Last updated on JUNE 07, 2017
Applies to:COREid Access - Version 10.1.4.3.0 and later
Information in this document applies to any platform.
Let's say I have a web page at "http://www.abc.com/abc/xyz".
Let's say this page requires a login. The login is setup to use a form login.
I am finding out that I can log in and access the page right away without doing form login by passing query parameters "ID=USER_ID&password=PASSWORD" (i.e. USER_ID is the id and PASSWORD is password) like this:
1. How is this possible? Is this some kind of feature in OAM10g that allows to bypass the form login?
2. Can I disable this feature so users cannot log in this way?
3. Will OAM11g have the same feature.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms