"Oracle SSO Failure" On Mozilla Browsers with Portal 11g Using Reverse-Proxy (Doc ID 1061756.1)

Last updated on NOVEMBER 08, 2016

Applies to:

Portal - Version 11.1.1.1.0 and later
Information in this document applies to any platform.
Checked for relevance on 17-Feb-2015

Symptoms

After following the configuration for Reverse Proxy on
    Portal 11G Admin Guide (11.1.1.0) or Portal 11G Admin Guide (11.1.1.2.0)
    Section 6.6  Configuring Oracle Portal to Work with a Reverse Proxy Server

Logging into Portal is working with IE 6,  but with Firefox 3 or Chrome one sees the following error:

             Oracle SSO Failure - Unable to process request. Either the requested URL was not specified in terms of a fully-qualified host name or OHS single sign-on is incorrectly configured. Please notify your administrator.

Changes

In a scenario like this:

                        ==========                        ==========                       ======
     ===>7778 |  ReverseProxy  |    ===> 8090|  Webcache  |    ====>8888  |  OHS  |
                        ==========                        ==========                       ======

A default 11g 11.1.1.1.0 Installation of Portal was completed with WebCache Listening on Port 8090 and Portal OHS listening on 8888.
A separate WebTier 11.1.1.1.0 was installed and setup as a Reverse proxy with OHS listening on port 7778

Using monitor software (Wireshark) to review the contents of the header as each requests passed  through the 11g software from the Reverse Proxy on port 7778 to WebCache on port 8090 and finally to OHS on port 8888.
Have the following results:

Value of HTTP Header "Host"          Port Arrived at
======================= =============

hostname:7778                                   7778
hostname:8090                                   8090
hostname:8090                                   8888


The ReverseProxy has rewritten the entry for Host and this causes SSO to reject the record as it arrives at the Portal OHS port of 8888.

Adding the directive ProxyPreserverHost to ON on the Reverser Proxy Virtual Host, have the following results:


Value of HTTP Header "Host"          Port Arrived at
======================= =============

hostname:7778                                      7778
hostname:7778                                      8090
hostname:7778                                      8888

And the redirection is the correct one and SSO work properly.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms