My Oracle Support Banner

Oracle Access Manager (OAM) Multi Data Center (MDC) - Session Attributes Are Not Retrieved Between Data Centers (Doc ID 2293651.1)

Last updated on NOVEMBER 13, 2020

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.
Oracle is not responsible for instructions/information from 3rd party sites that may be contained in this KM note.

Symptoms

Oracle Access Manager 11g R2PS3 (OAM 11.1.2.3) Multi Data Center (MDC) - Session Attributes are not Retrieved Between Data Centers

In one DC (Clone in this case) we set attributes in a Session Attribute during Authentication process:
 - $session.attribute_name --> $user.attr.roles

Then, in the other DC (Primary in this case) we reference the Session Attribute in Authorization conditions:
 - $session.attr.attribute_name CONTAINS <value>

But, between DCs - seems that the session attribute is never populated.

That's why when OAM tries to check the authorization rule, the result is always false and users cannot access to the application

-----------

Issue can be verified in the logs:

On Clone:
----------

              --------> but, the details of the Session (including required Session Attribute) cannot be retrieved - "Error while doing remote sync"

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.