Contents
This filter enables you to check an Oracle Access Manager Single
Sign On (SSO) token to ensure that it is still valid. The SSO token
is issued by Oracle Access Manager (OAM) after the API Gateway
authenticates to it on behalf of an end-user using the
HTTP Basic Authentication or
HTTP Digest Authentication filter.
After successfully authenticating to OAM, the SSO token is stored
in the oracle.sso.token
message attribute.
Oracle Access Manager SSO enables a client to send up its user name and password once, and then receive an SSO token (for example, in a cookie or in the XML payload). The client can then send up the SSO token instead of the user name and password.
Configure the following fields to validate an SSO token issued by Oracle Access Manager:
Name:
Enter a descriptive name for the filter.
Attribute Containing SSO Token ID:
Enter the name of the message attribute that contains the SSO
token that you want to validate. This attribute will have been
populated when authenticating to Oracle Access Manager using
the HTTP Basic Authentication or
HTTP Digest Authentication
filters. By default, the SSO token is stored in the
oracle.sso.token
message attribute.
OAM Access Server SDK Directory:
Enter the path to your OAM Access Server SDK directory. For more details on the OAM Access Server SDK, see your Oracle Access Manager documentation.