Oracle LDAP解决方案 - Oracle Identity and Access Management Suite

Oracle Identity and Access Management 套件属于Oracle Fusion Middleware的产品，Oracle Identity and Access Management套件又可以从逻辑上分为三个部分（即Oracle LDAP方案实现的典型三件套）。



Oracle Access Management (OAM) - 单点登陆的实现模块
Oracle Identity Management (OIM) - 身份供应的实现模块
Oracle Internet Directory (OID) - LDAP信息存储的数据库



1) Directory Services - overview including OID.An online directory is a specialized database that stores and retrieves collections of information about objects. The information can represent any resources that require management, for example:
Employee names, titles, and security credentials
Information about partners
Information about shared resources such as conference rooms and printers.
The information in the directory is available to different clients, such as single sign-on solutions, email clients, and database applications. Clients communicate with a directory server by means of the Lightweight Directory Access Protocol (LDAP). Oracle Internet Directory is an LDAP directory that uses an Oracle Database for storage.2) Access Management:
A) Access Manager - Controlling User Access to Enterprise resources. It also provides web based Identity Administration & access control to applications & resources. Provides User, password and group management. User access policies can be defined and enforced with high granularity.
B) Identity Federation – Allows companies to operate independently and enable cross domain user provisioning.
C) Single Sign-on - It provides built in integration with customer’s IM and addressing key challenges (for cross domain access) like automatic mapping, identity mapping access control navigation.
D) eSSO - Enterprise SSO is upcoming product which provide true SSO for all application and resource in an enterprise, without modifying existing applications.



如果你登陆Metalink，OTN，或者eDelivery,可以看到Oracle所使用的单点访问（SSO）解决方案也是基于Oracle Access Management



Oracle的单点登录解决方案（Single Sign-On Solution）可见另外一篇文章:/article/1356183.html

3) Identity Management:
A) Identity Manager - Allows automated user identity provisioning and deprovisioning. Key features of Identity Manager are password management, workflow & policy management, Identity reconciliation, reporting and Auditing. Identity manager also supports attestation (confirming access rights by user or system manager periodically). This is requirement from SoX compliance.
B) DAS – Delegating Administrative Services provides trusted proxy based administration at User or Administrator level.



参考：
Oracle的单点登录解决方案（Single Sign-On Solution）:/article/1356183.html

Oracle Identity Management Products – OID, OVD, OAM, OIM, ORM, OWSM, OIF, eSSO, OES, OAAM
Oracle Identity & Access Management IIOracle Internet Directory OID