My Oracle Support Banner

SAML OAM -2 Error If The Application Is Visited Directly Before The SSO Link (Doc ID 2469521.1)

Last updated on MARCH 29, 2019

Applies to:

Oracle Access Manager - Version 11.1.2.3.160719 and later
Information in this document applies to any platform.

Symptoms

You have integrated a 3rd party application with SAML and then redirect the user to a WebGate protected application once the session is created in OAM.

The URL for the SSO is

https://sso.oracle1.com/oamfed/sp/initiatesso?providerid=http://sso.oracle2.com:8010/oam/fed&returnurl=https://www.oracle3.com/mypage/saml-sso.aspx


The flow works fine if you access the application directly, but it prompts the OAM-2 error when you visit the oracle3.com first in one browser tab and then access the SSO url in another tab , the sit fails with OAM-2 error

Steps to reproduce the issue :

Steps:
1. Visit oracle3.com -This will open up the login page and will setup a webgate session for login
2. Same browser (can be a new tab) open the SAML sign in URL : https://sso.oracle1.com/oamfed/sp/initiatesso?providerid=http://sso.oracle2.com:8010/oam/fed&returnurl=https://www.oracle3.com/mypage/saml-sso.aspx
3. Login with your Beta credentials – you will see that the fed/sso is redirecting to the oracle2 login page with OAM-2 error instead of redirecting to the landing page.

If you do ONLY Steps 2 and 3 everything works fine. But the initial step of visiting oracle3.com has set up a session for login and that seems to be conflicting with the SAML SSO SESSION.


Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.