This content has been marked as final. Show 2 replies
For your qustn: How Session/token/Header is passed to Application from OAM?
1. The appln contain the access code receives user req. for resource
2. AG constructs ObResourceRequest structure
3. The AG constructs ObAuthentication structure (For protected resources)
4. Access server responds and AG constructs ObUserSession struc
5. If credentials true then AG creates a Session Token for the user (this Tokes has usr identity, name of trget requested etc,.)
Thanks for the reply.
My question was at application side, what I have to write to access header details/uder details etc.
Do you think i still need to do validate authentication/resource protection at application side and is this code has to be writeen at application side ?