My Oracle Support Banner

OpenSSO: A Full Url Policy Agent Rule With Spaces Characters In The Url Causes 403 Forbidden When Same Protected Url is Accessed (Doc ID 1509685.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle OpenSSO - Version 8.0.2 and later
Information in this document applies to any platform.

Symptoms

We want to protect the some URL via agent such as "http://<agent-host-fqdn>:<port>/getapp/simple.jsp?favoriteColor=Blue&favoriteColor2=Red Green Blue", but after setting the required policies without any conditions to allow access to page for all the authenticated user, but when the user tries to navigate to the above the page getting the Forbidden error.

It works fine, when we set the query string "http://<agent-host-fqdn>:<port>/getapp/simple.jsp?*", but the real issue comes up when we use the complete url (combination of special characters like =,&,) instead of wild card.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.