OAM_LAST_REAUTHENTICATION_TIME Is Not Updated After Reauthentication Via /oamreauthenticate (Doc ID 2026320.1)

Last updated on JULY 04, 2015

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

Two protected resources with different level of authentication.

After user is logged to Protected Resource-1, than to perfom login to Protected Resource-2 ... need to do forced re-authentication and used the "/oamreauthenticate" functionality for this. The login is done again with the same user and the same DCC scheme and this works.
However when we check the OAM_LAST_REAUTHENTICATION_TIME headers, it has not changed since the previous login.

The expectation would be to see a updated timestamp value, as mentioned in documentation...
Oracle Fusion Middleware Online Documentation Library, 11g Release 1 (11.1.2.2), Fusion Middleware Administrator's Guide for Oracle Access Management, Chapter 19 Managing Authentication and Shared Policy Components, section 19.19 Using Application Initiated Authentication

 

Changes

The OAM_LAST_REAUTHENTICATION_TIME http header is completely removed after doing a step-up authentication. We've seen this behavior in 2 use cases: 

The result in these 2 cases is that the actual authn_level is increased as expected, but the OAM_LAST_REAUTHENTICATION_TIME http header is completely removed after step-up.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms