OAM : Session.auth_scheme Value Is Always Set To The First Authentication Scheme Name In A Multiple Authentication Workflow

(Doc ID 1950653.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


 When two authentication schemes with different level of authentication are set, the $session.auth_scheme value is always set to the first authentication scheme name.

To illustrate the situation :

  1. The user tries to access /resource1:
    1. he is requested to authenticate against AuthN_Level10 scheme.
    2. The $session.auth_scheme is AuthN_level10
  2. The user tries then to access /resource2:
    1. he is requested to authenticate against AuthN_Level20 scheme (as the current session is at level 10 only).
    2. The $session.auth_scheme is AuthN_level10

The $session.auth_scheme should be updated to the name of the Authentication Scheme with the highest level.



Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms