Urgent: OAM authorization
886682Sep 10 2012 — edited Sep 11 2012Hi all,
I am trying to implement authorization such that the user belonging to a certain group in oid (oid is my user store) are allowed to see a page .I have Implemented the Authorization policy accordingly but somehow it is not coming into effect and all users are able to access the http resource. I have tried it with both OAAM tap based authentication and simple oam LDAP authentication on LDAP authentication but the same results, on my access tester i get authorization success every time .
my environment details.
OHS :- 11.1.1.6.0
webgate :- 11.1.1.5.0
OAM :- 11.1.1.5.0
the policy details :-
Authorization Policy
Name:-Protected Resource Policy
Success URl:- null
Failure URL:-null
Use Implied Constraints :- CHECKED
Identity Assertion :- UNCHECKED
Resources:- protected.html
Constraints
Name :- Allow group
Class :- Identity
Type :- Allow
Constraints : Details
Type:Allow
StoreName : OIMIDStore(OID)
Entity Name : Group1
Responses
Name: OAM_REMOTE_USER
Type :Header
Value :$user.userid
Am I missing going wrong somewhere, or some other configuration is needed to get the functionality to work.
Please let me know If you need more inputs from me.
Any input would be helpful
Regards,