Architecture of Oracle Identity Manager
Oracle Identity Manager is based on the n-tier J2EE application architecture.
Tiers of the Oracle Identity Manager architecture:
Presentation Layer
The Presentation layer consists of two clients: the Oracle Identity Manager Administrative and User Console and the Oracle Identity Manager Design Console. The Administrative and User Console is a Web-based thin client that can be accessed from any Web browser. This console provides user self-service and delegated administration features that serve most of the provisioning requirements.
The Design Console provides the full range of the Oracle Identity Manager system configuration and development capabilities including Form Designer, Workflow Designer, and the Adapter Factory. You can access the Design Console by using a desktop Java client.
Dynamic Presentation Logic Layer
Because both the Administrative and User Console and the Design Console are highly dynamic, the Dynamic Presentation Logic layer guides the content displayed on these interfaces. In the case of the Administrative and User Console, there is a clear separation between the Presentation and Presentation Logic Layer. No such boundary exists in the Design Console.
Business Logic Layer
The Business Logic layer is implemented as an EJB application. Oracle Identity Manager runs on leading J2EE-compliant application server platforms, leveraging the J2EE services provided by these application servers to deliver a high-performance, fault-tolerant enterprise application.
The following are components of the Business Logic layer:
Application Server
The application server on which Oracle Identity Manager runs provides life-cycle management, security, deployment, and run-time services to the logical components that make up Oracle Identity Manager. These services include:
-Scalable management of resources (clustering and failover)
-Transaction management
-Security management
-Client access
-Technology resources (such as database connection pooling and messaging)
Client Interfaces and Business Logic Implementation
The core functionality of the Oracle Identity Manager platform is implemented in Java using a highly modular, object-oriented methodology. This includes the various engines that comprise the Oracle Identity Manager platform: Workflow Engine, Request Engine, User Management Engine, Rule Engine, and Reconciliation Engine. It also includes the integration layer based on the Adapter Factory, which dynamically generates integration code based on the metadata definition of the adapters.
Access to the functionality of the platform is through a set of EJB Beans. These session beans can be divided into two types:
-Nonpublished APIs: These are session beans that expose functionality used only by the Design Console.
-Published Public APIs: These are session beans that expose the public functionality of Oracle Identity Manager.
The API layer provides access to high-level functionality in Oracle Identity Manager. It is the basis for the functionality implemented in the Oracle Identity Manager Administrative and User Console. It is also the interface that custom clients can use to access Oracle Identity Manager functionality.
Data Access Layer
J2EE contains several technologies for manipulating and interacting with transactional resources (such as databases) that are based on JDBC, JTA, and JTS. The Oracle Identity Manager architecture leverages the following J2EE services:
-Database connection pooling
-Integration with JNDI (lookup of DataSources in the JNDI namespace)
-XA compliance
-Batch updates
The system administrator can manage data sources in the same manner in which all standard J2EE applications in the enterprise are managed. Oracle Identity Manager can use these data sources to communicate with the database tier.
Backend System Integration Layer
The Backend System Integration layer can be divided into the following:
-Database
-Remote Manager
Database
The Database tier consists of the Oracle Identity Manager repository, which manages and stores Oracle Identity Manager metadata in an ANSI SQL 92-compliant relational database. All the data resides in the Oracle Identity Manager repository.
Remote Manager
The remote manager is an Oracle Identity Manager server component that runs on a target system computer. It provides the network and security layer required to integrate with applications that do not have network-aware APIs or do not provide security. It is built as a lightweight RMI server. The communication protocol is RMI tunneled over HTTP/S.
The J2EE RMI framework enables the creation of virtually transparent, distributed services and applications. RMI-based applications consist of Java objects making method calls to one another, regardless of their location. This enables one Java object to call methods on another Java object residing on another virtual computer in the same manner in which methods are called on a Java object residing on the same virtual computer.
