My Oracle Support Banner

OracleAS 10g (9.0.4) Single Sign-On Accessibility Through a Firewall (Doc ID 270160.1)

Last updated on MARCH 29, 2022

Applies to:

Web Cache - Version 9.0.4 to [Release AS10g]
Portal - Version 9.0.4 to [Release 10g]
Oracle Fusion Middleware - Version to [Release AS10g]
Oracle HTTP Server - Version to [Release AS10g]
Information in this document applies to any platform.


Single Sign-On Accessibility Through a Firewall Oracle Application Server 10g (9.0.4)


To configure Single Sign-On installed with Oracle Application Server 10g (9.0.4) to be accessible through one restrictive entry point, using one IP Address and one port.  The primary concept around this document is to use a reverse-proxy with virtual hosts to handle all requests through a single network entry point. Oracle Web Cache will be used as a reverse-proxy with two virtual hosts to differentiate requests to a primary Oracle HTTP Server and an Oracle HTTP Server used for the SSO Server. A complete explanation around this setup is given, and the steps outlined. Once understood, the same principles can be applied to any situation where the URL (protocol, hostname, or port) is modified because of a changing topology.

This document was written while testing Oracle Application Server 10g version 9.0.4, the same steps have been tested and the same concepts are applicable to Oracle Application Server 10g Release 2 (10.1.2). There are different administration tasks to complete this setup for version 10.1.2. In fact, there are many more topology choices to consider in version 10.1.2, referring to the Enterprise Deployment Guide. Please refer to the 10.1.2 Documentation for more details, depending on your topology choice and what components are installed. Below is the link to the Documentation Library and other good starting points to reconfigure components for this and similar setups:

Oracle Application Server 10g ( Online Documentation Library

Enterprise Deployment Guide

Administrator's Guide - See: 4 Managing Ports

If you are familiar with the concepts within this 9.0.4 article, then its known that Oracle Web Cache is used to forward all requests across two or more different configured Sites. The same tasks when changing ports should be applied when changing or adding Sites. See: Changing the OracleAS Web Cache Listen Ports.

Single Sign-On Administrator's Guide

Oracle Web Cache Administrator's Guide

Oracle Portal 10.1.2 or 10.1.4 Guides

The remainder of this document is for Oracle Application Server 10g (9.0.4). You may apply the same concepts to future versions using future version administration tasks applicable to the future version and installation type.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.