After 10.1.4.3 Patchset Login is Looping When Global Inactivity Timeout (GITO) is On (Doc ID 1200344.1)

Last updated on JULY 01, 2016

Applies to:

Oracle Application Server Single Sign-On - Version 10.1.4.3 to 10.1.4.3 [Release 10gR3]
Information in this document applies to any platform.

Symptoms

The following documentation was used to enable GITO:
     Oracle Application Server Single Sign-On Administrator's Guide, 10g (10.1.4.0.1), B15988-01, July 2006
     Chapter 2, Basic Administatration
     Configuring the Global User Inactivity Timeout

ssoreg was later run to re-register the partner application for OIDDAS (in our case to implement SSL).
Now,  the following behaviour is experienced:
1. The OIDDAS Home Page (http://server.domain:port/oiddas) can be successfully accessed
2. After selecting the 'Login' link and entering the username/password, login is successful
3. However, after clicking on a tab on the DAS home page, the user is redirected to a sign-in page, which asks for the password and shows this error message (sso_forced_auth):
    
    Error: The application you are trying to access requires you to sign in again even if you have signed in previously.

This page loops after the password is entered.

The error log shows that the GITO Cookie could not be decrypted:

[Tue Aug 31 11:26:48 2010] [debug] mod_osso.c(2223): [client 204.156.255.13] [ecid: 1283268408:204.156.227.21:8542:0:8,0] \n[OSSO] D10: decrypt_text()\n
[Tue Aug 31 11:26:48 2010] [warn] [client 204.156.255.13] [ecid: 1283268408:204.156.227.21:8542:0:8,0] \n[OSSO] W10: Failed to decrypt GTO cookie value.\n




Changes

- 10.1.4.3 patchset was applied
- ssoreg was run to re-register the Partner Application

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms