Oracle SSO is another Single Sign-On products, based on LDAP directory technology and can be used as a AAA Server: Authentication, Authorization and Accounting (AAA) services for integrate applications, supports almost all oracle enterprise applications: I used it on Windows user machines with Kerberos protocol, Java based and Web aplications with API and have integrate a friendly Active Directory user and group synchronization tool.
1.- Many errors on UNIX/LINUX logon LDAP based authentication.
2.- Unsupported SUDO centralized management.
3.- When AAA system grows to multiple hosts, managing the logs and accessing them can be complicated, as admin or auditor, I should want to see all logins attempts for meeting security requirements and forensic analysis.
4.- Many products subyacents, licences, you can need license for Oracle Database Advanced Replication, Oracle Directory Services Manager's, License for additional Plugins, etc.
5.- If you are planning on extending objects that are managed by Oracle SSO, for example add a ID identification schema, you should lost technical support.
My IT Bussiness Integrate Oracle SSO working with RSA SecurID for access, customer service and technical support is fine, we have multiple data centers split over geographic distances, we used Oracle SSO with multi-master replication to replicate the data between them.