SecureSpan & Oracle Access Manager

Implement runtime access control for Web services requests

Single Sign-On (SSO) products like Oracle Access Manager provide users with one-time login to multiple browser-based applications. Layer 7’s SecureSpan Gateways can implement runtime access control for Web services requests by forwarding client credentials to Oracle Access Manager, much like a standard Web application. This serves two purposes:

• It allows the SecureSpan Gateway to delegate identity and authentication decisions to access policies defined and managed in Oracle Access Manager
• It allows Oracle Access Manager authentication/session tokens to be passed to a Web services client application, using Web services protocols

Combining SecureSpan and Access Manager in this way delivers multiple benefits to organizations that use Web services applications, including:

• Faster deployment of SSO
• Simplified access management
• Consistent, fine-grained security