Using E-Business Suite Asserter: FAQ
This topic provides information about using the E-Business Suite Asserter.
The IAM E-Business Suite Asserter is helps to simplify the deployment topology for Oracle E-Business Suite single sign-on (SSO) by replacing Oracle Access Manager and Oracle Internet Directory with IAM.
The asserter works by using the OAuth protocol to get an access token from IAM which provides information about the user and the user's authentication. The asserter uses this token to generate a session cookie which is sent to Oracle E-Business Suite.
The asserter is a lightweight Java application which needs to be deployed on Oracle WebLogic server. It can be deployed on both cloud and on-premises WebLogic Servers.
Yes, the asserter supports high availability (HA). Two or more separate nodes of the asserter can be deployed in the same environment and traffic to them can be managed using a Load Balancer. You can find detailed instructions for deploying and configuring the asserter in HA mode in the Solutions Playbook Learn About Enabling SSO for Oracle E-Business Suite with OCI IAM using EBS Asserter in High Availability Mode.
Yes, you can add a custom property to user.identifier
to the properties file Bridge.property
. The value that's fetched is a unique user from the Oracle E-Business Suite based on the ebs.identifier
(username/email).
See Updating the E-Business Suite Asserter Configuration File.
The asserter doesn't directly integrate with third-party IdPs, but it integrates with OCI IAM and Oracle Identity Cloud Service which support integration with third-party IdPs such as Microsoft Azure AD, Okta, and ADFS. These let organizations to sign in to Oracle eBusiness Suite applications using the third-party IdP credentials.
The asserter can only be used to sign users in to Oracle eBusiness Suite applications using their OCI IAM and Oracle Identity Cloud Service credentials. To provision user accounts from IAM into Oracle eBusiness Suite, use a provisioning bridge.
The asserter doesn't incur extra charges for its usage. However the asserter is only available with the Standard License for Oracle Identity Cloud Service, and with the IAM identity domain types Oracle Apps Premium, Premium, and External Domains.
The right to use Oracle E-Business Suite Asserter also includes the right to use WebLogic Server Enterprise Edition solely for the purposes of running the asserter application in accordance with all terms and conditions as described in the Oracle Fusion Middleware Licensing Information User Manual.
The asserter only works with the Standard version of Oracle WebLogic Server.
Yes, Proxy configuration are configured in the bridge.properties
file. See Updating the E-Business Suite Asserter Configuration File.
Yes, SSO can be enabled for only the E-Business Suite application modules and disabled for other modules such as iSupplier. You do this by configuring the Applications SSO Type (APPS_SSO) profile for both SITE and SERVER level, where SITE
level is set to SSWA/wSSO
and SERVER
level is set to SSWA
.
Yes, simplified Chinese is supported by the asserter.