Will the real Oracle Identity Management please stand up (part III)
by Deborah Volk on March 30th, 2009

Read Parts I and II

For those of you who got here without reading parts I and II of this novel, I don't blame you. 140 character summary is available by request, please drive through. We're finally ready to answer the question that prompted this blog mini-series :

Question: What is Oracle Identity Management? I've heard that it requires Oracle Internet Directory and Oracle Application Server. Is it possible to deploy it as a stand-alone application or with <insert your favorite directory> and <insert your favorite app server>

If you haven't read parts I and II, you wouldn't know this but I am going to tell you anyway. The phrase "Oracle Identity Management" is context-sensitive and it means different things to different people. When referring to a set of metadirectory-like services that Oracle built around Oracle Internet Directory and Oracle Application Server, Oracle Identity Management is indeed something that cannot be deployed as a stand-alone application. Furthermore, it cannot be deployed with a 3rd party LDAP-compliant directory and/or with a non-Oracle app server. You could have a 3rd party non-Oracle directory and a 3rd party non-Oracle app server be part of the solution that includes Oracle Identity Management infrastructure but you will still need OID and OAS.

So where do people get the idea that Oracle Identity Management can be deployed without OID and OAS? This is where "new" vs "old" context is important. To make any middleware-based strategy (read: Fusion) a reality, you need a solid set of infrastructure services with identity and access management services being at the bottom (read: foundation) of the stack. In 2005-2006, Oracle went on the acquisition spree and ended up with a shiny new identity and access product stack that to this day continues to dominate the market, IBM claims notwithstanding:

Xellerate product from Thor Technologies became Oracle Identity Manager
CoreID/NetPoint from Oblix became Oracle Access Manager and Oracle Identity Federation
Virtual Directory Engine from OctetString became Oracle Virtual Directory
SmartRoles from Bridgestream became Oracle Role Manager

(I am skipping Phaos and later acquisitions of Bharosa -> Oracle Adaptive Access Manager and BEA ALES -> Oracle Entitlement Server).
In the new stack, no products require deploying OID and OAS as a pre-requisite so the linguistic challenge is to determine the context in which the phrase "Oracle Identity Management" is being used. To make this truly an interesting exercise, it's worth noting that many people associate the term "Identity Management" with the functional bucket of identity administration (user provisioning, attestation,reconciliation,access requests), the bucket that in Oracle's stack is occupied by Oracle Identity Manager and Oracle Role Manager. Thus, the 3rd possible variation on a theme is that "Oracle Identity Management" could really mean "Oracle Identity Manager" which still does not require OID and OAS for deployment.

To make it less confusing for the readers of this blog, I created a "(Legacy) Oracle Identity Management" category. To be sure, Oracle doesn't call identity management services based on OAS and OID "legacy" because they have current customers to support (and eventually migrate to new identity and access stack) but it's certainly legacy in my book so I'll leave it at that.

Ah, semantics or as Italians would say: Traduttore tradittore .

Posted in (Legacy) Oracle Identity Management, Oracle Internet Directory, Oracle Identity Manager, Oracle Virtual Directory, Oracle Access Manager, Oracle Identity Federation    Tagged with oim, oam, oid, oas, oaam, oif, ovd


amar - May 20th, 2010 at 5:55 AM
huge thanks
Leave a Comment

2012 (1)
2011 (2)
2010 (2)
2009 (64)
March (11)
April (18)
May (18)
June (4)
July (1)
August (1)
September (5)
October (5)
December (1)