Single Site SSO Not Functioning With OAM 11g R2 MultiDataCenter Mode
(Doc ID 1504641.1)
Last updated on MARCH 08, 2017
Applies to:Oracle Access Manager - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
When a user authenticates to "Site1" of a MultiDataCenter cluster to a domain, the Version5 OAM_ID cookie cannot be used to validate the session Since it can not validate the Version 5 OAM_ID, a new ObSSOToken is not set.
When MDC is Disabled:
1.) OAM_ID token reverts back to V4, with no DC affinity
2.) When I go to a protected resource, authenticate, get my
ObSSOCookie...Then I delete my cookie and hit refresh, I am granted another
When MDC is enabled:
1.) OAM_ID token goes to V5
2.) When I delete ObSSOToken and hit a resource, I expect the ECC redetect my
OAM_ID - instead, it is unable to determine my origin, therefore fails
Validity Check. And I do not get reissued a token from my same site.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|