User is Not Challenged for Credentials on Additional Browser Tabs When the First Tab is on the OIM Change Password Page (due to passwordExpired)
(Doc ID 2317473.1)
Last updated on MAY 24, 2022
Applies to:Oracle Access Manager - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
After following the solution from the Doc ID 2304335.1 and Doc ID 2304350.1 to setup custom request attribute(s) in an OAM IDP federation flow it has been observed that when the user is on the OIM passwordChange page (due to their password being expired) in one browser tab and a 2nd browser tab is opened and a federated resource is accessed the user is not challenged for credentials nor is the browser redirected to the OIM change password page even though the password has not yet been reset.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document