Cannot Login To The OAM Console After Disabling the non-SSL Administration Port and Using the WLS Embedded LDAP Server for the System Store
(Doc ID 1992948.1)
Last updated on MARCH 22, 2019
Applies to:Oracle Access Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
Administrators cannot login to the OAM Console after disabling the non-SSL port (7001 by default) on the AdminServer.
For example, after running the following steps administrators can no longer login to the OAM console:
- Use the WLS console to enable the "SSL Listen Port Enabled" for the WebLogic AdminServer and the OAM managed server
- Modify the OAM identity store named UserIdentityStore1 to check the box for "Enable SSL"
- Modify the OAM server instance to listen on the SSL port (14101 by default)
- Configure the OAM load balancer URL to use the HTTPS protocol and SSL port
- Disable the non-ssl/HTTP port (7001 by default) for the AdminServer and the OAM managed server.
- Attempt to login to OAM console as weblogic user (user in the embedded ldap). The browser will typically only show an "invalid username/password" error while the real error is thrown in the OAM diagnostic log.
Technically speaking steps (3) & (4) are not required. The OAM load balancer controls the redirect to the credential collector only. This is the URL that the browser will redirect to in order to present the username/password screen. This screen has nothing to do with the backend OAM server -> LDAP server communication. However, in most cases the end-user expects the entire login process to be done over SSL and thus included as standard SSL setup.
Oracle Access Management, Fusion Middleware Administrator's Guide for Oracle Access Management
2.5 About Logging Into the Oracle Access Management Console
2.5.2 Logging Into the Secure Oracle Access Management Console (HTTPS)
Disabling the non-SSL port of the WebLogic AdminServer.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document