My Oracle Support Banner

OpenSSO: A Full Url Policy Agent Rule With Spaces Characters In The Url Causes 403 Forbidden When Same Protected Url is Accessed (Doc ID 1509685.1)

Last updated on MARCH 16, 2019

Applies to:

Oracle OpenSSO - Version 8.0.2 and later
Information in this document applies to any platform.


We want to protect the some URL via agent such as "http://<agent-host-fqdn>:<port>/getapp/simple.jsp?favoriteColor=Blue&favoriteColor2=Red Green Blue", but after setting the required policies without any conditions to allow access to page for all the authenticated user, but when the user tries to navigate to the above the page getting the Forbidden error.

It works fine, when we set the query string "http://<agent-host-fqdn>:<port>/getapp/simple.jsp?*", but the real issue comes up when we use the complete url (combination of special characters like =,&,) instead of wild card.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.