Last updated on JUNE 07, 2017
Applies to:Oracle Identity Federation - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
Multiple OIF instances behind the load balancer, exposing a single hostname (VIP/virtual IP)
While sending an XASP attribute request to the IDP/AA using the VIP instead of the actual hostname on which OIF is running, we are seeing a FED-15065 error in the wls_oif1.out log file.
This message indicates that the Destination field in the SOAP message (i.e., the Destination attribute in the SAML assertion inside the XASP request) does not match "the actual request URL". The log messages show the VIP hostname as the destination (which is what we set into the SOAP request) and for the "actual request URL", the log message is showing the hostname of the physical server on which one of the OIF instances is running.
For example if the VIP hostname is:
lb.company.com, which load balances
The OIF log message says something like:
FED-15065 - The destination field (http://lb.company.com/fed/aa/soap) does not match the actual request URL http://OIF1.company.com/fed/aa/soap"
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms