3 Replies Latest reply on Nov 20, 2012 12:39 AM by idm731

    Oracle Access Manager mod_osso

      mod_osso provides only authentication. The doc says it does not provide authorization. (Access Manager 11gR2)

      1. I wanted to know then, in what scenarios would one use mod_osso ?

      I have used WebGate on OHS http server and it protected the urls fine, with a configurable policy that included an authentication of user and followed by authorization to access the urls, depending upon user profile.
      2. If mod_osso is not providing authorization then who is handling the authorization piece? Clearly appears that authorization handling is left for the admin of the site to take care of (or whoever is responsible for providing Access Management)? Is that correct?