As SSO expanded into the Oracle9iAS architecture,
Oracle recognized that the Oracle HTTP Server (OHS) should be included
in the SSO framework. Starting with Oracle9iAS version 2, the
mod_osso module was created to allow SSO to function within OHS.
Before mod_osso, specific logic would have
to be embedded into the Java application if the application was to use
SSO. The mod_osso module now makes it easy for incoming users to
connect directly to SSO, become authorized, and get the required
information to access their applications (Figure 2.1). The mod_osso
utility also allows for a single security point, thereby relieving the
tedious and cumbersome problem of maintaining multiple security for each
To see SSO in action, letís look at the steps that
happen when an Oracle9iAS client connects to their application:
- The user requests a
URL through a Web browser. This URL is intercepted by the Oracle HTTP
- The HTTP server
calls mod_osso to locate a cookie for the user on the HTTP
server. If the cookie exists, the Web server extracts the user's
information and uses it to log the user in to the requested
application. At this point the connection is established.
- If the cookie does
not exist on the HTTP server, mod_osso redirects the user to
the Single Sign-On server.
- The Single Sign-On
server makes a request back to the users browser to see if a local
cookie exists on the users PC. If it finds no remote cookie, SSO tries
to authenticate the user with a user name and password. If
authentication is successful, the Single Sign-On server creates a
cookie in the browser as a reminder that the user has been
authenticated. If a cookie exists, the Single Sign-On server will
authenticate using the cookie.
- Upon successful
sign-on, the SSO server then returns the user's encrypted information
creates a cookie for the user and send it to the browser PC. It then
redirects the user to their original URL page.
As we see, mod_osso
simplifies external authentication and removes the need to write custom
code for connection and authentication purposes. Now that we see how
mod_osso is used, letís drill-down and look at how the Oracle9iAS
administrator installs, manages and configures SSO.
Oracle App Server Support?
We continue to offer personal app server mentoring for Oracle DBAs
who must quickly learn the intricate details of Oracle Application Server. You can have an
Oracle expert right at your fingertips, anytime day or night.
We work with dozens of App Server Oracle databases every year, so we know exactly how
to quickly assist you with any Oracle Application Server question.
Call 800-766-1884 for a custom evaluation.
Burleson Oracle Consulting