Oracle Access Manager 11gR2 integration

This section describes how to configure API Gateway to authenticate and authorize user requests against Oracle Access Manager (OAM) 11gR2.

  1. API Gateway is configured to authenticate a client against OAM using a user name and password.
  2. Upon successful authentication, API Gateway authorizes the user against OAM.

The following overview diagram shows the message flow through API Gateway, which authenticates and authorizes a user for a particular resource against OAM before routing the message on to the web service.

Prerequisites

API Gateway

You must have installed API Gateway version 7.5.3 or higher and have received a valid license from Axway.

Access Server SDK

The Access Server SDK (ASDK) must be installed on the machine running API Gateway.

Oracle Access Manager

OAM 11gR2 must be installed and configured on the machine running API Gateway.

You should start it by using the following commands on UNIX-based systems (assuming a WebLogic domain of idm_domain, a server name of oam_server1, and a host name of oam_host).

Start WebLogic using the following command:

# cd ~/middleware/user_projects/domains/idm_domain/bin
# ./startWebLogic.sh

You can then start managed WebLogic using the following:

# cd ~/middleware/user_projects/domains/idm_domain/bin
# ./startManagedWebLogic.sh oam_server1 t3://oam_host:7001

Enter the user name of your administrator user when prompted:

Please enter your username :weblogic
Please enter your password :

OAM user

Create an OAM user called weblogic with the password weblogic in OAM to test the procedure. Refer to the OAM documentation for instructions on how to add a user.

cURL testing utility

To test the integration steps, the cURL testing utility is used to POST requests to API Gateway. This utility is available from the following URL:

http://curl.haxx.se/download.html

Alternatively, you can use any client capable of sending HTTP POST requests with HTTP basic authentication.

Related Links