Single Site SSO Not Functioning With OAM 11g R2 MultiDataCenter Mode
Last updated on MARCH 08, 2017
Applies to:Oracle Access Manager - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
When a user authenticates to "Site1" of a MultiDataCenter cluster to a domain, the Version5 OAM_ID cookie cannot be used to validate the session Since it can not validate the Version 5 OAM_ID, a new ObSSOToken is not set.
When MDC is Disabled:
1.) OAM_ID token reverts back to V4, with no DC affinity
2.) When I go to a protected resource, authenticate, get my
ObSSOCookie...Then I delete my cookie and hit refresh, I am granted another
When MDC is enabled:
1.) OAM_ID token goes to V5
2.) When I delete ObSSOToken and hit a resource, I expect the ECC redetect my
OAM_ID - instead, it is unable to determine my origin, therefore fails
Validity Check. And I do not get reissued a token from my same site.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms