After Upgrading to Oracle Access Manager 12c PS3 (OAM 126.96.36.199)/WebGate from 188.8.131.52 to 184.108.40.206, Accessing the Unprotected Resources Require Login
(Doc ID 2402341.1)
Last updated on OCTOBER 30, 2019
Applies to:Oracle Access Manager - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
Oracle is not responsible for instructions/information from 3rd party sites that may be contained in this KM note.
Using OHS/WebGate 18.104.22.168 and OAM 22.214.171.124.180116:
OAM server is running on the SSL port and has the "require valid certificate" option set then after upgrading OHS/WebGate from 126.96.36.199 to 188.8.131.52, all the unprotected resources required login although it should not.
Using the native WebGate in OHS to connect to OAM 184.108.40.206 on another server but after upgrading OHS from 220.127.116.11 to 18.104.22.168, it is prompted to authenticate just by landing on the main page that is listed as unprotected in the OAM configuration.
When changing the /** URL in OAM from using the Unprotect-Public Resource Policy to Excluded then no authentication is required.
Expected behavior to work as it did in 22.214.171.124 WebGate / OHS and no authentication is required for the unprotected resource.
There is a workaround by changing the resource from unprotected to Excluded.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document