafka-into-your-environment-on-demand
Integrating Apache Kafka with other systems in a reliable and scalable way is a key part of an event streaming platform. This session will show you how to get streams of data into and out of Kafka with Kafka Connect and REST Proxy, maintain data formats and ensure compatibility with Schema Registry and Avro, and build real-time stream processing applications with Confluent KSQL and Kafka Streams.
This session is part 4 of 4 in our Fundamentals for Apache Kafka series.
Battle Of The Microservice Frameworks: Micronaut versus Quarkus edition! Michel Schudel
Micronaut and Quarkus are two cool emerging Java backend frameworks that aim to solve some problems that exist in current frameworks, like faster startup, low memory footprint, and support for ahead-of-time compilation using GraalVM. In this session, we'll square off both frameworks against each other.
How do they compare, what are the stronger and weaker points of both frameworks?
We'll compare the following features:
Initializing your project
Building your first restcontroller / programming model
Startup time
Database support
Integration test support
Building native images
Memory usage and JAR sizes
Ease of cloud deployment
In the end, we might have a clear winner! ... or will we?
Oracle Database Migration to Oracle Cloud InfrastructureSinanPetrusToma
This slide deck highlights the benefits of Oracle Cloud, describes the different Oracle database cloud services and their characteristics, which one to choose and what to consider, and more than 20 methods and solutions Oracle offers to migrate Oracle databases across platforms.
Building Event Driven (Micro)services with Apache KafkaGuido Schmutz
What is a Microservices architecture and how does it differ from a Service-Oriented Architecture? Should you use traditional REST APIs to bind services together? Or is it better to use a richer, more loosely-coupled protocol? This talk will start with quick recap of how we created systems over the past 20 years and how different architectures evolved from it. The talk will show how we piece services together in event driven systems, how we use a distributed log (event hub) to create a central, persistent history of events and what benefits we achieve from doing so.
Apache Kafka is a perfect match for building such an asynchronous, loosely-coupled event-driven backbone. Events trigger processing logic, which can be implemented in a more traditional as well as in a stream processing fashion. The talk will show the difference between a request-driven and event-driven communication and show when to use which. It highlights how the modern stream processing systems can be used to hold state both internally as well as in a database and how this state can be used to further increase independence of other services, the primary goal of a Microservices architecture.
Building Cloud-Native App Series - Part 1 of 11
Microservices Architecture Series
Design Thinking, Lean Startup, Agile (Kanban, Scrum),
User Stories, Domain-Driven Design
Overview of Oracle Product Portfolio (focus on Platform) - April, 2017Lucas Jellema
This presentation gives an overview of major steps in the history of the product portfolio of Oracle Corporation. It discuss in some detail the features, editions and options available with Oracle Database and introduces the components in Fusion Middleware. Cloud is touched upon - but not discussed in depth.
Oracle RAC is an option to the Oracle Database Enterprise Edition. At least, this is what it is known for. This presentation shows the many ways in which the stack, which is known as Oracle RAC can be used in the most efficient way for various use cases.
OOW15 - Planning Your Upgrade to Oracle E-Business Suite 12.2vasuballa
This session discusses key planning considerations when upgrading to Oracle E-Business Suite 12.2. It combines lessons learned from customers with practical advice from Oracle’s development, consulting, and support organizations. Understand how to build the business case, identify needed time and resources, prepare business and IT staff for changes, plan for required system changes, create an effective test strategy, and more.
Ranger’s pluggable architecture allows resource access policy administration and enforcement for standard and custom services from a “single pane of glass”. Apache Ranger has a rich Authorization Model, which provides the mechanism to author Policy in a Ranger Admin Server and serves as policy decision and audit point in authorizing user’s resource access within various components of Hadoop ecosystem.
This session will provide a deep dive into Ranger framework and a cook-book for extending Ranger to do authorization / auditing on resource access to external applications, including technical details of Rest APIs, Ranger policy engine and enriching authorization requests, with a demo of a sample application.We will then demonstrate a real-world example of how Ranger has simplified security enforcement for Hadoop-native MPP SQL engine like Apache HAWQ (incubating),which previously used its built-in Postgres-like authorization mechanisms. The integration design includes a Ranger Plugin Service that allows transparent authorization API calls between C-based Apache HAWQ and Java-based Apache Ranger.
Apache Spark Based Reliable Data Ingestion in Datalake with Gagan AgrawalDatabricks
Ingesting data from variety of sources like Mysql, Oracle, Kafka, Sales Force, Big Query, S3, SaaS applications, OSS etc. with billions of records into datalake (for reporting, adhoc analytics, ML jobs) with reliability, consistency, schema evolution support and within expected SLA has always been a challenging job. Also ingestion may have different flavors like full ingestion, incremental ingestion with and without compaction/de-duplication and transformations with their own complexity of state management and performance. Not to mention dependency management where hundreds / thousands of downstream jobs are dependent on this ingested data and hence data availability on time is of utmost importance. Most data teams end up creating adhoc ingestion pipelines written in different languages and technologies which adds operational overheads and knowledge is mostly limited to few.
In this session, I will talk about how we leveraged Sparks Dataframe abstraction for creating generic ingestion platform capable of ingesting data from varied sources with reliability, consistency, auto schema evolution and transformations support. Will also discuss about how we developed spark based data sanity as one of the core components of this platform to ensure 100% correctness of ingested data and auto-recovery in case of inconsistencies found. This talk will also focus how Hive table creation and schema modification was part of this platform and provided read time consistencies without locking while Spark Ingestion jobs were writing on the same Hive tables and how we maintained different versions of ingested data to do any rollback if required and also allow users of this ingested data to go back in time and read snapshot of ingested data at that moment.
Post this talk one should be able to understand challenges involved in ingesting data reliably from different sources and how one can leverage Spark’s Dataframe abstraction to solve this in unified way.
Integrating Apache Kafka Into Your Environmentconfluent
Watch this talk here: https://www.confluent.io/online-talks/integrating-apache-kafka-into-your-environment-on-demand
Integrating Apache Kafka with other systems in a reliable and scalable way is a key part of an event streaming platform. This session will show you how to get streams of data into and out of Kafka with Kafka Connect and REST Proxy, maintain data formats and ensure compatibility with Schema Registry and Avro, and build real-time stream processing applications with Confluent KSQL and Kafka Streams.
This session is part 4 of 4 in our Fundamentals for Apache Kafka series.
Battle Of The Microservice Frameworks: Micronaut versus Quarkus edition! Michel Schudel
Micronaut and Quarkus are two cool emerging Java backend frameworks that aim to solve some problems that exist in current frameworks, like faster startup, low memory footprint, and support for ahead-of-time compilation using GraalVM. In this session, we'll square off both frameworks against each other.
How do they compare, what are the stronger and weaker points of both frameworks?
We'll compare the following features:
Initializing your project
Building your first restcontroller / programming model
Startup time
Database support
Integration test support
Building native images
Memory usage and JAR sizes
Ease of cloud deployment
In the end, we might have a clear winner! ... or will we?
Oracle Database Migration to Oracle Cloud InfrastructureSinanPetrusToma
This slide deck highlights the benefits of Oracle Cloud, describes the different Oracle database cloud services and their characteristics, which one to choose and what to consider, and more than 20 methods and solutions Oracle offers to migrate Oracle databases across platforms.
Building Event Driven (Micro)services with Apache KafkaGuido Schmutz
What is a Microservices architecture and how does it differ from a Service-Oriented Architecture? Should you use traditional REST APIs to bind services together? Or is it better to use a richer, more loosely-coupled protocol? This talk will start with quick recap of how we created systems over the past 20 years and how different architectures evolved from it. The talk will show how we piece services together in event driven systems, how we use a distributed log (event hub) to create a central, persistent history of events and what benefits we achieve from doing so.
Apache Kafka is a perfect match for building such an asynchronous, loosely-coupled event-driven backbone. Events trigger processing logic, which can be implemented in a more traditional as well as in a stream processing fashion. The talk will show the difference between a request-driven and event-driven communication and show when to use which. It highlights how the modern stream processing systems can be used to hold state both internally as well as in a database and how this state can be used to further increase independence of other services, the primary goal of a Microservices architecture.
Building Cloud-Native App Series - Part 1 of 11
Microservices Architecture Series
Design Thinking, Lean Startup, Agile (Kanban, Scrum),
User Stories, Domain-Driven Design
Overview of Oracle Product Portfolio (focus on Platform) - April, 2017Lucas Jellema
This presentation gives an overview of major steps in the history of the product portfolio of Oracle Corporation. It discuss in some detail the features, editions and options available with Oracle Database and introduces the components in Fusion Middleware. Cloud is touched upon - but not discussed in depth.
Oracle RAC is an option to the Oracle Database Enterprise Edition. At least, this is what it is known for. This presentation shows the many ways in which the stack, which is known as Oracle RAC can be used in the most efficient way for various use cases.
OOW15 - Planning Your Upgrade to Oracle E-Business Suite 12.2vasuballa
This session discusses key planning considerations when upgrading to Oracle E-Business Suite 12.2. It combines lessons learned from customers with practical advice from Oracle’s development, consulting, and support organizations. Understand how to build the business case, identify needed time and resources, prepare business and IT staff for changes, plan for required system changes, create an effective test strategy, and more.
Password Policies in Oracle Access Manager. How to improve user authenticatio...Andrejs Prokopjevs
This presentation is about how System Administrators and/or Oracle Apps DBAs can improve and meet user authentication security standards in Oracle E-Business Suite by using Oracle Access Manager integration and it's password policy management.
We will talk about:
- Current Oracle E-Business Suite password security limitations.
- Implementation of password policy management in Oracle Access Manager releases. Comparing the capabilities and why you should upgrade your OAM to the latest 11gR2.
- A use case example of most common configuration.
- Demo.
Knowledge Transfer Training Presentation for Identity Lifecycle ManagerMike Reams
A Microsoft PowerPoint for "Knowledge Transfer Training Presentation for Identity Lifecycle Manager" aka ILM 2007 FP1. This was put together on my own time and modified for publishing for educating our team on understanding ILM, the business rules, and Identity management.
Reference:
http://solventarchitect.com/2016/01/knowledge-transfer-presentation-for-identity-lifecycle-manager
Identity and Access Management Deployment using Lifecycle Management (LCM)ASTCorporation
Recently, while working on an IAM project in which we needed to build an Enterprise Security Infrastructure using the 11gR2PS3 version of the IAM software, the requirement for Lifecycle Management (LCM) presented itself. The LCM tool is designed to simplify and automate the multiple manual steps of a typical IAM installation.
The traditional method of installation includes installing/configuring quite a few components, such as JAVA, WebLogic, SOA, OIM, RCU, then creating a domain. With the introduction of LCM, the installation is simplified and automated; however, there is a learning curve involved and there are changes expected in the infrastructure.
It is important to fully understand the various aspects of the LCM tools and their benefit, as well as how LCM can help reduce implementation time. Herein is a brief presentation prepared for our customer in order to educate them on LCM, as well as highlight the benefits, challenges, and limitation of the LCM tool.
Login information and group memberships (identity) often are centrally managed in Enterprises. Many systems use this information to, for example, achieve Single Sign On (SSO) functionality. Surprisingly, access to the Weblogic Server Console and applications is often not centrally managed. I will explain why centralizing management of these identities, in addition to increased security, quickly starts reducing operational cost and even increases developer productivity. During a demonstration, I will introduce several methods for debugging authentication using an external authentication provider in order to lower the bar to apply this pattern. This technically oriented presentation is especially useful for people working in operations managing Weblogic Servers.
Learn about upcoming product features from Ping Identity product management, view demonstrations of new functionality direct from the engineering team, and participate in a lively discussion about the latest technology advancements and their business applications.
Service everywhere using oracle integration repositoryPavan B
A research based presentation on Oracle Integration Repository and Service Based approach for Integrations . This Paper was presented by me in Collaborate 2016 Conference.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
OIM11g R2PS2 Architecture
1. Oracle Identity Manager 11gR2-PS2
OIM Architecture
March 2014
atul.goyal@oracle.com
Principal Product Manager, Oracle Identity Governance
2. 2
This document is for informational purposes. It is not a
commitment to deliver any material, code, or functionality, and
should not be relied upon in making purchasing decisions. The
development, release, and timing of any features or functionality
described in this document remains at the sole discretion of
Oracle. This document in any form, software or printed matter,
contains proprietary information that is the exclusive property of
Oracle. This document and information contained herein may not
be disclosed, copied, reproduced or distributed to anyone outside
Oracle without prior written consent of Oracle. This document is
not part of your license agreement nor can it be incorporated into
any contractual agreement with Oracle or its subsidiaries or
affiliates.
5. 5
• Self Contained, standalone, J2EE Compliant application
• Weblogic and WAS as J2EE container, JVM as Runtime
• SOA For managing Workflow Orchestrating and Notification
• Oracle Identity Manager connects to the SOA managed servers over RMI to invoke the SOA EJBs.
• SOA calls back OIM via callback service deployed in OIM using OIMFrontEndURL
• Inter-process Communication – JMS Queues
• Async Communication and Processing
• Uses JMS Queues - oimAttestationQueue,oimAuditQueue, oimDefaultQueue, oimKernelQueue,
oimProcessQueue, oimReconQueue, oimSODQueue
• Queues are configured during Installation Time
• OES for Authorization
• Policy Definition Point
• Policy Enforcement Point
• BI for Reporting
• No runtime integration except for Certification Reports
• BI is configured against OIM DB to fetch Audit Data
• ADF/Webcenter Composer
• Runtime UI Changes
• Upgrade Safe
Oracle Identity Manager – Component Architecture
6. 6
• Quartz for Scheduler Services
• Manages various schedule tasks defined in OIM
• Uses DB as the centralized storage for picking and running the scheduled activities
• If one of the scheduler instances picks up a job, the other instances will not pick up that same job.
• External Dependencies
• Nexaweb for Deployment Manager Capabilities to import/export OIM Artifacts
• OSCache and jgroups for cache management
• Enterprise Manager
• Monitoring, Helathcheck and Dashboard
• Configurations and Diagnostics
• LDAP as persistent Identity Store
• LDAP Sync for data synchronization between OIM DB and LDAP
• Embedded LibOVD for H/A
• DB as Transactional and Metadata Repository
• OIM, SOA Schema for Transaction DB
• MDS Schema for storing configurations
Oracle Identity Manager – Component Architecture
7. 7
Target IT Apps
Functional Architecture – OIM 11g
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
Identity
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
8. 8
Four Tire Functional Architecture
Presentation Tire
• Identity Self Service/ Sys Admin UI
• Design Console
• Custom UI
• Business Services
• API Service (SPML, EJB, Request WS, OOO Taskflows, Public URLs)
• Integration Service (Connector Framework, Identity Connectors, Adapter Factory, GTC, Remote
Manager and Connector Server )
• Platform Services (Plug-in Framework, SOD Engine Framework)
• Provisioning Services (Catalog Engine, Request Engine, Provisioning and Recon Engine)
• Common Services (User Mgt, Config Mgt etc.)
• Middleware Services
• Request Service, Approval Workflow,
• Configurations and Diagnostics
• Authorization Service
• Scheduler Service
• Reporting Service
• Data Tier
• OIM DB for Transactional DB service
• MDS Store for Configuration Service
• LDAP for Identity Persistence
Functional Architecture – OIM 11g
9. 9
Target IT Apps
Functional Architecture – OIM 11g
Administration and End-User Consoles
Presentation
Tier
Design Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
Integration
Services
Platform
Services
Common
Services
Audit &
Compliance
Services
Id Admin
Services
JEE Container
Services
Logon &
Unauthenticated Console
(Logon, Forgot Password, Self Reg)
Self-Service
Console (My requests, Open tasks,
User,Role,Org Admin)
Administration
Console (ConfigurationManagement)
Administration
& End-User
Console
10. 10
Target IT Apps
Functional Architecture – OIM 11g
Administration and End-User Consoles
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
Integration
Services
Platform
Services
Common
Services
Audit &
Compliance
Services
Id Admin
Services
JEE Container
Services
Logon &
Unauthenticated Console
(Logon, Forgot Password, Self Reg)
Self-Service
Console (My requests, Open tasks,
User,Role,Org Admin)
Identity Administration
Console (ConfigurationManagement)
11. 11
Target IT Apps
Functional Architecture – OIM 11g
CustomClient Applications
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
Custom Client
Applications
Identity
Provisioning
Services
REVOKE
GRANT
Business Services Tier
Platform
Services
Common
Services
Audit &
Compliance
Services
JEE Container
Services
Business Services Tier
Integration
Services
Platform
Services
Common
Services
Audit &
Compliance
Services
Id Admin
Services
JEE Container
Services
SPML Web
Services Client
(XSD messages)
OIM Java
API Client
CustomerIntra/Extranet
Applications
ADF Taskflows
Request Webservice
12. 12
Target IT Apps
Functional Architecture – OIM 11g
CustomClient Applications
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion AppsIdentity
Provisioning
Services
REVOKE
GRANT
Business Services Tier
Platform
Services
Common
Services
Audit &
Compliance
Services
JEE Container
Services
Business Services Tier
Integration
Services
Platform
Services
Common
Services
Audit &
Compliance
Services
Id Admin
Services
JEE Container
Services
SPML Web
Services Client
(XSD messages)
OIM Java
API Client
Custom Client
Applications
CustomerIntra/Extranet
Applications
ADF Taskflows
Request Webservice
13. 13
Target IT Apps
Functional Architecture – OIM 11g
IdentityProvisioning Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
Identity
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Data Tier
LDAP ID Store
ResourceManagement
Account Management
ServiceAccounts
Provisioning Workflow
Access Policy/RBAC
Auto Group Membership
Direct Provisioning
Offline Provisioning
Role Manager Integration
14. 14
Target IT Apps
Functional Architecture – OIM 11g
IdentityProvisioning Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
Identity
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Data Tier
LDAP ID Store
Bulk Load Utility
Authoritative Reconciliation
Account and Entitlement
Reconciliation
LDAP Synch – Users, Roles
15. 15
Target IT Apps
Functional Architecture – OIM 11g
IdentityProvisioning Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
Identity
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Data Tier
LDAP ID Store
Bulk Load Utility
Authoritative Reconciliation
Account and Entitlement
Reconciliation
LDAP Synch – Users, Roles
16. 16
Target IT Apps
Functional Architecture – OIM 11g
Integration Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
POJO Wrapper
for EJBs
Common
Services
Id Admin
Services
JEE Container
Services
Adapter Factory
Generic Technology
Connector
Connector LCM
Identity Connector Framework
Remote Manager
17. 17
Target IT Apps
Functional Architecture – OIM 11g
Integration Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
POJO Wrapper
for EJBs
Common
Services
Id Admin
Services
JEE Container
Services
Adapter factory
Generic Technology
Connector
Connector LCM
Identity Connector Framework
Remote Manager
18. 18
Target IT Apps
Functional Architecture – OIM 11g
Common Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
Identity
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
LDAP ID Store
User Management
Role Management
Organization Management
PasswordManagement
Self Service
Self Registration
ConfigurationService
19. 19
Target IT Apps
Functional Architecture – OIM 11g
Common Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
Identity
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Data Tier
LDAP ID Store
Request Management
Approval Workflow
Management
(BPEL Integration)
OIM User/Role DB Provider
Task List
SOA Callback WebService
Approval Policy Management
Request Webservice
ADF Taskflows
20. 20
Target IT Apps
Functional Architecture – OIM 11g
Common Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
Identity
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
LDAP ID Store
Scheduler (Quartz based)
NotificationTemplates
Email Definitions
System Properties
Deployment Manager
Callback Notification
21. 21
Target IT Apps
Functional Architecture – OIM 11g
PlatformServices
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Common
Services
Data Object Mechanism
Event Handlers
Kernel
Context Manager
Plug-in Framework
22. 22
Target IT Apps
Functional Architecture – OIM 11g
PlatformServices
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Common
Services
Native Data Access
Entity Manager
Toplink Integration
MDS Integration
Caching
DB Provider
LDAP ProviderOIM Data
Provider
23. 23
Target IT Apps
Functional Architecture – OIM 11g
PlatformServices
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Common
Services
Crypto
OJDL(Logging)
Internationalization
Multi Language Support
Fine GrainedAuthorization
Diagnostic Dashboard
24. 24
Target IT Apps
Functional Architecture – OIM 11g
JEE Container Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
Identity
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Data Tier
LDAP ID Store
Asynchronous Execution
(JMS, MDB)
Authentication (JAAS)
Mbeans (JMX)
Enterprise Manager
HighAvailability
Credential Store Framework
25. 25
Target IT Apps
Functional Architecture – OIM 11g
Audit and Compliance Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Common
Services
User & Group Profile Audit
Reports
Attestation
Segregationof Duties
Entitlement Data Management
26. 26
Target IT Apps
Functional Architecture – OIM 11g
Audit and Compliance Services
Presentation
Tier
Design Console
Administration
& End-User
Console
SPMLGateway
(Web services)
POJO Wrapper
for EJBs
Business Services Tier
ADF Faces SOASuite Entitlement
Server
Data Tier
LDAP ID Store
Database
MDS
Audit DB
Integration
Services
Platform
Services
BI Publisher
Reports
Access
Manager
Adaptive
Acc Manager
Enterprise
Manager
Oracle Technology Stack
Oracle Fusion Apps
CustomClient
Applications
Common
Services
Audit &
Compliance
Services
User
Provisioning
Services
JEE Container
Services
REVOKE
GRANT
Common
Services
User & Group Profile Audit
Reports
Attestation
Segregationof Duties
Entitlement Data Management