MDC Single SignOn issue when authentication and authorization are happening in different Data Center
(Doc ID 2079637.1)
Last updated on NOVEMBER 04, 2019
Applies to:Oracle Access Manager - Version 22.214.171.124.1 and later
Information in this document applies to any platform.
MDC with Master (DC1) and Clone (DC2) Data Center.
App1 WebGate is in DC1 and App2 WebGate is in DC2.
User accesses App1 https://APP1/index.html. The user is connected to WebGate in DC1 and authenticated at DC1 due to user affinity. Authentication and authorization happen in DC1.
In the same browser session user access APP2 in Clone Data Center (DC2) - https://APP2/index.html
Due to user affinity, the authentication request is routed to DC2 where seamless authentication occurs due to the presence of valid OAM_ID cookie.
The App2 WebGate forwards the subsequent authorization request to App2's primary server, DC2. This results in looping and the browser shows the error “This WebGate has a redirect loop”.
Expected behaviour: Redirect loop should not occur and user should be able to resource on APP2 since they have a valid token.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document