HTTP-500 Internal Server Error / FED-15132 Unknown RefID Intermittently Occurs With Load-Balanced OIF Cluster Deployment
(Doc ID 2020499.1)
Last updated on AUGUST 09, 2018
Applies to:Oracle Identity Federation - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
Oracle Identity Federation (OIF) 11g (11.1.1.x) has been configured as Identity Provider (IdP) with one or more Service Provider (SP) applications.
OIF is integrated with Oracle Access Manager (OAM) or another authentication engine which is configured with a custom login page accessed via the same site hostname.domain as OIF.
Mostly login is working for all Service Provider applications.
However sometimes after submitting IdP credentials in the custom OAM SSO login page an HTTP-500 Internal Server Error occurs.
The URL in the browser address bar is the following when the error occurs: https://OIFHOST.DOMAIN:PORT/fed/user/authnoam11g
One of the clustered OIF nodes shows the following in the wls_oif<n>-diagnostic.log when the error ocurrs in the browser:
The problem does not reproduce if only one node / managed server in the OIF cluster is running.
The following has been configured in OIF for High Availability (HA) load-balanced OIF request servicing as per the OIF HA guide:
8.13 Oracle Identity Federation High Availability
1. OIF is configured for database message data store and the user session data store.
2. OIF is configured for WebLogic Server session replication.
Steps to reproduce
1. Access the SP application.
2. Click Login.
3. User id redirected to the IdP for login and the custom login page at https://sso.oracle.com/idm/login/login.jsp is displayed.
4. Submit valid IdP credentials.
5. Error HTTP-500 Internal Server Error is displayed.
This error is intermittent: if the login is retried then access to the SP application is successful.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|