OAM 10g: Integrating Oracle Application Server Single Sign-On with Oracle Access Manager Step by Step
Last updated on MARCH 08, 2017
Applies to:COREid Access - Version: 10.1.4.0.1 to 10.1.4.3.0 - Release: 10g to
Information in this document applies to any platform.
The following steps we derived from a specific environment. Some of the commands and or values used may need to be altered to fit your environments specific needs.
- All components are the same server running Enterprise Linux Enterprise Linux AS release 4
- IDM (OSSO/OID) 10.1.4.3
- OAM 10.1.4.0.1
- OID is the LDAP used by both products
- OHS 1 (1.3) is the Web Server used by both products
- OAM basic over ldap authentication scheme
1. Create a Java Class file
2. Edit the policy.properties file to use the new java class
3. Create an OAM Policy Domain that protects the Single-Sign On Login URL and sets an HTTP header variable.
How to do this is detailed in the following documents:
Oracle Application Server Single Sign-On Administrator’s Guide 10g (10.1.4.0.1), Chapter 14 Integrating with Third-Party Access Management Systems
Oracle® Access Manager Integration Guide 10g (10.1.4.2) Part Number E10356-01
Chapter 4 Integrating with Oracle Application Servers, 220.127.116.11 Creating the Java Class for Integration
Things to note...
- An OAM WebGate must be installed on the Oracle HTTP server that OSSO is using.
- Synchronize the users for the LDAP server OAM uses to the OID server OSSO uses.
- In the OSSO custom TPA plug-in java code (SSOOblix.java) the "XXX_REMOTE_USER"; needs to match the HTTP header that is defined in the Policy domains authorization action variable.
- When defining an Authentication action make sure it is defined as a return attribute, not a return value.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms