Last updated on MARCH 08, 2017
Applies to:COREid Access - Version 10.1.4.3.0 and later
Information in this document applies to any platform.
Oracle Access Manager (OAM) 10g has been configured to protect an application resource with form-based authentication.
The environment is accessed via an Apache reverse-proxy.
When login is performed using http (non-SSL) configuration it is working fine.
However when the Challenge Redirect URL is changed to https in the OAM form authentication scheme so that SSL is used for login, after the credentials are submitted in the OAM login page error "Page Cannot Be Displayed" occurs.
The HTTP Header trace for failing login shows that the URL becomes malformed for the redirection back to the resource WebGate after successful authentication.
The /obrar.cgi request becomes https://HOSTNAME.DOMAINhttp://HOSTNAME.DOMAIN/obrar.cgi which of course the browser cannot serve and error "Page cannot be displayed" occurs.
Steps to reproduce
1. Submit valid credentials in an OAM login form.
2. Malformed URL https://www.oamsso.comhttp://www.oamsso.com/obrar.cgi?cookie%3DQYDs7fVe1.....TTU7iQ%253D%253D%20redirectto%3D%252Fstart.htm is requested which the browser cannot serve.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms