OAM : Session.auth_scheme Value Is Always Set To The First Authentication Scheme Name In A Multiple Authentication Workflow (Doc ID 1950653.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

 When two authentication schemes with different level of authentication are set, the $session.auth_scheme value is always set to the first authentication scheme name.

To illustrate the situation :

  1. The user tries to access /resource1:
    1. he is requested to authenticate against AuthN_Level10 scheme.
    2. The $session.auth_scheme is AuthN_level10
  2. The user tries then to access /resource2:
    1. he is requested to authenticate against AuthN_Level20 scheme (as the current session is at level 10 only).
    2. The $session.auth_scheme is AuthN_level10

The $session.auth_scheme should be updated to the name of the Authentication Scheme with the highest level.

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms