Issue With OAM-jsessionId Static Part Cookie
(Doc ID 2017634.1)
Last updated on MARCH 08, 2017
Applies to:Oracle Access Manager - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
oam-jsessionid cookie is containing some static numeric value at the end. Even if a user logs out and login again with same userid the static numeric value remain same.
What is the security risk involved and is there a workaround?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|