This content has been marked as final. Show 6 replies
You will need OAM - LDAP is just an identity store.
Using the 10g OID you can enable SSO mechanism since that includes the SSO module . This has been segregated as OAM module for 11g . So when using OID 10g , you can have SSO mechanism implemented on UCM 11g .
Thanks for your input.
Could you give me some details or step to configure OAM, Weblogic and UCM for it ?
I have already gone through these documents and came to know that I can use OAM for implementing SSO. But I was very confused so I want to say my requirement first:
I have one ADF/J2EE based Apllication which is using UCM as content server and my requirement is to do SSO in such way that no need to login UCM when I will call UCM window from my application. I have LDAP for common authentication to the application and UCM. I do not want to use any licenced product for SSO (If no option then I will use any licence product). Now should I use OAM 11g for this requirement ?
I have seen the steps are like:
•Section 220.127.116.11, "Configuring Oracle Access Manager 11g with Oracle UCM"
•Section 18.104.22.168, "Configuring Oracle Access Manager 10g with Oracle UCM"
•Section 22.214.171.124, "Configuring Oracle Single Sign-On for Oracle UCM"
•Section 126.96.36.199, "Configuring the First Authentication Provider"
•Section 188.8.131.52, "Configuring the Oracle UCM URL for Single Sign-On"
•Section 184.108.40.206, "Configuring Oracle UCM and Single Sign-On for WNA"
Now should I follow the only step 220.127.116.11 or all of the above ?
I have one ADF/J2EE based Apllication which is using UCM as content server and my requirement is to do SSO in such way that no need to login UCM when I will call UCM window from my application. I have LDAP for common authentication to the application and UCM. I do not want to use any licenced product for SSO (If no option then I will use any licence product). Now should I use OAM 11g for this requirement ?If you want to SSO to UCM from a 3rd party application you will have to have additional licenses - WLS in UCM is restricted as "host for only WebCenter Content, including run-time components to provide java runtime environment and http support, as well as configuration and administration components used for the setup and management of these runtime components."
Now, the question is where your ADF app runs. It could be a Weblogic Server, or even an iAS Server. The latter contains also OID, but restricted to "provided for use with Oracle Single Sign-On and with other iAS components to provision, store and manage users and groups, their associated security credentials and privileges; to synchronize data with 3rd party directory services; and to store other component-specific metadata."
So, either way to have SSO with UCM will need a separate license of OAM (most likely under "Access Manager" license). Depending on your version, you will go either with OAM 11g , or 10g - this is more a question to this forum Identity Manager
- do you really need SSO? (With RIDC you could use Intradoc protocol, which does not require the password, and you should be able to obtain username - see http://docs.oracle.com/cd/E23943_01/doc.1111/e10807/c23_ridc.htm#BABDCJAA )
- alternatively, couldn't you port your app to UCM as a component?