My Oracle Support Banner

Webgate 10g Sends Very Long Get Request For External Login Page Causing Error On External Server (Doc ID 1447224.1)

Last updated on MARCH 12, 2019

Applies to:

Oracle Access Manager - Version 11.1.1.5.0 and later
Information in this document applies to any platform.

Symptoms

Conditions of issue

Under certain circumstances, depending on the size/length of the protected resource that triggers redirect to OAM for SSO login, OAM generates a GET method request for the external login page. This GET request includes the OAM_REQ parameter which has a very long value.

The excessive length of this GET request for the external login page causes the external application server (e.g. a 3rd party portal product) to generate an internal server error. The external application server can only handle GET requests of limited length e.g. 1KB.

If the protected resource is relatively short, OAM 11g generates a GET method request that causes the error on the external application server.

If the protected resource is longer, OAM 11g generates a POST method request that the Jahia portal can serve successfully.

Examples:

https://www.<HOSTNAME>.<DOMAIN>:<PORT>/appsitetest/financial/secure-page
   - OAM 11g generates GET request for login page

https://www.<HOSTNAME>.<DOMAIN>:<PORT>/appsitetest/financial/gcp/secure-page
   - OAM 11g generates POST request for login page


This behavior does not reproduce when using an 11g WebGate 11g - in that case POST method is always used for the external login page request.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.