Oracle Access Manager 11gr2ps3 (OAM 11.1.2.3.x) What is the Expected Behavior When a Different Username/Password is Used When the Idle Session Timeout Forces Login

(Doc ID 2302651.1)

Last updated on SEPTEMBER 27, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Goal

Oracle Access Manager 11gr2ps3 (OAM 11.1.2.3.x) What is the Expected Behavior When a Different Username/Password is Used When the Idle Session Timeout Forces Login

Steps to reproduce

  • Protected application : myportal.com
  • Idle session timeout = 15 min
  • Max session timeout = 60 min

1. Access myportal.com and Login as userA

2. On the 16th minute refresh of myportal.com, now a login screen is displaid

3a. Login as userA and am able to access the portal

So far so good. OAM is working as expected.

3b. Instead of logging in as userA, login as userB ...  The login keeps failing with OAM-2, then after 5 attempts OAM-10 error.

NOTE: Open another browser (say firefox, if the userA session was opened in chrome) can login as userB with same password.

The question is, why it does not allow login as userB on Idle session time out?


 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms