OAM R2 PS2: Webgate Resource is Not Protected When Duplicated a Custom Authentication Scheme with Context Type Set to External
Last updated on SEPTEMBER 21, 2016
Applies to:Oracle Access Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
On : OAM 184.108.40.206.0 version, Authentication Engine
During the configuration of several Authentication Schemes in OAM, we used the duplicate function to duplicate some Custom Authentication Schemes for instance.
This works fine, but what we found out afterwards, is that the webgate does not pick up at all with the policies as using this duplicated AuthN Scheme.
The policies and authN scheme configuration are present for the webgate protected resources, but it seems to be never applied.
So, When we try to access the webgate protected resource by using the duplicated authentication scheme, then we simply get the resource without any challenge and user is not required to authenticate at all.
In OAM diagnostic logs we have this error showing up, and nothing else :
[2014-07-11T10:03:27.770+02:00] [oam_server1] [NOTIFICATION] [OAM-02064] [oracle.oam.controller] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 06785f6feef2e605:6ffed714:14720b7ee2c:-8000-000000000001c6b7,0] [APP: oam_server#220.127.116.11.0] Authentication Error during policy matching.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms