OAM User Authentication To OVD 11g Is Always Successful Whether Password Is Correct Or Incorrect
(Doc ID 1325600.1)
Last updated on MARCH 08, 2017
Oracle Virtual Directory - Version 184.108.40.206.0 and later Information in this document applies to any platform.
Any authentication through Oracle Access Manager (OAM) using Oracle Virtual Directory (OVD) 11g, i.e., 220.127.116.11, as the user directory, is always successful no matter what password is used. This includes an application protected by OAM as well as the OAM admin interfaces themselves.
Direct bind attempts to OVD work correctly, i.e., succeed with correct password and fail with incorrect password, as they should.
The incorrect authentication behavior only occurs when the bind requests come from OAM.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!