-
Feature Request
-
Resolution: Done
-
Major
-
None
-
None
We have been getting requests for custom authentication methods based around prorpietary headers/logic. The following attachments describe the oracle COREid product.
B19006.pdf - high level overview of how the product works
B19008v2.pdf - details of authentication protocol (p. 85 - 92)
B19013.pdf - documentation about API
Likely the most important part is assuming a user is who the HTTP_OBLIX_UID header says they are. The COREid server and the firewall should protect the server from unauthorized access.
- relates to
-
JBAS-2480 Prototype federated identity/sso
- Closed