I have an application deployed on a server. I then have a reverse proxy on another server (Oracle AS) to this application in order to make use of Oracle SSO which works fine. I now need to build in a layer of authorization for the application between the Oracle SSO and the application.
The obvious would be to build it into the application but I dont have access and neither does anybody to the source code. Is it possible to build in an interceptor between Oracle SSO and the application and if so how?