OAM 10g: Anonymously Protected Resource Cannot Be Accessed After OAM Form Login Page Has Been Displayed

(Doc ID 1490193.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Access - Version 10.1.4.3.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Access Manager (OAM) 10g has been used to protect application resources. Single Sign On (SSO) using form-based login is working.

However access to resources protected by an anonymous OAM authentication scheme i.e. any public resource is failing if the user accesses the form login page before accessing the public page. The form login page is redisplayed and access to the public page is not possible.

For example, in the following cases:
1. User accesses protected application resource and is redirected to the OAM form login page. User then clicks a public Self Registration link in the login page: the login page is redisplayed.
2. User accessed protected application resource but does not have suitable credentials so returns to a public site page, but cannot access the page any more: the form login page is redisplayed.

The OAM Policy Domain has been correctly configured with a policy to "unprotect" access to the Self Registration page and linked stylesheets, javascript etc with an anonymous authentication scheme.

If the public resources are accessed directly, without first accessing the form login page, then access is successful.




Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms