OAM 11g: OAM 11.1.1.5 Logout With 10g WebGate Is Not Working (Doc ID 1447524.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.1.5.0 and later
Information in this document applies to any platform.

Symptoms


Oracle Access Manager 11.1.1.5 Logout is not working when Logout is requested from an application protected by a 10g WebGate.

The following Oracle Documentation has been referenced to configure OAM SSO Logout for the application:

Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service 11g Release 1 (11.1.1)
15 Configuring Centralized Logout for OAM 11g

A logout.html page has been created following the documentation for logout for 10g WebGates.

The application has been modified so that when Logout is clicked in the application, a request for the logout.html page is issued.

When the protected application is accessed again in the same browser session after logout there is no prompt for relogin to OAM. The application page is displayed with session still authenticated.

Steps to reproduce

1. Access the application at e.g. http://app.oracle.com:8085/container/index.htm
2. The OAM login page is displayed.
3. Submit valid OAM credentials.
4. The application page at http://app.oracle.com:8085/container/index.htm is displayed.
5. Click the application logout link: http://app.oracle.com:8085/logout.html is requested. The page is displayed.
6. Access the protected application resource at http://app.oracle.com:8085/container/index.htm again: the page is displayed. OAM does not prompt for relogin.



Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms