Explain The Flow When A User Requests For An Application Protected By

1.	Explain The Flow When A User Requests For An Application Protected By Oracle Access Manager?
Answer» The following steps describes the flow when a USER makes a request to access a resource protected by the Oracle Access Manager: User requests for a resource through a web browser. The Webgate intercepts the requests and checks with the Access SERVER whether the resource is protected or not. If the resource is not protected, then the user will be shown the requested resource. If the resource is protected, then Access Server will check with policy manager the authentication scheme configured for that resource. User will be PROMPTED to enter their credentials as PER the auth scheme defined for the resource. Webgate will send the credentials to the Access Server to check it against the backend (LDAP server). Upon successful authentication, Access server checks whether the user is AUTHORIZED to access the resource or not. If the user is authorized, then the Access Server will create the session id and passes it to the webgate. An ObSSOCookie is created and will be sent to the user browser and the user will be shown the requested resource. If the user is not authorized, then an error page (if its defined in policy domain) will be shown to the user. The following steps describes the flow when a user makes a request to access a resource protected by the Oracle Access Manager:

Explain The Flow When A User Requests For An Application Protected By Oracle Access Manager?

Answer»

The following steps describes the flow when a USER makes a request to access a resource protected by the Oracle Access Manager:

User requests for a resource through a web browser.
The Webgate intercepts the requests and checks with the Access SERVER whether the resource is protected or not.
If the resource is not protected, then the user will be shown the requested resource.
If the resource is protected, then Access Server will check with policy manager the authentication scheme configured for that resource.
User will be PROMPTED to enter their credentials as PER the auth scheme defined for the resource.
Webgate will send the credentials to the Access Server to check it against the backend (LDAP server).
Upon successful authentication, Access server checks whether the user is AUTHORIZED to access the resource or not.
If the user is authorized, then the Access Server will create the session id and passes it to the webgate. An ObSSOCookie is created and will be sent to the user browser and the user will be shown the requested resource.
If the user is not authorized, then an error page (if its defined in policy domain) will be shown to the user.

The following steps describes the flow when a user makes a request to access a resource protected by the Oracle Access Manager: