DCC : Detached Credential Collector (AKA Authenticating Webgate), new feature introduced in 11gR2
ECC : Embedded Credential Collector, default 11g behavior
In OAM 10g user credentials are submitted to Webgate and than Webgate communicate to OAM server with mitigate the changes. when OAM 11G version was introduced, it had different flow. user credentials are submitted to Webgate and Webgate displays OAM server login page(for credential collection). so, you have to expose OAM server for credentials submissions that is not a good practice for companies who don't want to have OAM exposed, it is security volatility for them. so Oracle provided DCC feature in OAM 11gR2.
Now, when you are configuring 11gR2 Webgate you have a check box "Allow Credentials Collector Operators". if you click this check box users credentials will be submitted to Webgate(middle tier) and Webgate will submit user credentials to OAM server.
DCC is the way to go now a days, now companies have option to separate Webgate in web tire from OAM server.
Access Manager supports the embedded credential collector (ECC) by default and also enables you to configure the latest Webgate to use as a detached credential collector (DCC, also known as an Authenticating Webgate).
For more detailed information, please refer the below URL :
http://www.ateam-oracle.com/part-2-custom-login-and-logout-with-detached-credential-collector-dcc/
ECC : Embedded Credential Collector, default 11g behavior
In OAM 10g user credentials are submitted to Webgate and than Webgate communicate to OAM server with mitigate the changes. when OAM 11G version was introduced, it had different flow. user credentials are submitted to Webgate and Webgate displays OAM server login page(for credential collection). so, you have to expose OAM server for credentials submissions that is not a good practice for companies who don't want to have OAM exposed, it is security volatility for them. so Oracle provided DCC feature in OAM 11gR2.
Now, when you are configuring 11gR2 Webgate you have a check box "Allow Credentials Collector Operators". if you click this check box users credentials will be submitted to Webgate(middle tier) and Webgate will submit user credentials to OAM server.
DCC is the way to go now a days, now companies have option to separate Webgate in web tire from OAM server.
Access Manager supports the embedded credential collector (ECC) by default and also enables you to configure the latest Webgate to use as a detached credential collector (DCC, also known as an Authenticating Webgate).
For more detailed information, please refer the below URL :
http://www.ateam-oracle.com/part-2-custom-login-and-logout-with-detached-credential-collector-dcc/
No comments:
Post a Comment