Session Times Out in Co-Existence / DCC Webgate Deployment
Last updated on SEPTEMBER 28, 2016
Applies to:Oracle Access Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
OAM 11gR2 deployment in co-existence mode with OAM 10g with DCC WebGate.
- User accesses the 10g resource WebGate (talking to 10g Access Server), by authenticating to 10g Authenticating WebGate (talking to 10g Access Server).
- User then accesses the 11g resource WebGate (talking to 11g OAM Server and configured to 11g DCC WG as SSO server) in the same network domain. SSO happens and user can access 11g resource.
- While user is accessing 11g resources successfully with the OAMAuthCookie, the ObSSOCookie corresponding to the DCC WebGate times out after 1 hour. (The default value of DCC WebGate's idle session timeout is 3600s (i.e. 1 hour)). The user can keep accessing this 11g WebGate resource as its OAMAuthCookie is still valid and didn't timeout.
- After 1 hr, when user access any "other" 11g WebGate resource, the user will be redirected to DCC for SSO where it will submit the ObSSOCookie (which is timedout) and hence gets login page for reauthentication.
- If user is navigating at least once across 10g and 11g WebGates within 1hr timeouts, then this timeout will not happen.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms