Error After OAM Idle Session Timeout: "The login form .... defined for form authentication itself requires form authentication."
(Doc ID 1405746.1)
Last updated on AUGUST 09, 2018
Applies to:COREid Access - Version: 10.1.4.3.0
Information in this document applies to any platform.
An application has been integrated with Oracle Access Manager (OAM) 10.1.4.x for authentication, using a form-based login page.
If a user logs into the application then leaves the session idle for the OAM WebGate Idle Session Timeout period, any action to access the links or items on page thereafter takes the user to an error page similar to the following:
Oracle Access Manager Operation Error.
The login form /public/login.jsp defined for form authentication itself requires form authentication. It should be unprotected.
But the the form login page is definitely accessible without requiring login first. It is protected by an OAM anonymous access policy.
The problem only reproduces after Idle Session Timeout.
Steps to reproduce
1. Access the application at https://app.oracle.com/pages/
2. The OAM form login page is displayed at https://app.oracle.co/public/login.jsp
3. Submit valid OAM credentials.
4. The application pages are displayed.
5. Leave the browser session untouched for the period configured for "Idle Session Time (seconds)" in the WebGate, then access any OAM-protected link in the application.
6. An error is displayed: "Oracle Access Manager Operation Error. The login form /public/login.jsp defined for form authentication itself requires form authentication. It should be unprotected."
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|