Cannot Get OAM To Prefetch Attributes Using SUPPLEMENTARY_RETURN_ATTRIBUTES When Using X-509 Cert Authentication (Doc ID 1917751.1)

Last updated on JANUARY 09, 2015

Applies to:

Oracle Access Manager - Version 11.1.2.1.3 and later
Information in this document applies to any platform.

Goal

SUPPLEMENTARY_RETURN_ATTRIBUTES setting can be added to oam-config.xml to tell OAM to prefetch a set of attributes in with one LDAP call and cache those attributes in the user's session. However, we do not see any difference in OAM's behavior after adding SUPPLEMENTARY_RETURN_ATTRIBUTES. We still are seeing numerous ldap calls issued for retrieving the directory attributes for the response header.

We have tested this feature in two versions of OAM with no success.

11.1.2.1.3 (11.1.2.1.0 + BP03), and
11.1.2.2.1 (11.1.2.2.0 + BP02)

The issue is seen only when using X-509 certificate authentication. For the same resource, if we change the authentication scheme to "Form", then OAM prefetch functionality works as expected.


 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms