Browser Goes Into an Infinite Loop Accessing A Mod_osso Protected Application (Doc ID 1084794.1)

Last updated on AUGUST 28, 2017

Applies to:

Oracle HTTP Server - Version 10.1.2.0.2 to 10.1.4 [Release AS10gR2]
Information in this document applies to any platform.

Symptoms

POST /sso/auth HTTP/1.1
Host: sso.uk.oracle.com
etc..
Referer: https://sso.uk.oracle.com/sso/login.jsp?site2pstoretoken=v1.4~A555FC64~02D59349E04C1EE953B0280BC5B83E81472BC0758D8E6A06A1A7B4C4D32E876EB0AB6DCC781AD8EC4FA1C42C975AC2F885E4EAFEFF1B3D12AFD4ED286A9EA36930B7053C09771F553F83991225ED6F4320459C9CDB18C3A8BD65FB127F70AA25ED7E6F68CA703B1488A8FAAE97F8CE4F438AC564C581F635C187D73447C9EB01C611E26ADFB1C31C5EE88C0086C32B4AE7814F80A800A37FCC933D96628770BE3D365C7E1FB0B7EAA00643699B7B87D127CCE0FACB41BBB7B45B0157AA364CBDA06AB9180CD9DA85&p_error_code=&p_submit_url=https%3A%2F%2Fsso.uk.oracle.com%2Fsso%2Fauth&p_cancel_url=https%3A%2F%2Fmidtier.uk.oracle.comuk&ssousername=&subscribername=
Content-Type: application/x-www-form-urlencoded
Content-Length: 561
p_action=OK&v=v1.4&site2pstoretoken=v1.4%7EA555FC64%7E02D59349E04C1EE953B0280BC5B83E81472BC0758D8E6A06A1A7B4C4D32E876EB0AB6DCC781AD8EC4FA1C42C975AC2F885E4EAFEFF1B3D12AFD4ED286A9EA36930B7053C09771F553F83991225ED6F4320459C9CDB18C3A8BD65FB127F70AA25ED7E6F68CA703B1488A8FAAE97F8CE4F438AC564C581F635C187D73447C9EB01C611E26ADFB1C31C5EE88C0086C32B4AE7814F80A800A37FCC933D96628770BE3D365C7E1FB0B7EAA00643699B7B87D127CCE0FACB41BBB7B45B0157AA364CBDA06AB9180CD9DA85&appctx=&p_cancel_url=https%3A%2F%2Fmidtier.uk.oraclelc.om&locale=&ssousername=xxxxxx&password=xxxxx&button=Login

HTTP/1.1 302 Moved Temporarily
Date: Wed, 14 Apr 2010 14:34:53 GMT
Server: Oracle-Application-Server-10g
Content-Length: 2256
Set-Cookie: ssopassword=xxxxxx/xxxxxxx; Domain=.uk.oracle.com; Path=/
Set-Cookie: ssousername=xxxxx; Domain=.uk.oracle.com; Path=/
Set-Cookie: SSO_ID=v1.2~1~BA20C64F5B0835020E18CDB94E3C9FFE446DA506DB0863C6AD468B9055A539A4E04C5F5152CA2306E4A3E0D01CA5B46A576E0A8C1D464B8D9DD164D2BF9F126D8FAE41AD9FE70DC6BE97F7CF35A7AFD4F76E6BAC95C6D777221C64F44D97EC4D2FBA5AF5745F400692FEEB2E062ACC3A0FCFB767EB2AC4D7D13F8E8430C367B5229D0FD1D4D310A702F6B2BD96A03AF0D984329C38C77CB188E8CCFBBF2E12B90F0E66E99F625C6DE5CED4B1211BA0C32AF101494267FA85E0DC33F77D86628E88FA37D56EC60C8AA7AC6AA41D083D921F349F2B4C58CBCCB0D5A2AD443040CFAFFD9D5A93D981BFA9E09AB634C625002240BB08C2E3C41FB3A77D81AB593EF6FFBED090A8C99862; Path=/; Secure
Cache-Control: private
Location: https://midtier.uk/osso_login_success?urlc=v1.4~EF94959762EF2E66CCF989946D2EC6F674495A28316FF929A70E36C075471B9C50A5EF7A6C2B0B7643E63908ABE5A5BB01164108BDBBD9411BEBE8A790B22D71D392DF08F09A88FD9B1479A35DB71E43994DFEE01812A2F51BA1E981AE9E68814020A3F9AA434B0CDE30281EAAFBB290176E6909C1F4BE8BECBB22C35611DAA2CEBE6EAD98B500596A83158A4F7C0C4B738E5670F8C795A09E99E404E1F7E8CE1819B4B969A3DD26EAACB13D5D69EA90BBA5206FDFEA9DFCC0D5AA9FFA5381A1BF4D6E1288C2D0C538A123004610C5BE64F0899EA73C1F699836ACD9700114E99C498C8A23D677AE44B399E526A45A30090129EBC2406518D2048750E80584C2DEFE3AB8A9399761175AFF2655C644C198C505E2C6FAD2A6C566E2651C307B69691CC5CDD97BA240F43CBF41680381583A507389A334F9AB54DFB261EDD6DD7F98FE88A04CBE1CF8B02C4A00C3004E3D
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
----------------------------------------------------------
https://midtier.uk.oracle.com/osso_login_success?urlc=v1.4~EF94959762EF2E66CCF989946D2EC6F674495A28316FF929A70E36C075471B9C50A5EF7A6C2B0B7643E63908ABE5A5BB01164108BDBBD9411BEBE8A790B22D71D392DF08F09A88FD9B1479A35DB71E43994DFEE01812A2F51BA1E981AE9E68814020A3F9AA434B0CDE30281EAAFBB290176E6909C1F4BE8BECBB22C35611DAA2CEBE6EAD98B500596A83158A4F7C0C4B738E5670F8C795A09E99E404E1F7E8CE1819B4B969A3DD26EAACB13D5D69EA90BBA5206FDFEA9DFCC0D5AA9FFA5381A1BF4D6E1288C2D0C538A123004610C5BE64F0899EA73C1F699836ACD9700114E99C498C8A23D677AE44B399E526A45A30090129EBC2406518D2048750E80584C2DEFE3AB8A9399761175AFF2655C644C198C505E2C6FAD2A6C566E2651C307B69691CC5CDD97BA240F43CBF41680381583A507389A334F9AB54DFB261EDD6DD7F98FE88A04CBE1CF8B02C4A00C3004E3D

GET /osso_login_success?urlc=v1.4~EF94959762EF2E66CCF989946D2EC6F674495A28316FF929A70E36C075471B9C50A5EF7A6C2B0B7643E63908ABE5A5BB01164108BDBBD9411BEBE8A790B22D71D392DF08F09A88FD9B1479A35DB71E43994DFEE01812A2F51BA1E981AE9E68814020A3F9AA434B0CDE30281EAAFBB290176E6909C1F4BE8BECBB22C35611DAA2CEBE6EAD98B500596A83158A4F7C0C4B738E5670F8C795A09E99E404E1F7E8CE1819B4B969A3DD26EAACB13D5D69EA90BBA5206FDFEA9DFCC0D5AA9FFA5381A1BF4D6E1288C2D0C538A123004610C5BE64F0899EA73C1F699836ACD9700114E99C498C8A23D677AE44B399E526A45A30090129EBC2406518D2048750E80584C2DEFE3AB8A9399761175AFF2655C644C198C505E2C6FAD2A6C566E2651C307B69691CC5CDD97BA240F43CBF41680381583A507389A334F9AB54DFB261EDD6DD7F98FE88A04CBE1CF8B02C4A00C3004E3D HTTP/1.1
Host: midtier.uk.oracle.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sso.uk.oracle.com/sso/login.jsp?site2pstoretoken=v1.4~A555FC64~02D59349E04C1EE953B0280BC5B83E81472BC0758D8E6A06A1A7B4C4D32E876EB0AB6DCC781AD8EC4FA1C42C975AC2F885E4EAFEFF1B3D12AFD4ED286A9EA36930B7053C09771F553F83991225ED6F4320459C9CDB18C3A8BD65FB127F70AA25ED7E6F68CA703B1488A8FAAE97F8CE4F438AC564C581F635C187D73447C9EB01C611E26ADFB1C31C5EE88C0086C32B4AE7814F80A800A37FCC933D96628770BE3D365C7E1FB0B7EAA00643699B7B87D127CCE0FACB41BBB7B45B0157AA364CBDA06AB9180CD9DA85&p_error_code=&p_submit_url=https%3A%2F%2Fmysso.uk%2Fsso%2Fauth&p_cancel_url=https%3A%2F%2Fmidtier.uk.oracle.com&ssousername=&subscribername=
Cookie: ssopassword=xxxxx/xxxxxx==; ssousername=xxxxxx

HTTP/1.1 302 Found
Location: https://midtier.uk.oracle.com/private/file-backup-README.txt
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: OHS-midtier.uk.oracle.com-443=828C33C76DF546D495D3D88E3CE39AC23E2E9F4739644D65BB4A1C1FC407CE98EEA4A8E1D7EA8712388832ED87EBE93E5EB4B597EA0C4DF730C74B90741EB3C787F09E1B7111B21B571727D9CA9310CF4598A31A4E71AA5A65B840BBE5955FC831ACF8FF13ED61E2EFC1D8B8EED1745F91592FC8041D7C6C8B782BB12C1D0C2DE46A433B599D091E15201161DE6B6884D81060AECF334407431C91FB11281276EE29545C46B947F387FDBE9B9EF8AA533FD41930E888638FF13A615FD286DEEB885C644ADF66BF07D2E975B15E0D3DD82FDDCD2100834551DC9D652A740D83DBD468F2184804C40AC63ADAEF1EEB49A15041D7A69E77B39C712EF9D55D6E9AEF3FE35C5217C0506522EB6739C0CE9027; path=/
Connection: Keep-Alive
Keep-Alive: timeout=5, max=999
Server: Oracle-Application-Server-10g OracleAS-Web-Cache-10g/10.1.2.3.1 (N;ecid=72057688917947580,0)
Content-Length: 353
Date: Wed, 14 Apr 2010 14:34:53 GMT
----------------------------------------------------------
https://midtier.uk.oracle.com/private/file-backup-README.txt

GET /private/file-backup-README.txt HTTP/1.1
Host: midtier.uk.oracle.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sso.uk.oracle.com/sso/login.jsp?site2pstoretoken=v1.4~A555FC64~02D59349E04C1EE953B0280BC5B83E81472BC0758D8E6A06A1A7B4C4D32E876EB0AB6DCC781AD8EC4FA1C42C975AC2F885E4EAFEFF1B3D12AFD4ED286A9EA36930B7053C09771F553F83991225ED6F4320459C9CDB18C3A8BD65FB127F70AA25ED7E6F68CA703B1488A8FAAE97F8CE4F438AC564C581F635C187D73447C9EB01C611E26ADFB1C31C5EE88C0086C32B4AE7814F80A800A37FCC933D96628770BE3D365C7E1FB0B7EAA00643699B7B87D127CCE0FACB41BBB7B45B0157AA364CBDA06AB9180CD9DA85&p_error_code=&p_submit_url=https%3A%2F%2Fsso.uk.oracle.com%2Fsso%2Fauth&p_cancel_url=https%3A%2F%2Fmidtier.uk.oracle.com&ssousername=&subscribername=
Cookie: ssopassword=xxxxx/xxxxxxx; ssousername=xxxx; OHS-midtier.uk.oracle.com-443=828C33C76DF546D495D3D88E3CE39AC23E2E9F4739644D65BB4A1C1FC407CE98EEA4A8E1D7EA8712388832ED87EBE93E5EB4B597EA0C4DF730C74B90741EB3C787F09E1B7111B21B571727D9CA9310CF4598A31A4E71AA5A65B840BBE5955FC831ACF8FF13ED61E2EFC1D8B8EED1745F91592FC8041D7C6C8B782BB12C1D0C2DE46A433B599D091E15201161DE6B6884D81060AECF334407431C91FB11281276EE29545C46B947F387FDBE9B9EF8AA533FD41930E888638FF13A615FD286DEEB885C644ADF66BF07D2E975B15E0D3DD82FDDCD2100834551DC9D652A740D83DBD468F2184804C40AC63ADAEF1EEB49A15041D7A69E77B39C712EF9D55D6E9AEF3FE35C5217C0506522EB6739C0CE9027
HTTP/1.1 302 Redirect to Oracle SSO Server
Location: https://sso.uk.oracle.com/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=v1.4~A555FC64~0D5C790E90C197A3C4193244507038BB8401A7E604BDC8CC19BC91CE13616885E31C6BEA9F903A17AF5A96E4AB9D72D72B64006479B47AA90F5D7AD6BB33585DF4F374F0B45E71094F2B080B2D9130B1446926521954ECEE6C9BFEC10B3ECEABC71EC7D098A4B888631666DB5F6958388205EDCADDA129CD8CD833A5BC10C95A6A06C5F6758025BBDCF895D6AE430239A3CADFF8A8846AE75865DBB5965083917F1B33FCBA3294FFA57565238F34A269F155705234FAB1CFF489E5C509CB3809A66646846717018F361874EF9912254A
Content-Type: text/html; charset=iso-8859-1
Connection: Keep-Alive
Keep-Alive: timeout=5, max=999
Server: Oracle-Application-Server-10g OracleAS-Web-Cache-10g/10.1.2.3.1 (N;ecid=72057688917947617,0)
Content-Length: 975
Date: Wed, 14 Apr 2010 14:34:53 GMT
[debug] mod_osso.c(2885): [client x.x.x.x] [ecid: 72057688917947721,1] \n[OSSO] D01: authenticate_user()\n
[debug] mod_osso.c(510): [client x.x.x.x] [ecid: 72057688917947721,1] \n[OSSO] D26: process_idle_time()\n
[debug] mod_osso.c(844): [client x.x.x.x] [ecid: 72057688917947721,1] \n[OSSO] D02: unpack_cookie()\n
[debug] mod_osso.c(1983): [client x.x.x.x] [ecid: 72057688917947721,1] \n[OSSO] D09: decrypt_cookie()\n
[debug] mod_osso.c(1233): [client x.x.x.x] [ecid: 72057688917947721,1] \n[OSSO] D05: make_query_string()\n
[debug] mod_osso.c(1873): [client x.x.x.x] [ecid: 72057688917947721,1] \n[OSSO] D30: Time sent: 1271255693, gmtime: 53, time returned: 34:14:14 Month:3 Mday:110 Year:3\n
[debug] mod_osso.c(1907): [client x.x.x.x] [ecid: 72057688917947721,1] \n[OSSO] D33: Timestamp string: 20100414143453\n
[debug] mod_osso.c(1155): [clientx.x.x.x] [ecid: 72057688917947721,1] \n[OSSO] D04: des_encrypt()\n

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms