Rinu Goldgin Dhanaraj

Software Consultant

Axway-OAM-SSO

Setting up Axway API Platform for Single-Sign-On using Oracle Access Manager.
 

Env Setup:

  • Axway & ASDK clients are installed on the same host
  • Axway v753, ASDK 10g (10.1.4.3), ASDK 11g (11.1.2.2.0)
  • OAM 11g (11.1.2.3 BP13)

Step A

  • OAM_Repository is created & configured as part of the application development
  • OAM resource end point where the API calls are made
  • OAM resource end point defined in the envConfigurations to pick the path dynamically at startup
  • OAM_SSO token validation pre-built adaptors are used for token validation
  • This has the definition of the configuration files of OAM – ObAccessClient.xml – ASDK_PATH
  • The ASDK_PATH defined in the envConfigurations to pick the path dynamically at startup
  • Compatibility mode is defined – we have configured it as 10g

Step B

  • ASDK_HOME – this is where the ASDK 11g jar files are referenced at Axway runtime
  • The path of the ASDK_HOME is defined in the jvm.xml of Axway

Step C

  • Generation of ObAccessClient.xml by use of the ASDK tools available as a part of ASDK10g

Work Flow when an API is invoked

  1. Client calls the API end point
    1. Axway Policy Flow
      1. validates the API exist
      2. validates the header & Authenticate the call against the API key
      3. Creation of ASDK call for user authentication & Token validation (OAM SSO )
  2. Axway uses the ASDK_PATH, ASDK_RES_NAME from the configuration to read the OAM config details
    1. In case of successful config lookup the connection would be established
    2. In case of wrong / invalid / non-existence – ObAccessClient.xml then a runtime error is thrown by Axway and a 403 is generated
  3. Axway at startup checks if the ASDK11g libraries are available
    1. In case of an invalid path – Axway will fail to start
    2. In case of a valid path – it assumes all the necessary files are available
  4. Axway creates the UserSession and try connecting to OAM Server using ASDK11g libraries
    1. In case of successful connection to OAM server the ssotoken validation happens
    2. In case of failed connection to OAM server a 403 error is returned with OAMAGENT error
    3. In case of invalid libraries connection to OAM server fails with 503 error – NoClassDef error
    4. In case of incorrect user credential a 401 error is returned with OAMAGENT error
    5. In case of incorrect sso session token a 403 error is returned with OAMAGENT error

 

 
Previous Article
Next Article
Copyright © 2026 Rinu Goldgin Dhanaraj All Right Reserved. Online CV Resume Theme By eDataStyle . Proudly powered by WordPress .