Redirect to the Change Password Page Fails with HTTP 404 in an OAM/OIM Integrated Environment After Installing BP05 (Doc ID 1585909.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.1.5.0 and later
Information in this document applies to any platform.

Symptoms

The redirect to the Change Password Page Fails with a HTTP 404 error in an OAM/OIM integrated Environment after installing BP05 for version 11.1.1.5,

if OAM and OIM are front ended by an OHS containing a Webgate and listening on the default HTTP port 80.

The problem occurs regardless if the protected resource is accessed with or without specifying the port 80.

 

Following URLs reproduce the problem:

http://myserver.oracle.com:80/test.html
http://myserver.oracle.com/test.html

The problem does not occur if the resource is accessed via the ip address :

http://10.16.241.21:80/test.html

or if the resource is accessed via a virtual host using the same OHS/Webgate on a different port :

http://myserver.oracle.com:7799/mytest.html

 

The same configuration works , if OAM 11.1.1.5 BP03 is installed.

 

After installing BP05 a httpheader trace shows a different process flow, if port 80 is used.

If BP03 is used or the resource is accessed using BP05 with a different port than 80, the OAM server redirects to "/admin/faces/pages/pwdmgmt.jspx"

after credentials are submitted and the Change Password function is triggered.

 

If a resource is accessed via port 80 and BP05 is installed , the OAM server redirects to "/obrar.cgi" and the hostname is not set for the "redirectto" URL.

 

The OAM diagnostic log file shows:
------------------------
[oam_server1] [TRACE:16] []
[oracle.oam.proxy.oam] [tid: [ACTIVE].ExecuteThread: '2' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:
004qT_vGoiFBh4FpN0O5ye0006yN000009,0:1] [SRC_CLASS:
oracle.security.am.proxy.oam.pbl.plugin.OAMProxyEngine] [APP: oam_server]
[SRC_METHOD: getObrarReplyString] [URI: /oam/server/auth_cred_submit]
obrarReplyStr Base Url: http://myserver.oracle.com/obrar.cgi,
Params:
[[{cookie=mhJG2peKoG52Odsc...4DW5wFylYPlfGLc=}{redirectto=:80%2Fadmin%2Ffaces%
@ 2Fpages%2Fpwdmgmt.jspx%3FbackUrl%3Dhttp:%2F%2Fmyserver.oracle.com:80%2Ftest.html}{ssoCookie=httponly}]],


A httpheader trace shows:

POST /oam/server/auth_cred_submit HTTP/1.1
username=mytestuser&password=mypassword&request_id=...

HTTP/1.1 302 Moved Temporarily
Location: http://myserver.uk.oracle.com/obrar.cgi?cookie=mhJG2peKo...

GET /obrar.cgi?cookie=mhJG2peKo...
Referer: http://myserver.oracle.com/oam/pages/login.jsp

HTTP/1.1 302 Found
Set-Cookie: ObSSOCookie=mhJG2
Location: :80/admin/faces/pages/pwdmgmt.jspx?backUrl=http%3A%2F%2Fmyserver.oracle.com%3A80%2Ftest.html

GET /: 80/admin/faces/pages/pwdmgmt.jspx?backUrl=http%3A%2F%2Fmyserver.oracle.com%3A80%2test.html HTTP/1.1

HTTP/1.1 404 Not Found

 

 

 

Changes

OAM 11.1.1.5 BP05 has been installed.

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms