Webgate 10g Sends Very Long Get Request For External Login Page Causing Error On External Server
(Doc ID 1447224.1)
Last updated on MARCH 12, 2019
Applies to:Oracle Access Manager - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
Conditions of issue
- Oracle Access Manager (OAM) 188.8.131.52 is configured with a 10.1.4.3 WebGate.
- OAM is configured to redirect users to a custom login page for SSO login.
- The custom login page is deployed on an external application server i.e. not on the OAM managed server.
Under certain circumstances, depending on the size/length of the protected resource that triggers redirect to OAM for SSO login, OAM generates a GET method request for the external login page. This GET request includes the OAM_REQ parameter which has a very long value.
The excessive length of this GET request for the external login page causes the external application server (e.g. a 3rd party portal product) to generate an internal server error. The external application server can only handle GET requests of limited length e.g. 1KB.
If the protected resource is relatively short, OAM 11g generates a GET method request that causes the error on the external application server.
If the protected resource is longer, OAM 11g generates a POST method request that the Jahia portal can serve successfully.
- OAM 11g generates GET request for login page
- OAM 11g generates POST request for login page
This behavior does not reproduce when using an 11g WebGate 11g - in that case POST method is always used for the external login page request.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document