Cannot Login To Multiple Different OAM Environments In Same Browser Session - Looping Occurs For Second Site Login (Doc ID 1596933.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Access - Version 10.1.4.3.0 and later
Oracle Access Manager - Version 11.1.1.3.0 and later
Information in this document applies to any platform.

Symptoms

Where multiple different Oracle Access Manager (OAM) environments exist, protecting different sites, it is only possible to login to one of these sites in the same browser session: browser looping occurs when an attempt is made to login to another OAM environment in a different browser tab.

If the new OAM-protected site is accessed in the browser without first accessing the other OAM environment then login is successful, the looping does not occur.

For example, where an established Production site exists protected by an OAM 10g installation and also a new OAM 11g installation has been configured to protect a new application.

Both environments use 10g WebGates.
Both environments are in the same company domain.

The loop problem occurs where the following is attempted:

1. Access the Production site e.g. http://prod.company.com
2. The Production login page is displayed.
3. User submits Production credentials: page http://prod.company.com is displayed.
3. Open another browser tab and access http://newprod.org.company.com
4. The new OAM environment login page is displayed.
5. User submits valid credentials: looping occurs between second environment 10g WebGate and the new OAM Server.



The OAM Server 11g diagnostic log shows the following error when the problem is reproduced, indicating failure to decrypt the cookie:




 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms