OAM 11.1.2.2 : Post Authentication rule to switch to TAPScheme (OAAM) does not work for certain user attributes. (Doc ID 2123685.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.2.5 and later
Information in this document applies to any platform.

Symptoms

On:  OAM 11.1.2.2 BP08 with Authentication Policy configured with Post Authentication rule to switch to TAPScheme based on user attributes  does not work for certain attributes.

Steps replicate the issue.

------------------------
 1. User visits a LDAPScheme protected page
 2. User is prompted by OAM for a username and password
 3. Post-authentication rule kicks in but the rule does not evaluate to true for all user attributes.
 4. The switch to TAPScheme post authentication is successful only when using certain user attributes [ as an example, for a user with uid and givenName as user.1, switch to TAPScheme is successful when using user.userMap['uid'] == 'user.1'  but not when using user.userMap['givenName'] == 'user.1' in the rule.



Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms