In this post I would like to explain the high level integration points of Oracle Access Manager 11g and APEX.
The integration architecture is given below.
It is assumed in the post that OAM 11g and APEX are installed and configured already. The typical integration flow is explained below:
- Register OHS 11g WebGate. The integration is supported with 10g Agent as well, but 11g webgate is explained in this post.
- Application Domain and host identifiers will be created respectively.
- Create a new Resource in the APEX specific application domain with details as given below.
Type – HTTP
Host Identifier – APEX
Resource URL – /apex/apex_authentication.callback
Protection Level – Protected
Authentication Policy – Protected Resource Policy
Authorization Policy – Protected Resource Policy
- Goto the authorization policy and specify the following header variables in actions.
Name: OAM_REMOTE_USER_GROUPS; Type: Header; Value: $user.groups
Name: OAM_REMOTE_USER_EMAIL; Type: Header; Value: $user.attr.mail
- Install OHS 11g WebGate and copy all the artifacts that are generated during webgate registration to webgate config folder.
- Edit the httpd.conf or dads.conf for mod_plsql module to work correctly.