This figure shows the security architecture for Oracle Application Server. The client accesses the middle tier through Oracle Application Server Web Cache. Web Cache passes the request to Oracle HTTP Server, which send the request through Oracle Application Server Single Sign-on Server to validate the user against records in Oracle Internet Directory.