Oracle Access Manager 11gr2ps3 (OAM 11.1.2.3.x) Multi Data Center (MDC) - Session Attributes are not Retrieved Between Data Centers (Doc ID 2293651.1)

Last updated on AUGUST 10, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Access Manager 11gr2ps3 (OAM 11.1.2.3.x) Multi Data Center (MDC) - Session Attributes are not Retrieved Between Data Centers

In one DC (Clone in this case) we set attributes in a Session Attribute during Authentication process:
 - $session.attribute_name --> $user.attr.roles

Then, in the other DC (Master in this case) we reference the Session Attribute in Authorization conditions:
 - $session.attr.attribute_name CONTAINS <value>

But, between DCs - seems that the session attribute is never populated.

That's why when OAM tries to check the authorization rule, the result is always false and users cannot access to the application

-----------

Issue can be verified in the logs:

On Clone:
----------

              --------> but, the details of the Session (including required Session Attribute) cannot be retrieved - "Error while doing remote sync"

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms