OAAM Session_Expired Error During User Login with LB
(Doc ID 2146234.1)
Last updated on OCTOBER 04, 2019
Applies to:Oracle Adaptive Access Manager - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
In OAM an OAAM integration everything was working fine with a single server. However as the deployment progressed and a load balancer (LB) was introduced, there was an intermittent issue, whereby, immediately upon logging in, the end user would receive a URL which said
The architecture was as follow:
Load Balancer Externa Internal OHS Load Balancer
Cisco ACE ------ -----OHS ------------
(Sticky sessions configured for the load balancer)
OAAM Properties Set
The following properties were set in the bharosa_server.properties/oaam_custom.properties file (oracle.oaam.extensions.war)
vcrypt.tracker.trackerrequest.never = true
vcrypt.tracker.trackerrequest.optimized = true
In the header trace we can see: https://<HOSTNAME>/oaam_server/error.do?action=session_expired
Client User is not found in session, so the session is expired shown in oaam1_server_server1-diagnostic.log
[2016-05-02T11:33:23.120-04:00] [<OAAM_SERVER_SERVER1>] [NOTIFICATION]  [oracle.oaam] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 00i^7FyzJJaFw00Fzzw0w00000UG000706,0:4:13:3] [APP: oaam_server#126.96.36.199.0] AbstractTaskProcessor.validateSession(): Client User is not found in session, so the session is expired.
It was observed that,
JESSSIONID is changing...request affinity to OAAM server is not maintained and session is seen as expired
What was causing this behavior?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document