The compliance rules for the Oracle Access Manager Configuration Compliance For Oracle Fusion Applications standard follow.
Description: Webgate/Agent communication to Oracle Access Manager servers should be in either SIMPLE or CERT mode.
Severity: Warning
Rationale: Webgate/Agent communication to Oracle Access Manager servers should be in either SIMPLE or CERT mode.
Description: DenyOnNotProtected in Webgate profile should be set to true
Severity: Warning
Rationale: DenyOnNotProtected in Webgate profile should be set to true.
Description: This rule checks if both Cache Pragma Header and Cache Control Header are deleted for Oracle Fusion Applications.
Severity: Minor Warning
Rationale: Having Cache Pragma Header or Cache Control Header not deleted could potentially affect performance.
Description: This rule checks if the Maximum Connections that each OAM Agent establishs with OAM Server is greater than 20 for Oracle Fusion Applications.
Severity: Minor Warning
Rationale: Setting Maximum Connections greater than 20 could potentially affect performance.
Description: This rule checks if the Maximum Connections that each OAM Agent Server establishs with OAM Server is greater than 10 for Oracle Fusion Applications.
Severity: Minor Warning
Rationale: Setting Maximum Connections greater than 10 could potentially affect performance.
Description: This compliance standard rule verifies if SSO only Mode is set to true for Oracle Fusion Applications.
Severity: Minor Warning
Rationale: This is introduced specially for Fusion Applications. This will eliminate the groups fetch from LDAP during login time. This will disable fine grained authorization feature in Oracle Access Manager currently not used by Fusion Applications.