OAM User Authentication To OVD 11g Is Always Successful Whether Password Is Correct Or Incorrect (Doc ID 1325600.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Virtual Directory - Version 11.1.1.2.0 and later
Information in this document applies to any platform.

Symptoms

Any authentication through Oracle Access Manager (OAM) using Oracle Virtual Directory (OVD) 11g, i.e., 11.1.1.4, as the user directory, is always successful no matter what password is used.  This includes an application protected by OAM as well as the OAM admin interfaces themselves.

Direct bind attempts to OVD work correctly, i.e., succeed with correct password and fail with incorrect password, as they should.

The incorrect authentication behavior only occurs when the bind requests come from OAM.

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms