When you use the Oracle Access Manager Identity Asserter, all web.xml files in the application EAR file must specify CLIENT-CERT in the element auth-method for the appropriate realm.
You can add comma separated values here when you want applications accessed directly over the WebLogic Server host:port to be authenticated by the container. For instance:
<auth-method>CLIENT-CERT,FORM</auth-method>.
The auth-method can use BASIC, FORM, or CLIENT-CERT values. While these look like similar values in Oracle Access Manager, the auth-method specified in web.xml files are used by Oracle WebLogic Server (not Oracle Access Manager).
To specify authentication in web.xml for the Identity Asserter
- Locate the web.xml file in the application EAR file:
my_app/WEB-INF/web.xml - Locate the
auth-methodinlogin-configand enterCLIENT-CERT.<login-config> <auth-method>CLIENT-CERT</auth-method> </login-config> - Save the file.
- Redeploy and restart the application.
- Repeat for each web.xml file in the application EAR file.
Configuration on WebCenter Server
addOAMSSOProvider(loginuri="/${app.context}/adfAuthentication", logouturi="/oamsso/logout.html", autologinuri="/obrar.cgi")
