DOAG 2014 Konferenz: IT-Sicherheit und OFM: Eine Herkulesaufgabe?

Es gab am 20. Juni in Nürnberg den DOAG 2014 Konferenz. Mein Kollege Frank Burkhardt und ich haben dort einen Vortrag über „IT-Sicherheit und OFM: Eine Herkulesaufgabe?“. Hier finden Sie unser Abstract und unsere Präsentation: Die Anforderungen, die heute an IT-Sicherheitsexperten gestellt werden, erinnern mitunter an die scheinbar unlösbaren Aufgaben des Herkules in der griechischen […]

IT-Security (Part 7): WebLogic Server, Roles, Role Mapping and Configuring a Role Mapping Provider

Key words: IT-Security, WebLogic Server, Authorization, authorization process, Role Mapping, Roles and  XACML Role Mapping Provider Let’s continue with Authorization topic. We discussed about the Authorization Process and its main components such as WebLogic Security Framework and Security Provider. Now, we look at Security Provider’s subcomponents: Role Mapping and Security Policies. The Role Mapping: Is […]

IT-Security: Part 1 to 5 as PDF file

Key words:IT-Security, Security Challenges, OPSS Architecture, WebLogic Server, JAAS, JAAS LoginModules, Authentication, Basic Authentication, Certificate Authentication, Digest Authentication, perimeter Authentication and Identity Assertion Until now I have published five parts of a series of articles on IT-Security and Oracle Fusion Middleware: I’m going to continue the IT-Security’s articles and you […]

IT-Security (Part 3): WebLogic Server and Java Security Features

WebLogic Server and Java Security Features [1] WebLogic Server supports the Java SE and Java EE Security to protect the resources of whole system. The resources could be Web applications, Uniform Resource Locator (URL), Enterprise JavaBeans (EJBs), and Connector components. Java SE capabilities: Security APIs Java uses APIs to access security features and functionality and […]

IT-Security (Part 2): WebLogic Server and Oracle Platform Security Services (OPSS)

OPSS Architecture As we discussed (, OPSS is Oracle proposals regarding enterprise security services. It is as a framework that provides a comprehensive set of security services. These services based on Java technologies and have a consistent approach for design and apply security policies to Java EE and resources. We look at OPSS architecture from […]

IT-Security: WebLogic Server and Oracle Platform Security Services (OPSS)

IT security is popular in a way never known before! I love it! If I discussed e.g. in a WebLogic Server workshop about that, I heard normally form administrators: That’s not my thing, forget it! But newly, everybody wants to know “how can we secure our data and our information?!”  To be honest, you need […]

Oracle Identity Management – 30000 feet view

OIM (Oracle Identity Management) consists of a large set of useful tools, grouped in three areas: Identity Governance, Access Management and Directory Services. OIM: Oracle Identity Manager Used for account provisioning. On- and off- boarding of new users. OAM: Oracle Access Manager Used to protect URLs. OES: Oracle Entitlement Server Used for role and privilege […]