OpenSSO: A Full Url Policy Agent Rule With Spaces Characters In The Url Causes 403 Forbidden When Same Protected Url is Accessed (Doc ID 1509685.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle OpenSSO - Version 8.0.2 and later
Information in this document applies to any platform.

Symptoms

We want to protect the some URL via agent such as "http://<agent-host-fqdn>:<port>/getapp/simple.jsp?favoriteColor=Blue&favoriteColor2=Red Green Blue", but after setting the required policies without any conditions to allow access to page for all the authenticated user, but when the user tries to navigate to the above the page getting the Forbidden error.

It works fine, when we set the query string "http://<agent-host-fqdn>:<port>/getapp/simple.jsp?*", but the real issue comes up when we use the complete url (combination of special characters like =,&,) instead of wild card.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms