Validating Authentication and Authorization in an Oracle Access Manager Application Domain

Posted by Unknown on Saturday, April 9, 2011

This tutorial elucidates the steps involve in several methods for confirming that Agent registration
and authentication and authorization policies are operational. The procedures are
nearly identical for both OAM Agents and OSSO Agents (mod_osso). However, OSSO
Agents use only the authentication policy and not the authorization policy.


  • Users and groups who are granted access must exist in the primary LDAP User Identity Store that is registered with OAM 11g
  • Agents must be registered to operate with OAM 11g. After registration, protected resources should be accessible with proper authentication without restarting the Administration or Managed Server.
  • Application domain, authentication policies, and authorization policies must be configured.

To verify authentication and access
  1. Using a Web browser, enter the URL for an application protected by the registered Agent to confirm that the login page appears (proving that the authentication redirect URL was specified appropriately). For example:
  2. Confirm that you are redirected to the login page.
  3. On the Sign In page, enter a valid username and password when asked, and click Sign In.
  4. Confirm that you are redirected to the resource and proceed as follows:

More Here


{ 0 comments... read them below or add one }

Post a Comment