Contents
The SSO Token Validation filter enables you to check an
Oracle Access Manager Single Sign On (SSO)
token to ensure that it is still valid. The SSO token is issued by Oracle Access
Manager (OAM) after the API Gateway authenticates to it on behalf of an end-user
using the HTTP basic authentication or HTTP digest authentication
filter. After successfully authenticating to OAM, the SSO token is stored in the
oracle.sso.token message attribute.
Oracle Access Manager SSO enables a client to send up its user name and password once, and then receive an SSO token (for example, in a cookie or in the XML payload). The client can then send up the SSO token instead of the user name and password.
Configure the following fields to validate an SSO token issued by Oracle Access Manager:
Name:
Enter a descriptive name for the filter.
Attribute Containing SSO Token ID:
Enter the name of the message attribute that contains the SSO token to
validate. This attribute is populated when authenticating to Oracle Access
Manager using the HTTP basic authentication or HTTP digest authentication
filters. By default, the SSO token is stored in the oracle.sso.token
message attribute.
OAM ASDK Directory:
Enter the path to your OAM Access SDK directory. For more details on the OAM Access SDK, see your Oracle Access Manager documentation.
OAM ASDK Compatibility Mode:
Select the Oracle Access Manager server version to which this filter connects
(OAM 10g or OAM 11g). Defaults to OAM 11g.
