Oracle Access Manager 11gr2ps3 (OAM 11.1.2.3.x) Federation - Token Issuance Policy Rule Evaluation Fails to Check Authorization Groups
(Doc ID 2289256.1)
Last updated on SEPTEMBER 15, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.170117 and later
Information in this document applies to any platform.
Symptoms
- Oracle Access Manager 11gr2ps3 (OAM 11.1.2.3.x) Federation - Token Issuance Policy Rule Evaluation Fails to Check Authorization Groups
- Doing Service Provider (SP) initiated SAML SSO with token issuance policy conditions to check for presence of OUD groups on authorization.
- Only rule which works on token issuance policy is 'TRUE'
- All other conditions fail and allows all users without role access the application.
- Federation with Token insurance policy is working properly for both allow and deny at base 11.1.2.3, but fail after patch up to BP08
- From OAM log ...
Changes
Cause
| |
To view full details, sign in with your My Oracle Support account. |
|
| Don't have a My Oracle Support account? Click to get started! |
In this Document
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.