OAM SDK APIs Writes Back To ObAccessClient.xml File On Client Host Machine
(Doc ID 2355922.1)
Last updated on FEBRUARY 13, 2018
Applies to:Oracle Access Manager - Version 18.104.22.168.170418 and later
Information in this document applies to any platform.
On : 22.214.171.124.170418 version, Configuration Service
OAM SDK APIs over-writes changes to ObAccessClient.xml file on client host machine
We have a custom form for form based authentication. In custom form, upon page submission, OAM SDK APIs are called to created authenticated sessions. As per our analysis on OAM SDK APIs interaction with OAM server, what we observed is when API call is made it looks upto to webgate profile configuration in OAM and writes back to ObAccessClient.xml file present on client host machine from where OAM SDK APIs are invoked but while writting back to ObAccessClient.xml it drops some configurations (e.g. "Allow Management Operations" webgate property is not written back to ObAccessClient.xml file ). I want to know since OAM SDK APIs doesn't write back webgate's proerty "Allow Management Operations" in ObAccessClient.xml file, can it cause any other session management issue? Also, is there any option to instruct OAM SDK APIs to stopping writing back to ObAccessClient.xml file?
The OAM SDK do not over-write the changes on client host machine, instead retains the correct version of the ObAccessClient.xml file.
The issue can be reproduced at will with the following steps:
1. Invoke ASDK client app.
2. Complete the sample flow.
3. Upon completion, notice the changes to ObAccessClient.xml file on ASDK client machine.
The issue has the following business impact:
As a result of this sometimes users sessions gets lost in failover scenario when the primary server goes down, traffic needs to be routed to secondary server.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!