• Find us:
    +1-669-900-5138   |   +44-203-372-5553
  • Free Newsletter

    Get Latest Updates

  • Make Training Enquiry


  • Categories

  • Archive

  • Username based authentication using OAM 11g

    Posted by "" in "idm, oam, Session, sso" on 2012-05-04

    I have worked on a OAM 11g requirement that needs to do authentication based on only username. There is a OOTB authentication scheme available in OAM 11g called LDAPNoPasswordValidationScheme. This authentication scheme uses the Authentication module LDAPNoPasswordAuthModule and that in turn points to Embedded Weblogic identity store by default.

    I have to perform all this authentication using OAM 11g API. So I have created a dummy resource to test this. Pointed the LDAPNoPasswordAuthModule to OVD identity store as we are using OVD.

    Used the below code snippet to test this and it worked fine.

    ResourceRequest req  = new ResourceRequest(“http”, “http://host:port/dummy”,”GET”);

    Hashtable credentials = new Hashtable();
    credentials.put(“userid”, “mahendra”);

    session = new UserSession(req,credentials);

    String sessionToken=session.getSessionToken();

    The Resource http://host:port/dummy is protected using LDAPNoPasswordValidationScheme and thus session token is created with just username.


    2 Responses to “Username based authentication using OAM 11g”

    1. Steve D. says:

      Why would you ever want to protect a resource with just a username!? I don’t get the requirement for something like this?

      How would you protect a resource with say, a username and some secret attribute (not related to secret questions and answers) that is stored in LDAP that only the user knows the answer to? Would you use just form-based auth?

    2. Mahendra says:


      There was a requirement to protect a less secured resource (not anonymous authentication). So here we just want to verify if the username already existing in LDAP.


    Leave a Reply

  • K21 Technologies is among the most experienced Oracle Gold Partner for Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

    We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.

    K21 Technologies
    8 Magnolia Place, Harrow,
    London, HA2 6DS

    UK: +44(0)7476444481
    USA: +1-888-414-1821

  • 2014, K21 Technologies. All rights reserved DMCA.com
  • TOP