OAM 11gR2 Authentication via Apache HTTP Client

Anthony Arcega, Pankaj Chavan 11/08/2015

Problem: We want to use an HTTP Client to authenticate against OAM 11g, so that a service account can make RESTful calls to an OAM-protected service. However, we are new to the concept of the DCC (detached credential collector), and cannot craft our HTTP Client for OAM 11g and its DCC Webgate in the same way that we could for OAM 10g.

One of the keys to making our Apache HTTP Client work was the use of the HttpClientContext; search for “context” object in the code below. The HTTP Context puts all HTTP related information in one object and allowed us to more easily deal with the redirects incurred when authenticating against OAM 11g’s DCC Webgate.

Here’s a look at the annotated program that finally worked for us. Scan through the inline comments indicated by “//”:

We have since integrated this type of logic into other custom J2EE apps that make calls to our OAM-protected RESTful service, but this code got us going in the right direction. Within a couple of days, our custom apps were all able to include the authenticated OAM 11g cookie in their RESTful requests.

No Results