How to Configure Oracle Access Manager (OAM) 11g WNA to Fallback When Presented With an NTLM Token
Last updated on APRIL 19, 2017
Applies to:Oracle Access Manager - Version 220.127.116.11.0 to 18.104.22.168.0 [Release 11g]
Information in this document applies to any platform.
How to Configure Oracle Access Manager (OAM) 11g WNA to Fallback when presented an NTLM Token
Oracle Access Manager ( OAM ) Windows Native Authentication ( WNA ) implementation is based on the Microsoft "HTTP Negotiate" authentication extension and requires a valid Kerberos ticket to be sent by Microsoft Internet Explorer ( IE ). The Microsoft Internet Explorer must be enabled for "Integrated Windows Authentication" to be able to use WNA. If the Internet Explorer is enabled for "Integrated Windows Authentication", but the user is not logged on to a Windows Domain via Kerberos authentication, the Internet Explorer sends a NTLM token instead of a Kerberos token to the OAM server for authentication. The OAM Server using the default configuration throws an authentication error , if a NTLM token is received and does not provide fallback authentication.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms