Tuesday, February 15, 2011

OID (Oracle Internet Directory) and Oracle SOA Suite Integration

On a recent SOA/OIM engagement, MindTelligent team was assigned a task of integrating the SOA 11.1.1.3 suite with Oracle Internet Directory. Weblogic Fusion Middleware/SOA Suite typical install comes with an embedded LDAP Server as "Authentication Provider". The objective is to integrate multiple "Authentication Providers" such as Active Directory or Oracle Internet Directory

Before we tread further, a few important points:

The Control Flag determines how the login sequence uses the Authentication provider.
  • A REQUIRED value specifies this LoginModule must succeed. Even if it fails, authentication proceeds down the list of LoginModules for the configured Authentication providers.
  • A REQUISITE value specifies this LoginModule must succeed. If other Authentication providers are configured and this LoginModule succeeds, authentication proceeds down the list of LoginModules. Otherwise, control is return to the application.
  • A SUFFICIENT value specifies this LoginModule need not succeed. If it does succeed, return control to the application. If it fails and other Authentication providers are configured, authentication proceeds down the LoginModule list.
  • An OPTIONAL value specifies this LoginModule need not succeed. Whether it succeeds or fails, authentication proceeds down the LoginModule list. This setting is the default.
Steps to integrate OID/OIM With SOA Suite


  • Log into the Weblogic Admin Console http://hostname:7001/console
  • Click on Security Realms-->myrealm. Click on myrealm. You should see the screen as below.
  •  Click on Providers. This will take you to the next screen showing the "Authentication Providers"

  • Click on the Default Authentication Provider and change the control flag to "SUFFICIENT"

  • Click Save to save changes.
  • Click on "New" To add new authentication provider
  • Choose Oracle Internet Directory Type 














  •  For Name, put OIDAuthentication.
  • Click on the Provider Specific and Add the OID specific information.








  • Create a Group in OID called Administrators OR Monitors OR Deployers and add a user to this group to test.

For questions, comments and feedback  please contact:
 Harvinder Singh Saluja



      No comments:

      Post a Comment

      SOA Cloud 12c GIT Repository

      When a project is created, you can choose to initialize the project with one project Git repository for the project. A Maven repository is a...