DCC => Detached Credential Collector (AKA Authenticating WebGate), new feature introduced in 11gR2
ECC => Embedded Credential Collector, default 11g behaviour
in OAM 10g user credentials are submitted to Webgate and than Webgate communicate to OAM server with mitigate the chanegs. when OAM 11G version was introduced, it had different flow. user credentials are submitted to webgate and webgate displays OAM server login page(for credential collection). so, you have to expose OAM server for credentials submissions that is not a good practice for companies who dont want to have OAM exposed, it is security volatility for them. so Oracle provided DCC feature in OAM 11gR2.
Now, when you are configuring 11gR2 Webgate you have a check box "Allow Credentials Collector Operators". if you click this check box users credentials will be submitted to Webgate(middle tier) and webgate will submit user credentials to OAM server.
DCC is the way to go now a days, now companies have option to separate Webgate in webtire from OAM server.
No comments:
Post a Comment