Realm-based Authentication Login URLs
The realm for authentication can be specified in the User Interface Login URL by defining the realm Parameter or the domain Parameter. The realm of a request for authentication is determined from the following, in order of precedence:
-
The domain parameter.
-
The realm parameter.
-
The value of the DNS Alias Names attribute in the Administration service.
After calling the correct realm, the authentication module(s) to which the user will authenticate are retrieved from the realm Authentication Configuration attribute in the Core Authentication Service. The login URLs used to specify and initiate realm-based authentication are:
http://server_name.domain_name:port/amserver/UI/Login http://server_name.domain_name:port/amserver/UI/Login?domain=domain_name http://server_name.domain_name:port/amserver/UI/Login?realm=realm_name
If there is no defined parameter, the realm will be determined from the server host and domain specified in the login URL.
Note –
If a user is member of and is authenticated to a specific realm, and tries to authenticate to different realm, the only two parameters that are passed are realm and module. For example, if User1 is a member of and authenticates to realmA and then tries to switch to or authenticate to realmB, the user will receive a warning page requesting to either start a new authentication to realmB with the module instance specified for realmB, or return to the existing authenticated session with realmA. If the user chooses to authenticate to realmB, only the realm name and module name (if specified) are passed and honored for determining the new authentication process.
- © 2010, Oracle Corporation and/or its affiliates