User Portal Session Swapping When Apache Proxy 2.2.9 is in Use
Last updated on MARCH 08, 2017
Applies to:Portal - Version 10.1.4.2 and later
Information in this document applies to any platform.
***Checked for relevance on 24-Apr-2013***
When navigating in Portal, a user is able to see the data of another user thus exposing data that the user is not authorized to see. Clicking on refresh, fixes the issue. It appears that a user was given the session of another user and that user was able to view the screen of another user.
All suggested patches have been applied from this document:
460362.1 - Recommended Patches for Portal 10.1.4.x.
The setup includes an Apache proxy 2.2.9 in front of the Portal mid tiers.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms