Redirect to the Change Password Page Fails with HTTP 404 in an OAM/OIM Integrated Environment After Installing BP05
(Doc ID 1585909.1)
Last updated on OCTOBER 16, 2023
Applies to:
Oracle Access Manager - Version 11.1.1.5.0 and laterInformation in this document applies to any platform.
Symptoms
The redirect to the Change Password Page Fails with a HTTP 404 error in an OAM/OIM integrated Environment after installing BP05 for version 11.1.1.5,
if OAM and OIM are front ended by an OHS containing a Webgate and listening on the default HTTP port 80.
The problem occurs regardless if the protected resource is accessed with or without specifying the port 80.
http://<HOSTNAME>.<DOMAIN>:80/test.html
http://<HOSTNAME>.<DOMAIN>/test.html
The problem does not occur if the resource is accessed via the ip address :
http://<IPADDRESS>:<PORT>/test.html
or if the resource is accessed via a virtual host using the same OHS/Webgate on a different port :
http://<HOSTNAME>.<DOMAIN>:<PORT>/mytest.html
The same configuration works , if OAM 11.1.1.5 BP03 is installed.
After installing BP05 a httpheader trace shows a different process flow, if port 80 is used.
If BP03 is used or the resource is accessed using BP05 with a different port than 80, the OAM server redirects to "/admin/faces/pages/pwdmgmt.jspx"
after credentials are submitted and the Change Password function is triggered.
If a resource is accessed via port 80 and BP05 is installed , the OAM server redirects to "/obrar.cgi" and the hostname is not set for the "redirectto" URL.
The OAM diagnostic log file shows:
------------------------
[oam_server1] [TRACE:16] []
[oracle.oam.proxy.oam] [tid: [ACTIVE].ExecuteThread: '2' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:
004qT_vGoiFBh4FpN0O5ye0006yN000009,0:1] [SRC_CLASS:
oracle.security.am.proxy.oam.pbl.plugin.OAMProxyEngine] [APP: oam_server]
[SRC_METHOD: getObrarReplyString] [URI: /oam/server/auth_cred_submit]
obrarReplyStr Base Url: http://<HOSTNAME>.<DOMAIN>/obrar.cgi,
Params:
[[{cookie=mhJG2peKoG52Odsc...4DW5wFylYPlfGLc=}{redirectto=:<PORT>/admin/faces%
@ 2Fpages/pwdmgmt.jspx?backUrl=http://<HOSTNAME>.<DOMAIN>:<PORT>/test.html}{ssoCookie=httponly}]],
A httpheader trace shows:
POST /oam/server/auth_cred_submit HTTP/1.1
username=<USERNAME>&<password>=mypassword&request_id=...
HTTP/1.1 302 Moved Temporarily
Location: http://<HOSTNAME>.<DOMAIN>/obrar.cgi?cookie=mhJG2peKo...
GET /obrar.cgi?cookie=mhJG2peKo...
Referer: http://<HOSTNAME>.<DOMAIN>/oam/pages/login.jsp
HTTP/1.1 302 Found
Set-Cookie: ObSSOCookie=mhJG2
Location: :<PORT>/admin/faces/pages/pwdmgmt.jspx?backUrl=http://<HOSTNAME>.<DOMAIN>:<PORT>/test.html
GET /: <PORT>/admin/faces/pages/pwdmgmt.jspx?backUrl=http://<HOSTNAME>.<DOMAIN>:<PORT>%2test.html HTTP/1.1
HTTP/1.1 404 Not Found
Changes
OAM 11.1.1.5 BP05 has been installed.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |