Second 'WebLogic Server' Login Box Displayed After Submitting OAM Basic Over LDAP Credentials (Doc ID 1347517.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Access - Version: 10.1.4 and later   [Release: 10g and later ]
Information in this document applies to any platform.

Symptoms

A Peoplesoft application has been integrated with Oracle Access Manager (OAM) 10.1.4.3 according to the following documentation. Peoplesoft (PSFT) is deployed on WebLogic 9.2 server.

Oracle Access Manager Integration Guide 10g (10.1.4.2)
8 Integrating PeopleSoft

The Peoplesoft application resources have been protected with an OAM Basic Over LDAP authentication scheme.

After providing OAM credentials in the OAM Basic Over LDAP login box, a second 'WebLogic Server' login box is displayed which will not accept any valid OAM or Peoplesoft credentials.

The OAM policy for the Peoplesoft application resources is configured to set an HTTP Header in an Authorization success policy action after successful OAM login. The PSFT integration code for OAM is configured to read the same HTTP Header to obtain the OAM authenticated userid.

The WebGate TRACE oblog.log shows that the HTTP Header variable is being set correctly during Authorization.

Debug logging code has been added to the PSFT integration code but there are no updates to the log when the problem is reproduced, which indicates that the code is not being executed.

If webgate is disabled on the webserver which is proxying the Peoplesoft application request to the WebLogic Server (webgate entries commented out of httpd.conf) then access to Peoplesoft URL is successful with default user COREID as configured in the PSFT integration code. No login box popups are presented to the user. This proves that the issue is related to the OAM authentication processing.

Steps to reproduce

1. Access the Peoplesoft application URL via the webserver port.
2. The 'Oracle Access and Identity Basic Over LDAP' basic login popup is displayed.
3. User submits valid OAM credentials.
4. Immediately afterwards a 'WebLogic Server' basic login popup box is displayed. Neither OAM nor Peoplesoft credentials are accepted by this login prompt. Eventually after 3 failed attempts the browser displays error HTTP-401 Unauthorized.


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms