My Oracle Support Banner

OAM Session Token Is Invalid Through Cross WebGate Agent Reservation (Doc ID 2161235.1)

Last updated on OCTOBER 01, 2018

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


  You have the following in your system environment:
  1) 11g WebGate
  2) AccessGate [Access SDK Client application]
  Access SDK (ASDK) client application does the following:
  1. It will authenticate the User using ASDK using AccessGate WebGate agent reservation. It passes the username, password and the resource to the API.
  2. Create issuing cookie(OAMAuthn_xxx:443 cookie) from the received session token.
  3. Uses this valid cookie to access the same resource which is protected by 11g WebGate using Apache HTTP Client API.

  The following observations are noted:
  The call to access the resource is redirected to OAM login (Asks for challenge).
  The WebGate log shows "AuthN token is null or invalid".


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.