Wednesday, June 11, 2014

Difference Between DCC and ECC in OAM

Differences between DCC and ECC:


Access Manager supports the embedded credential collector (ECC) by default and also enables you to configure the latest Webgate to use as a detached credential collector (DCC, also known as an Authenticating Webgate).

DCC : The Detached Credential Collector remains a logical part of the server and acts as a front channel communication endpoint of the OAM Server. DCC will be more secure when compared with ECC because it resides outside the boundary of OAM Server. 

DCC can override ECC with simple configuration.

Authentication Process in DCC: 
  1. Works in both 10g and 11g Webgates
  2. Handles Form-based authentication, which consists of a challenge to the user for their credentials (simple form or multi-factor).
  3. Decrypts the authentication request message from the agent using the agent key; performs basic integrity checks; validates request time; and extracts all parameters from the request including request context.
  4. Constructs the authentication response message, including request context originally retrieved, encrypts obrar using the agent key.
  5. Decrypts the logout redirect request using the agent key to trigger logout processing.

ECC: The Embedded Credential Collector is deployed with, and integral to, the OAM Server and part of the protocol binding layer

Authentication Process in ECC:
  1. The ECC handles the request coming to the protocol binding layer (PBL), which converts it and sends it to the SSO Engine.
  2. The SSO Engine checks for a valid session and, if none, transfers control to the Authentication Engine.
  3. The Authentication Engine checks for resource protection and fetches the authentication scheme associated with the resource.
  4. The ECC interacts with the client, accepts the data, and submits this to the PBL.
Complete Differences: http://docs.oracle.com/cd/E27559_01/admin.1112/e27239/shared.htm#BABDECBJ


Wednesday, June 4, 2014

SSO links/URL's doesn't work/Gets Trimmed when used from Microsoft PowerPoint and Excel / Office Products

SSO URL automatically gets updated and Target URL gets changed when you click URL from Excel or PowerPoint.

This is issue with Microsoft which creates multiple URL's when you request from Excel.


URL: http://support.microsoft.com/kb/218153

From the above URL click on Microsoft Fixit, which downloads microsoft fix.


URL: http://support.microsoft.com/kb/280680

And also as suggested in above URL you need to modify registry .

Modify the registry for Word

  1. Click Start, and then click Run. In the Open box, type regedit, and then click OK.
  2. In Registry Editor, browse to the following subkey:
    HKEY_CLASSES_ROOT\Word.Document.8\shell
  3. In the shell key, double-click Default, and then type OpenDDE in the Value data box.
  4. Right-click the Open key and click Rename. Type OpenDDE.
  5. Right-click the Shell key, point to New, and then click Key.
  6. Name the new subkey Open.
  7. Double-click Default in the Open key, and then type Open without DDE in the Value data box.
  8. Right-click the Open key, point to New, and then click Key.
  9. Name the new subkey Command.
  10. Double-click Default in the Command key, and then type
    "installation path\Winword.exe" /f "%1"
  11. On the File menu, click Exit.

If these both doesn't work make IE as default browser. 


Thanks. 


Other Posts