Oracle Access Manager (OAM) 11g WebGate - How to Configure the WebGate to not Evaluate a URL Pattern
(Doc ID 2367891.1)
Last updated on JUNE 15, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.0 to 11.1.2.3.190209 [Release 11g]Information in this document applies to any platform.
Oracle is not responsible for instructions/information from 3rd party sites that may be contained in this KM note.
Goal
Oracle Access Manager (OAM) 11g WebGate - How to Configure the WebGate to not Evaluate a URL Pattern
- How to completely exclude a resources so that it will not be checked at all from WebGate?
- How to prevent full site being down (including public URLs) when the OAM servers are down/crashed because it is impacting our business?
- How to configure OAM to exclude or protected resources for my requirement?
In OAM a set of configurations(Application Domains) that determine how OAM will handle a given request in regards to Single Sign-On. This this means the configurations that determine whether a given resource is protected, unprotected, or excluded, how to authenticate a user, whether a given resource is authorized, and what headers and cookies to generate.
Dealing with Protection Level Excluded
- Only HTTP resource types can be excluded.
- Typically security insensitive files like Images (*.jpg, *.png), protection level Excluded resources do not require an OAM Server check for Authentication, Authorization, Response processing, Session management, and Auditing.
- Excluded resources cannot be added to any user-defined policy in the console.
- The WebGate contact the OAM server on intial request to determine what the Protection Level is, if Excluded it does not contact the OAM Server any further. While allowing access to excluded resources; therefore, such access is not audited. Most regular resource validations apply to Excluded resources. However, excluded resources are not listed when you add resources to a policy.
- There is no Authentication or Authorization associated with the resource.
The above is how a WebGate works when dealing with Protection Level Excluded resources. Concerns with access to these kinds of resources can deal with performance and accessibility when the OAM server is unreachable.
This note will provide a solution when dealing with these type of concerns.
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |
References |