My Oracle Support Banner

OAM11gr2PS2 Ipvalidation Redirect Loop After Changing Client IP (Doc ID 2033642.1)

Last updated on SEPTEMBER 12, 2023

Applies to:

Oracle Access Manager - Version 11.1.2.2.3 and later
Information in this document applies to any platform.

Symptoms

Configure IP Validation and try to access a protected application via wired connection.
Once authentication is successfully, you can switch to Wireless connection and at that point of time your IP address would get changed.
After the IP Change, It is going to a redirect loop and not displaying any page.
As per the standard process, it must either display an error page or it should redirect to the login page for authentication.

In the current scenario, the below might happen in the background

1. User authenticates and gets an OAMAuthnCookie for the 11g WebGate, and an OAM_ID cookie for the OAM Server
2. User changes IP address, and the 11g WebGate correctly rejects the OAMAuthnCookie, and re-directs the user for authentication
3. The OAM Server looks at the OAM_ID and says it's OK, so assumes the user is already authenticated
4. The OAMAuthnCookie is rejected again by the Webgate, and re-directs the user for authentication and so the loop begins

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.