Identity Management Realm:
An identity management realm defines an enterprise scope over which certain identity management policies are defined and enforced by the deployment. for example, all employees in the US domain.
You can define multiple identity management realms within the same Oracle Identity Management infrastructure. This enables you to isolate user populations and enforce a different identity management policy—for example, password policy, naming policy, self-modification policy—in each realm.
Each identity management realm has a realm-specific administrator with complete administrative control over the realm.
Resource Access Descriptor (RAD):
Information for connecting and authenticating users to the databases is called resource access information. It is stored in an entry called a resource access descriptor (RAD) from which it can be retrieved and shared by various Oracle components.
Information about the resources that an application uses to service a user request is called resource type information. A resource type can be, for example, an Oracle Database or a Java Database Connectivity Pluggable Data Source. Resource type information includes such items as the class used to authenticate a user, the user identifier, and the password.
Resource access information for each user is stored in the
cn=User Extensions node in the Oracle Context.Resource access information for each application is stored in the object identified by the application name—in this example,
cn=Oracle Reports, cn=Products,cn=Oracle Context,dc=us,dc=acme,dc=com. This is the user information specific to that product. Resource type information is stored in the container
cn=resource types, cn=common,cn=products,cn=Oracle Context.
No comments:
Post a Comment