Bad Oracle Access Manager Request Error When Accessing a Resource Protected by a DCC WebGate (Doc ID 1582577.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.1.0 and later
Information in this document applies to any platform.

Symptoms

Accessing a resource protected by a DCC Webgate fails with the error:

 

Bad Oracle Access Manager Request
Unable to process the request due to unexpected error.

 

A httpheader trace shows the DCC Webgate redirects to "/obrar.cgi"  instead to the initial requested resource, after credentials are  submitted to "/oam/server/auth_cred_submit " .

 

 

GET /test.html HTTP/1.1
Host: myserver.com
.
HTTP/1.1 302 Found
Set-Cookie: DCCCtxCookie_myserver.com:443=encdata%3DEqRo%2FUP6Y7VGJzT34N8n%2FEu%2B9Mp10Sp5G2mu%2F173PYgqj8jhLHVWnQ8Ge3AoOW%2FpH1F6rVWcJu9raF%2F2NOPaDjyHZqNlRqVZeX%2BzunLRCNVt4vhvEINTeQuDfUwips9XleVT%2BRxKizqG%2FA%2BPdKRywgCe74rcbn8ZCkmm6mpZdR1HRdPkFu6qXvdiyK6K8WLd3DuR2nx83TOuLcnZzztTF2P5mllXrkMgCskxIf%2BLOdhjbJ1HIJDcUolPIlKRBzSFyuyaOiXp38HBd4oQFZJ5FfxFcZOWRfcfxFMlWTgo9%2BA%3D; httponly; secure; path=/oam/server/auth_cred_submit
Location: /loginpage?resource_url=https%3A%2F%2Fmyserver.com%2Ftest.html
Content-Length: 279
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
----------------------------------------------------------
https://myserver.com/loginpage?resource_url=https%3A%2F%2Fmyserver.com%2Ftest.html

GET /loginpage?resource_url=https%3A%2F%2Fmyserver.com%2Ftest.html HTTP/1.1
Host: myserver.com
.
HTTP/1.1 200 OK
----------------------------------------------------------
https://myserver.com/oam/server/auth_cred_submit

POST /oam/server/auth_cred_submit HTTP/1.1
Host: myserver.com
Cookie: DCCCtxCookie_myserver.com:443=encdata%3DEqRo%2FUP6Y7VGJzT34N8n%2FEu%2B9Mp10Sp5G2mu%2F173PYgqj8jhLHVWnQ8Ge3AoOW%2FpH1F6rVWcJu9raF%2F2NOPaDjyHZqNlRqVZeX%2BzunLRCNVt4vhvEINTeQuDfUwips9XleVT%2BRxKizqG%2FA%2BPdKRywgCe74rcbn8ZCkmm6mpZdR1HRdPkFu6qXvdiyK6K8WLd3DuR2nx83TOuLcnZzztTF2P5mllXrkMgCskxIf%2BLOdhjbJ1HIJDcUolPIlKRBzSFyuyaOiXp38HBd4oQFZJ5FfxFcZOWRfcfxFMlWTgo9%2BA%3D
.
HTTP/1.1 302 Found
Set-Cookie: OAMAuthnCookie_myserver.com:443=lWV5Y%2Ff%2BxvLbY%2BB5ugHTv5syBiNxy85Fhx8kxC11cUjzkqwfzB0E8cgzC%2FEW%2FA%2FsUZdWC4ErF1CYECPFOAJImWS%2FzZyVssnJZkeywF3fNi6IQYGXjeG56kV7ZSH2QRYmr%2B%2FPfYmA9kbPzF5TD2JvpApluUAeFGcsDE%2F%2FAvg0syxwXd7PVndlxHP3n%2BLVHLuzYBV2mJWfw4Z87GjmfFtjkT4YjbNDeNKor5hTsGqX%2FCeyJ2PJf%2FCr%2BcMZA8Rh4%2B85eEmkFrpkB0KHc2ZgGwcjnUpChwJ1syDoe0RVNhE6Ueu55EaFOliCWrjzb9gxjo0mOR71Em7Og5Qfnz9Rpg1OkrzxM07%2B0KRIvzXg6JKRQ5A%3D; httponly; secure; path=/
Set-Cookie: DCCCtxCookie_myserver.com:443=;expires=thursday, 01-jan-1970 01:00:00 gmt; httponly; secure; path=/
Location: https://myserver.com/obrar.cgi?cookie%3D%20redirectto%3D%252Ftest.html
.
GET /obrar.cgi?cookie%3D%20redirectto%3D%252Ftest.html HTTP/1.1
Host: myserver.com

  


The DCC Webgate oblog.log shows the following error message:



ACCESS_GATE ERROR 0x00001531 /ade/aime_ngamac_497961/ngamac/src/palantir/webgate2/src/redirect.cpp:379 "The obrareq.cgi, obrar.cgi, DCCCtxCookie, logout redirect message, or any other encrypted string has failed integrity check." HTTPStatus^400 requestedURL^/obrar.cgi

WEB ERROR 0x0000151F /ade/aime_ngamac_497961/ngamac/src/palantir/commonlib/src/apache2_req_info.cpp:226 "WebGate Error Report" Message^Unable to process the request due to unexpected error. ReqReq^GET /obrar.cgi?cookie%253D%2520redirectto%253D%25252Ftest.html HTTP/1.1 ReqProto^HTTP/1.1 ReqHost^myserver.com ReqStatLine^ ReqStatus^200 ReqRawUri^/obrar.cgi?cookie%253D%2520redirectto%253D%25252Ftest.html ReqUri^/obrar.cgi ReqFilename^proxy:http://myserver.com:8100/obrar.cgi ReqPath^ ReqArgs^cookie= redirectto=%252Ftest.html

  

 

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms