1. App Builder User's Guide
  2. Managing Application Security
  3. Establishing User Identity Through Authentication
  4. Understanding Preconfigured Authentication Schemes
  5. Oracle Application Server Single Sign-On Server

20.4.3.8 Oracle Application Server Single Sign-On Server

Delegates authentication to the Oracle AS Single Sign-On (SSO) Server. To use this authentication scheme, your site must have been registered as a partner application with the SSO server.

Note:

To ensure the security and performance of your development environment, this functionality is not available in Oracle APEX instances running in Oracle Cloud.

Parent topic: Understanding Preconfigured Authentication Schemes

20.4.3.8.1 About Application Server Single Sign-On Server

Oracle Application Express applications can operate as partner applications with Oracle Application Server's Single Sign-On (SSO) infrastructure. You must register your application (or register the Application Express engine) as the partner application by following the Oracle Application Server instructions for registering partner applications and install the Oracle 9iAS SSO Software Developer Kit (SDK).

If you choose this approach, your application will not use an integrated login page. Instead, when a user accesses your application in a new browser session, the Application Express engine redirects to the Single Sign-On login page. After the user is authenticated by SSO, the SSO components redirect back to your application, passing the user identity and other information to the Application Express engine. The user can then continue to use the application until they log off, terminate their browser session, or until some other session-terminating event occurs.

Parent topic: Oracle Application Server Single Sign-On Server

20.4.3.8.2 Setting Up Oracle Application Server Single Sign-On

To set up Oracle Application Server Single Sign-On:

  1. On the Workspace home page, click the App Builder icon.
  2. Select an application.
  3. On the Application home page, click Shared Components.

    The Shared Components page appears.

  4. Under Security, select Authentication Schemes.
  5. On the Authentication Schemes page, click Create.
  6. Select Based on a pre-configured scheme from the gallery and click Next.
  7. Under Name:
    1. Name - Enter the name used to reference the authentication scheme by other application developers.
    2. Scheme Type - Select Oracle Application Server Single Sign-On.
  8. Under Settings:
    1. Partner Application Name - If you authenticate with Oracle Application Server Single Sign-On and your application is a registered partner application with SSO, then enter exactly the same name you used when registering the partner application with SSO.

      If you are relying on Application Express to be the registered partner application, leave this field blank.

    2. Logout URL of SSO Server - Enter the logout path of the Single Sign-On Server (for example https://login.example.com/sso/logout). On logout of your application, Application Express will use this value, concatenate '?p_done_url=' and the application's login url, and use the resulting URL to log out of Single Sign-On before redirecting back to your application.
  9. Click Create Authentication Scheme.

Parent topic: Oracle Application Server Single Sign-On Server