I have been working on OES for over 6 years. There is probably little else I know as well as OES. It was just amazing to see OES rise from a small niche product to become a dominant industry player. When I joined OES, most customers were small teams trying to leverage our product for their team projects. In contrast, today most companies are planning for enterprise-wide deployments of fine grained authorization. In my career, I have never seen such meteoric rise as OES.

But like they say "All good things must come to an end". I am leaving Oracle to pursue other interests. OES team will continue creating blog posts around product usage, technology and concepts. The URL for the new blog will be posted on OES OTN page.

Identity Management is a small world. And I am sure that our paths will cross again. To contact me, please send me a message on LinkedIn.



First time users of OES sometimes run into problems and get stuck on policy distribution. Most often these problems are caused because of network issues. In this blog post I will go over how OES policy distribution works and why it behaves in certain ways. Hopefully this will come in handy, when you are trying to setup OES.

Continue Reading »

I was on vacation for a couple of weeks, and then it took a couple of more weeks to clean up my email backlog. Finally I am free and I will start keeping up this blog.

I have been working with Sena Systems for over six years, and know pretty much everyone from their OES consulting practice. I have been pestering them for a while to document some of their experiences in implementing OES projects. Earlier this week they published OES/WebCenter-Content and OES/Coherence case studies. Both these documents are based on real customer experiences while implementing OES projects.

OES11g WebLogic SM is special in a couple of ways. People are often confused about how it works. Oracle Entitlements Server WebLogic SM is closely related to how WebLogic’s security works. In this blog post, I will look at WebLogic’s security and then see how Oracle Entitlements Server integrates with it.

Continue Reading »

The goal of policy modeling is to build a simple authorization scheme even when the underlying requirements are complex. So policy modeling is not just about coming up with a solution which works, rather policy modeling involves building a solution which is easy to understand, flexible enough to accommodate unforeseen changes and something which can stand the test of time. Although policy modeling might look intimidating, in reality it is fairly simple. During policy modeling 70 to 80 percent of the time is spent in understanding the enterprise/organizational requirements and making sure that they are consistent. Personally I feel that policy modeling is so important that users should follow this exercise even if they are not using an externalized authorization service. Virtual Resource is an abstraction which helps in policy modeling. The concept of Virtual resources was introduced in Oracle Entitlements Server almost half a decade back.

Continue Reading »

Rakesh posted a comment earlier about OES bits in FMW 11gR1 PS5 (which was released a couple of weeks back). He wanted to know if it had the same OES bits as in IDM 11gR1 PS1. I am writing this article to show how OES is released. BTW, all the information in this article is Common Knowledge, which has been shared with several partners. Also information in this article is not a commitment/policy statement from me or Oracle.


Oracle has several product portfolios which range for high level applications (e.g. Fusion HCM) to low level operating systems. It is not practical for Oracle to release all its products on the same day. So Oracle has different release trains for different product portfolios. For example OSB (Oracle Service Bus) is released on the FMW release train and OAM (Oracle Access Manager) is released on the IDM release train. Normally this is not a problem for most products, but OES is special because of its popularity.

Continue Reading »