My Oracle Support Banner

How to Configure Oracle Access Manager (OAM) 11g WNA to Fallback When Presented With an NTLM Token (Doc ID 1499433.1)

Last updated on OCTOBER 25, 2019

Applies to:

Oracle Access Manager - Version to [Release 11g]
Information in this document applies to any platform.


How to Configure Oracle Access Manager (OAM) 11g WNA to Fallback when presented an NTLM Token

Oracle Access Manager ( OAM ) Windows Native Authentication ( WNA ) implementation is based on the Microsoft "HTTP Negotiate" authentication extension and requires a valid Kerberos ticket to be sent by Microsoft Internet Explorer ( IE ). The Microsoft Internet Explorer must be enabled for "Integrated Windows Authentication" to be able to use WNA. If the Internet Explorer is enabled for "Integrated Windows Authentication", but the user is not logged on to a Windows Domain via Kerberos authentication, the Internet Explorer sends a NTLM token instead of a Kerberos token to the OAM server for authentication. The OAM Server using the default configuration throws an authentication error , if a NTLM token is received and does not provide fallback authentication.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.