OAM 18.104.22.168 BP07: MDC: Authorization Fails with The Error "Authn token passed to the ObUserSession constructor is null or invalid"
Last updated on FEBRUARY 15, 2018
Applies to:Oracle Access Manager - Version 22.214.171.124.7 and later
Information in this document applies to any platform.
MDC (2 DCs with a cluster of 2 OAM Servers each) setup for OAM.
In Oracle managed data centers DC1 and DC2. DC1 is master and DC2 is cloned)
This setup combines with Two WebGates configured in 2 customer data centers(WG1 and WG2), protecting applications.
WG1 webgate allows the connection only to OAM instance in DC1 and WG2 webgate allows the connection to only two DC2.
All the protected applications work fine with this setup except OIM Application.
Expected and Observed Results
Expected Result: OIM Application should return the page when authenticated through the cloned oam instance(DC2)
- User tries to get access to a protected resource.
- For credential collection, when user gets redirected to Master Data center (DC1). It just works fine.
- For credential collection, they get redirected to the Clone Data Center (DC2) and they get authenticated on DC2.
- They then get redirected to the originally requested URL on Master Data center(DC1) for authorization.
- Authorization fails on Master data center with error "Authn token passed to the ObUserSession constructor is null or invalid."
- This creates continuous looop situation.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms