25.15 Validating Authentication and Authorization in an Application Domain

You can validate authentication and authorization by confirming you are redirected to the login page, and after sign-in redirected to the requested resource. The procedure here provides several methods for confirming that Agent registration and authentication and authorization policies are operational.


  • Users and groups who are granted access must exist in the primary LDAP User Identity Store that is registered with Oracle Access Management

  • Agents must be registered to operate with Access Manager. After registration, protected resources should be accessible with proper authentication without restarting the Administration or Managed Server.

  • Application domain, authentication policies, and authorization policies must be configured.

  • Logout should be configured as described in Configuring Centralized Logout for Sessions Involving 11g WebGates

To verify authentication and access

  1. Using a Web browser, enter the URL for an application protected by the registered Agent to confirm that the login page appears (proving that the authentication redirect URL was specified appropriately). For example:
  2. Confirm that you are redirected to the login page.
  3. On the Sign In page, enter a valid username and password when asked, and click Sign In.
  4. Confirm that you are redirected to the resource and proceed as follows:
    • Success: If you authenticated successfully and were granted access to the resource; the configuration is working properly.

    • Failure: If you received an error during login or were denied access to the resource, check the following:

      • Authentication Failed: Sign in again using valid credentials.

      • Access to URL ... denied: This userID is not authorized to access this resource.

      • Resource not Available: Confirm that the resource is available.

      • Wrong Redirect URL: Verify the redirect URL in the Oracle Access Management Console.