Last updated on MARCH 08, 2017
Applies to:COREid Identity - Version 10.1.4.3 and later
COREid Access - Version 10.1.4.3.0 and later
Information in this document applies to any platform.
Oracle Access Manager (OAM) 10.1.4.3 is being used to implement Single Sign On (SSO) and Lost Password Management (LPM) for application(s).
When a new user accesses the protected application page and submits their OAM SSO credentials, an "Oracle Bug Report" is shown, having the following details:
The URL in address bar is http(s)://<WebPassHostname.domain:port>/identity/oblix/apps/userservcenter/bin/userservcenter.cgi?program=redirectforCAC.....
It is expected that the OAM Identity System page to enter Challenge Questions and Responses for LPM should be displayed.
The problem also occurs for existing users who have had their password reset by an Administrator: after submitting the temporary credentials the Oracle Bug Report page is shown instead of the Identity System Change Password page.
If the user subsequently deletes the browser cache (Cookies, Cache and Active Logins) then logs into the application again, the redirect to set LPM Challenge/Responses or password is successful.
OAM is configured with Oracle Virtual Directory (OVD) as User Data Store.
Steps to reproduce
1. Access the OAM-protected site: the OAM login page is displayed.
2. Enter credentials of a new user who has not yet set Challenge/Response questions, or a user who will need to reset their password on first login, and Submit.
3. The Bug Report Form is shown.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms