OAM Is Returning The Users To Login Page In MDC Environment For Unsolicited Authentication Specific Use Case

(Doc ID 2389910.1)

Last updated on APRIL 24, 2018

Applies to:

Oracle Access Manager - Version 11.1.2.1.0 and later
Information in this document applies to any platform.

Symptoms

 

Master MDC: server idmmaster.vm.oracle.com

The flow is like below

1. http://idmmaster.vm.oracle.com:7778/cgi-bin/printenv - login and create a oam session

Response headers:
------------------
Set-Cookie:
OAM_GITO=ShYf9CrKxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=;Domain=.vm.oracle.com
; path=/

2. Hit http://idmmaster.vm.oracle.com:7778/logout.html and the same "OAM_GITO cookie exits":

Request headers:
-----------------

OAM_GITO=Mtw7jScaTqWxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Response:
HTTP/1.1 404 Not Found

Note: As per the Customer header trace customer also
gets "HTTP/1.1 404 Not Found"

3. Then hit unsolicited login page now:
http://idmmaster.vm.oracle.com:14888/oam/server/authentication?username=testUser&password=XXXXXX&successurl=http://idmmaster.vm.oracle.com:7778/cgi-bin/printenv
it is redirected to the login page again and the same "OAM_GITO cookie" still exists

Request headers:
----------------
GET http://idmmaster.vm.oracle.com:14888/oam/server/obrareq.cgi?.........

OAM_GITO=ShYf9CrKxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=;

Note :
Below are the Webgate parameters which are set (in the internal environment)
exactly similar to that of the customer setup:
-----------------------------------------------------------
Logout URL: Blank
Logout Callback URL: /oam_logout_success
Logout Redirect URL: Blank

Changes

This functionality worked fine before enable MDC. 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms