OAM R2 PS2: Webgate Resource is Not Protected When Duplicated a Custom Authentication Scheme with Context Type Set to External
(Doc ID 1931703.1)
Last updated on APRIL 03, 2018
Applies to:Oracle Access Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
On : OAM 184.108.40.206.0 version, Authentication Engine
During the configuration of several Authentication Schemes in OAM, we used the duplicate function to duplicate some Custom Authentication Schemes for instance.
This works fine, but what we found out afterwards, is that the webgate does not pick up at all with the policies as using this duplicated AuthN Scheme.
The policies and authN scheme configuration are present for the webgate protected resources, but it seems to be never applied.
So, When we try to access the webgate protected resource by using the duplicated authentication scheme, then we simply get the resource without any challenge and user is not required to authenticate at all.
In OAM diagnostic logs we have this error showing up, and nothing else :
[2014-07-11T10:03:27.770+02:00] [oam_server1] [NOTIFICATION] [OAM-02064] [oracle.oam.controller] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 06785f6feef2e605:6ffed714:14720b7ee2c:-8000-000000000001c6b7,0] [APP: oam_server#220.127.116.11.0] Authentication Error during policy matching.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!