OAM 11g - DCC Webgate with RetainDownstreamPostData=True Returns HTTP 501 When Protected Resource Is Accessed Using FireFox. (Doc ID 1630286.1)

Last updated on MARCH 17, 2015

Applies to:

Oracle Access Manager - Version 11.1.2.1.1 and later
Information in this document applies to any platform.

Goal

How to work around http 501 error that occurs when accessing a resource using firefox and a detached credential collector (DCC) webgate is
configured with RetainDownstreamPostData=true    This issue does not occur when using IE browser.

Environment and steps to replicate the problem

(1) Configure DCC webgate with RetainDownstreamPostData=true

(2) OHS on which webgate is installed is configured for HTTPS/SSL

(3) Access the protected resource in firefox.

(4) HTTP 501 is thrown after entering valid credentials.

(5) The same resource when accessed via IE will get displayed correctly.

 

Workaround

(1) Modifying the following line in httpd.conf file

"BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0
force-response-1.0"

to

"BrowserMatch ".*" nokeepalive ssl-unclean-shutdown downgrade-1.0
force-response-1.0"

and restarting the OHS server allows firefox to access the resource without HTTP 501 error.
(2) Set "keepAlive" to "Off" in httpd.conf
(3)  do not use RetainDownstreamPostData=true parameter in the DCC webgate profile

 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms