My Oracle Support Banner

OAM11gr2PS2 Ipvalidation Redirect Loop After Changing Client IP (Doc ID 2033642.1)

Last updated on NOVEMBER 15, 2019

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


Configure IP Validation and try to access a protected application via wired connection.
Once authentication is successfully, you can switch to Wireless connection and at that point of time your IP address would get changed.
After the IP Change, It is going to a redirect loop and not displaying any page.
As per the standard process, it must either display an error page or it should redirect to the login page for authentication.

In the current scenario, the below might happen in the background

1. User authenticates and gets an OAMAuthnCookie for the 11g WebGate, and an OAM_ID cookie for the OAM Server
2. User changes IP address, and the 11g WebGate correctly rejects the OAMAuthnCookie, and re-directs the user for authentication
3. The OAM Server looks at the OAM_ID and says it's OK, so assumes the user is already authenticated
4. The OAMAuthnCookie is rejected again by the Webgate, and re-directs the user for authentication and so the loop begins


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.