How to Change the CanonicalIDDelimiter Used by OAM Federation
Last updated on MARCH 21, 2018
Applies to:Oracle Access Manager - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
When using OAM as the identity provider in a federated login OAM will authenticate the user and then forward the request to federation sending the user's LDAP DN and USERID attributes as a single string separated by a colon. If the DN or USERID attribute already contains a colon such as "dn:cn=comp:person:0bb9d73dcbf34" then the federation server fails to handle this properly and considers "comp" as DN and "person" as USERID.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms