Last updated on MARCH 08, 2017
Applies to:Oracle Access Manager - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
On using OHS WebGate R2 PS2 (Webgate 22.214.171.124.x).
When you request an unprotected PUBLIC resource page, the browser is temporarily redirecting to the OAM login url as per HTTP-302 redirects found as onto uris paths of "/oam/server/obrareq.cgi?encquery..." and "/obrar.cgi?encreply..."
But then, the browser returns the requested public resource page instead of displaying any OAM login page.
So, there is no login prompt for user's authentication challenge as it is transparent on flows, but we can see those HTTP 302 redirects when collecting the HTTP Headers traces.
The issue with this is that it might affect some customers who are possibly relying and expecting on correct HTTP-200 code for LB Health-Check testing or some sort of things.
So, some customers might use this as for checking if the OHS is up and running, and/or to identify if Webgate and OHS are both functional by LB PING request on typical public resource url running on the OHS/Webgate instance.
So, in this case the Load Balancer will typically now receive an HTTP-302 redirect, instead of expected HTTP-200 OK, and hence the OHS instances are considered all down and LB service is interrupted.
For instance, the Load Balancer might use some /ohs-wg-keepalive.html as keep-alive url and this is configured in OAM server as being the unprotected PUBLIC resource.
So, LB periodically tests this page to verify if the OHS/Webgate is up and running. Since Load Balancer expects http-200, but now with the redirect behavior, the response is http-302.
Install or Upgrade to new release of OAM/Webgate R2 PS2 (aka OAM/Webgate 126.96.36.199.x)
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms