Since OAM 10g days, keeping track
of Protected Resource that user wanted to access throughout custom
authentication process has been a challenge. In OAM 10g, it was possible to create
custom OBFormLoginCookie to overcome that challenge. With the introduction of
Encrypted OAM_REQ cookie in OAM 11g, it is not feasible. That makes it difficult
to do post Authentication operations or any customizations in Authentication
process.
OAM 11gR2 introduced a feature
where you can redirect user to a URL post successful Authentication (On
Authentication success event in Authentication policy as defined in the screen
shot below). OAM while doing that redirect, adds end_url query parameter to URL
with the value of protected resource that user tried to access. You can do any
post Authentication processing required on Authentication success URL and then redirect
user to end_url.
One of the use cases of the
feature is, when you do OAM-OAAM integration, you can invoke OAAM post
Authentication rules before redirecting user to protected resource the user was
trying to access. Here is the Architecture diagram for the use case described
above.
Note: Architecture
diagram below is representative diagram for the use case and does not represent
Oracle recommended Architecture for OAM deployment.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.