Oracle Access Manager (OAM) Federation - Login Fails, Identity Provider (IdP) or Service Provider (SP) Initiated, Using Kerberos Authentication Thorough a Detached Credential Collector (DCC) HTTP Error 401 - Unauthorized: Access is Den
(Doc ID 2243693.1)
Last updated on NOVEMBER 10, 2022
Applies to:
Oracle Access Manager - Version 11.1.2.3.170117 and laterInformation in this document applies to any platform.
Symptoms
- Oracle Access Manager 11gr2ps3 (OAM 11.1.2.3.x) Federation - Login Fails, Identity Provider (IdP) or Service Provider (SP) Initiated, Using Kerberos Authentication Thorough a Detached Credential Collector (DCC) HTTP Error 401 - Unauthorized: Access is Denied
- When using a DCC webgate configured with tunneling for WNA authentication the browser shows a blank page instead of sending a token to OAM after /oam/CredCollectServlet/WNA URL is called.
- From the logs we can see that OAM sends a merged header "Header Name : WWW-Authenticate value: Negotiate,Basic realm="OAM 11g" " instead of sending it as 2 different headers:
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |