My Oracle Support Banner

OAM BP07: MDC: Authorization Fails with The Error "Authn token passed to the ObUserSession constructor is null or invalid" (Doc ID 2213245.1)

Last updated on APRIL 01, 2019

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


MDC (2 DCs with a cluster of 2 OAM Servers each) setup for OAM.
In Oracle managed data centers DC1 and DC2. DC1 is master and DC2 is cloned)
This setup combines with Two WebGates configured in 2 customer data centers(WG1 and WG2), protecting applications.
WG1 webgate allows the connection only to OAM instance in DC1 and WG2 webgate allows the connection to only two DC2.
All the protected applications work fine with this setup except OIM Application.

Expected and Observed Results
Expected Result: OIM Application should return the page when authenticated through the cloned oam instance(DC2)

Observed Result:
- User tries to get access to a protected resource.
- For credential collection, when user gets redirected to Master Data center (DC1). It just works fine.
- For credential collection, they get redirected to the Clone Data Center (DC2) and they get authenticated on DC2.
- They then get redirected to the originally requested URL on Master Data center(DC1) for authorization.
- Authorization fails on Master data center with error "Authn token passed to the ObUserSession constructor is null or invalid."
- This creates continuous looop situation.



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.