Let's walk through a example deployment with Oracle 11g. You can integrate Access Policy Manager with a Oracle 11g server whether it is configured for single sign on (SSO) single domain or SSO multi-domain. To keep this example simple, we will assume that Oracle 11g server is configured for SSO single domain. The Oracle 11g server performs all authentication. A single Resource WebGate is configured in OAM.
In Access Policy Manager on the BIG-IP system, a AAA OAM server has been configured and includes the details of the OAM Access Server and one AccessGate. One virtual server has been configured with OAM native integration enabled. BIG-IP Application Security Manager (ASM) is installed in another virtual server as a web application firewall configured to prevent DoS and mitigate brute force attacks.
This figure depicts the traffic flow for the example.
When you create a AAA OAM server, its transport security mode must match the setting in OAM. The procedure for configuring a AAA OAM server with open or simple transport security mode is different from the procedure for configuring a AAA OAM server with cert transport security mode. Only one AAA OAM server is supported and it must be configured following the procedure that is appropriate for the mode.
Before you start to integrate Access Policy Manager with OAM, configure the Access Server and AccessGates through the Oracle Access administrative user interface. Refer to Oracle Access Manager Access Administration Guide for steps.
Follow these steps to integrate Access Policy Manager with OAM 11g server.