OVD 11g: OAM Intermittent Login Failures After Enabling Group Membership Checks for OAM Authorization. OVD Requests and Returns All Uniquemembers of a Group from a Join Adapter. (Doc ID 2230755.1)

Last updated on FEBRUARY 06, 2017

Applies to:

Oracle Virtual Directory - Version 11.1.1.0 and later
Oracle Access Manager - Version 11.1.1.3.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Access Manager (OAM) integrated with Oracle Virtual Directory (OVD) 11g.

The integration works fine when configured for authentication only.

After reconfiguring OAM to also use OVD for authorization via group membership checks, i.e., checking group membership before allowing a user to authenticate, OVD now includes an additional attribute requested (uniquemember) which causes intermittent failures in OAM (a generic OAM failure page is returned).

As some of the groups have thousands of members, OVD retrieves megabytes of data on every authentication request. This additional overhead causes intermittent failures.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms