When Switching From Lower Level AuthN Scheme to Higher Level TAPScheme User's Are Not Prompted For Username/Password
(Doc ID 2565982.1)
Last updated on DECEMBER 01, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.0 and laterOracle Adaptive Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.
Symptoms
After properly configuring OAM/OAAM integration user's are prompted for their username, password, and KBA challenge questions upon accessing a resource protected with the OAM TAPScheme authentication scheme. This is working properly and as expected. However, if the user has already authenticated via lower-level authentication scheme and then access the TAPScheme-protected resource that has a higher level authentication level then the user is only prompted for their KBA challenge questions.
For example:
App1 Authn Scheme : LDAPScheme_OUDStore
App1 Authn Level : 2
App1 Resource URL : http://hostname.domain:port/index.html
App2 Authn Scheme : TAPScheme
App2 Authn Level : 4
App2 Resource URL : http://hostname.domain:port/oaamtap.html
When accessing the App1 resource the user is prompted for username and password for OUD and login works as expected. Then in the same browser accessing the App2 resource the user is prompted for only their KBA challenge question and skips the username and password steps.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |