Oracle SOA Suite 12c Essentials — Question 41

After a successful web application login, an Oracle Access Manager (OAM) token is made available to Oracle WebLogic Server (WLS) where the token is asserted for authentication purposes. The resulting Java Authentication and Authorization Service (JAAS) subject is then made available to the Oracle Web
Service Manager (OWSM) agent where it is used to create a Security Assertion Markup Language (SAML).
Which security feature does this scenario illustrate?

Answer options

• A. identity propagation
• B. single sign-on
• C. user authorization
• D. non-repudiation

Correct answer: C

Explanation

The scenario highlights user authorization as it involves the use of a JAAS subject for determining access rights after successful authentication via the OAM token. Identity propagation and single sign-on are related to user identity management and seamless access, but they do not specifically address permission levels. Non-repudiation refers to ensuring that actions cannot be denied, which is not the focus of this scenario.