When you have configured Oracle ATG Web Commerce to work with OAM, requests to log into the Business Control Center are filtered by OAM.

Once a user has been authenticated, OAM inserts a header name into the HTTP request. By default, OAM sets the header as OAM_REMOTE_USER. This header name can be configured to another value in OAM, or when you are configuring OAM integration with CIM. The header value is stored in the userIdHttpHeaderName property of the /atg/dynamo/servlet/dafpipeline/
OamRemoteUserServlet.

As the HTTP request is processed by the DAF servlet pipeline, the /atg/userprofiling/
ProfileRequestServlet component reviews the HTTP request to obtain the user profile based on the user ID provided in the header. The user profile is then loaded and made active when initiating the Business Control Center.

Note that when using OAM SSO authentication, the standard Oracle ATG Web Commerce login and user authentication process is disabled.

Logging in Transient Profiles

If the HTTP request does not have an ATG session cookie, and a new session has been created, the profile is considered to be transient. The /atg/dynamo/servlet/dafpipeline/OamRemoteUserServlet sets the value of the user ID from the HTTP request header into the remoteUser property of the DynamoHttpServletRequest. The servlet pipeline continues when the ProfileRequestServlet invokes the /atg/userprofiling/ProfileRequest to extract the user ID from the remoteUser property and uses it to load the associated user profile.

For detailed information on the ProfileRequestServlet, refer to the Platform Programming Guide and the Personalization Programming Guide.

For information on the DAF servlet pipeline, refer to the Request Handling with Servlet Pipelines section in the Platform Programming Guide.