OAM: Why User Is Able to Access Protected Resources Even If the Cookies Are Deleted ? (Doc ID 1612105.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Access Manager - Version 11.1.1.5.0 to 11.1.2.1.0 [Release 11g]
Information in this document applies to any platform.

Symptoms

In an integration environment between Oracle Identity Federation (OIF) and Oracle Access Manager (OAM), after a successful authentication, even if the user select "Delete cookies", when a protected resource is requested, this resource is accessed without any new login workflow. The issue is not seen when Internet Explorer is closed and re-opened.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms