Logon Loop Grace Period Fails When Using Silent Credential Capture

(Doc ID 1528531.1)

Last updated on OCTOBER 19, 2016

Applies to:

Oracle Enterprise Single Sign-On Suite Plus - Version 11.1.1.5.0 to 11.1.2.1.0 [Release 11g]
Information in this document applies to any platform.

Symptoms

The Logon Loop Grace period setting in the application templates does not work correctly when the silent credential capture feature is enabled in the application template. The user credentials are automatically injected into the application when the user logs into the application the first time after credential capture.

The expected behavior when the Logon Loop Grace Period is enabled would be that the users should be prompted to logon to the application again before the credentials are automatically injected into the logon page.

The issue can be reproduced at will with the following steps:
1. Create application template for application whose logon form (URL) is same as that of log out form (URL).
2. Set Logon loop grace period to silent/prompt and set timer to 10 mins.
3. Logon to the application and enter the new credentials for the first time.
4. Logout of the application and Logon Manager automatically injects the credentials again without prompting the user.


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms