OAM R2 PS2: Webgate Resource is Not Protected When Duplicated a Custom Authentication Scheme with Context Type Set to External

(Doc ID 1931703.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

On : OAM 11.1.2.2.0 version, Authentication Engine

During the configuration of several Authentication Schemes in OAM, we used the duplicate function to duplicate some Custom Authentication Schemes for instance.
This works fine, but what we found out afterwards, is that the webgate does not pick up at all with the policies as using this duplicated AuthN Scheme.

The policies and authN scheme configuration are present for the webgate protected resources, but it seems to be never applied.

So, When we try to access the webgate protected resource by using the duplicated authentication scheme, then we simply get the resource without any challenge and user is not required to authenticate at all.

In OAM diagnostic logs we have this error showing up, and nothing else :

[2014-07-11T10:03:27.770+02:00] [oam_server1] [NOTIFICATION] [OAM-02064] [oracle.oam.controller] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 06785f6feef2e605:6ffed714:14720b7ee2c:-8000-000000000001c6b7,0] [APP: oam_server#11.1.2.0.0] Authentication Error during policy matching.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms