Manual Chapter :
OAM 10g SSO integration example
Applies To:
Show Versions
BIG-IP APM
- 16.0.0, 15.1.0
OAM 10g SSO integration example
Let's walk through an example deployment. An Oracle 10g server is configured for SSO
multi-domain; an Authentication WebGate is configured and, in another domain, a Resource WebGate
is configured.
In Access Policy Manager, an AAA OAM server has been configured and
includes the details of the OAM Access Server and the two AccessGates. Two virtual servers have
been configured with OAM native integration enabled.
This figure depicts the traffic flow for the example.
Accessing a protected resource via Access Policy Manager native integration with OAM
10g
- Client requests access to a resource. The request comes to the RWG (Access Policy Manager AccessGate at VIP2).
- RWG checks whether the resource is protected per OAM. The resource is protected and the user has not yet authenticated.
- RWG sends a 302 redirect to the client so that the client will be redirected to the AWG for authentication.
- Authentication request comes to the AWG (Access Policy Manager AccessGate at VIP1).
- AWG validates user authentication status with OAM and obtains policy. In this case, the policy calls for form-based authentication and gives the location of the form.
- For the form-based authentication scheme, AWG allows the user to access the login page hosted on a webserver behind the AWG.
- The webserver returns the login.html file to the AWG, which sends it to the client.
- Via login.html, the user submits credentials.
- The AWG uses the credentials to authenticate the user with the OAM 10g server.
- With user authentication successful, the AWG sends a 302 redirect to the client so that the client will be redirected to the original RWG.
- Request for resource comes to the RWG again.
- The RWG validates user access to the resource with OAM.
- The protected resource behind VIP2 will be sent back to the user.
