Cannot Get OAM To Prefetch Attributes Using SUPPLEMENTARY_RETURN_ATTRIBUTES When Using X-509 Cert Authentication
Last updated on JANUARY 09, 2015
Applies to:Oracle Access Manager - Version 184.108.40.206.3 and later
Information in this document applies to any platform.
SUPPLEMENTARY_RETURN_ATTRIBUTES setting can be added to oam-config.xml to tell OAM to prefetch a set of attributes in with one LDAP call and cache those attributes in the user's session. However, we do not see any difference in OAM's behavior after adding SUPPLEMENTARY_RETURN_ATTRIBUTES. We still are seeing numerous ldap calls issued for retrieving the directory attributes for the response header.
We have tested this feature in two versions of OAM with no success.
220.127.116.11.3 (18.104.22.168.0 + BP03), and
22.214.171.124.1 (126.96.36.199.0 + BP02)
The issue is seen only when using X-509 certificate authentication. For the same resource, if we change the authentication scheme to "Form", then OAM prefetch functionality works as expected.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms