How to allow multiple login attributes in OAM/OAAM integration using a custom TAP module
Last updated on DECEMBER 18, 2017
Applies to:Oracle Adaptive Access Manager - Version 18.104.22.168.0 to 22.214.171.124.0 [Release 11gR2]
Oracle Access Manager - Version 126.96.36.199.2 to 188.8.131.52.0 [Release 11g]
Information in this document applies to any platform.
The requirement is to allow users to choose at login time from 2 different attributes from LDAP (e.g. uid and email address). For login user enters username and password on the OAAM page used when integrated with OAM (oaam_server/oamLoginPage.jsp).
Doing so, however, will imply that OAAM will have to keep two security profiles corresponding to each login attribute. When user is authenticated using a different attribute for the first time he will be seen as a new user (OAAM will create a new user record with login_id set to the new attribute value in the VCRYPT_USERS database table) so the registration process will take place again.
This will affect as well any pattern, behavior data which OAAM registers for that user (which will actually be seen by OAAM as 2 users now) so it's not recommended in case one wants to have highly accurate login and pattern data for each user.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms