My Oracle Support Banner

Single Site SSO Not Functioning With OAM 11g R2 MultiDataCenter Mode (Doc ID 1504641.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.0.0 and later
Information in this document applies to any platform.

Goal

When a user authenticates to "Site1" of a MultiDataCenter cluster to a domain, the Version5 OAM_ID cookie cannot be used to validate the session Since it can not validate the Version 5 OAM_ID, a new ObSSOToken is not set.

Use Case:

========


When MDC is Disabled:
1.) OAM_ID token reverts back to V4, with no DC affinity
2.) When I go to a protected resource, authenticate, get my
ObSSOCookie...Then I delete my cookie and hit refresh, I am granted another
ObSSOCookie.

When MDC is enabled:
1.) OAM_ID token goes to V5
2.) When I delete ObSSOToken and hit a resource, I expect the ECC redetect my
OAM_ID - instead, it is unable to determine my origin, therefore fails
Validity Check. And I do not get reissued a token from my same site.

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.