OpenSSO: Policy Agent - Infinite Redirect Loop Between PA For Oracle Weblogic 10g And Access Manager 7.1 (Doc ID 1402396.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle OpenSSO - Version: 7.1 and later   [Release: 7.0 and later ]
Oracle OpenSSO - Version: 8.0 to 8.0.2   [Release: 8.0 to 8.0]
Information in this document applies to any platform.

Symptoms


On : AM 7.1 version, Policy Agent 3.0-01 for Oracle WebLogic Server 10g

When the application is deployed first time, everything works fine. But if the application is redeployed (ie. undeploy - deploy) and user tries to access it, an infinite loop occurs between Policy Agent and Sun Access Manager. A Message is displayed in the browser indicating an infinite loop error.
In the case of Firefox message indicates that an infinite loop has been detected. In case of I.E. a timeout occurs.

This issue has been reported and reproduced at will with the following use case:

1) Launch a browser (I.E. or Firefox) and access a J2EE protected application
2) PA (Policy Agent) redirects user to AM/OpenSSO authentication page
3) Authenticate successfully with AM/OpenSSO
4) PA allows user to access the application
5) Redeploy/Restart the protected application from the J2EE web container
6) Close and re-Launch the browser process, then Access the protected application
7) PA redirects user to AM/OpenSSO authentication page
8) Authenticate successfully with AM/OpenSSO
9) Infinite loop occurs and browser displays an error message.


The infinite loop between the browser and the application also occurs if, in the described use case as above, the browser is NOT closed after redeploying the application. In this case the following error is also observed in the agent debug logs as the timers being shutdown.

ERROR
-----------------------
amSSOProvider:11/22/2011 02:30:27:940 PM CET: Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]
could not create SSOTOken for token ID AQIC5wM2LY4SfcxSmbAFwrj2QxNhCyHlWqnJNBZZK9jjAmc=@AAJTSwAKMTY0NDE3NDA3NAACU0kAAjEwAAJTMQACMDE=#
com.iplanet.dpro.session.SessionException: The timers have been shuted down!
        at com.iplanet.dpro.session.Session.refresh(Session.java:1394)
        at com.iplanet.dpro.session.Session.getSession(Session.java:1053)
        at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:205)
        at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:326)
        at com.sun.identity.agents.common.SSOTokenValidator.validateInternal(SSOTokenValidator.java:247)
        at com.sun.identity.agents.common.SSOTokenValidator.validate(SSOTokenValidator.java:136)
        at com.sun.identity.agents.filter.SSOTaskHandler.process(SSOTaskHandler.java:77)
        at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:191)
        at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:154)
        at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:71)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
        at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
        at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
        at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
        at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

amFilter:11/22/2011 01:30:27:940 PM GMT: Thread[[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)',5,Pooled Threads]
SSOTokenValidator.validate(): Exception caught
com.iplanet.sso.SSOException: The timers have been shuted down!
        at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:216)
        at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:326)
        at com.sun.identity.agents.common.SSOTokenValidator.validateInternal(SSOTokenValidator.java:247)
        at com.sun.identity.agents.common.SSOTokenValidator.validate(SSOTokenValidator.java:136)
        at com.sun.identity.agents.filter.SSOTaskHandler.process(SSOTaskHandler.java:77)
        at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:191)
        at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:154)
        at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:71)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
        at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
        at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
        at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
        at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
        at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

...

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms