My Oracle Support Banner

When Switching From Lower Level AuthN Scheme to Higher Level TAPScheme User's Are Not Prompted For Username/Password (Doc ID 2565982.1)

Last updated on DECEMBER 01, 2023

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Oracle Adaptive Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

After properly configuring OAM/OAAM integration user's are prompted for their username, password, and KBA challenge questions upon accessing a resource protected with the OAM TAPScheme authentication scheme. This is working properly and as expected. However, if the user has already authenticated via lower-level authentication scheme and then access the TAPScheme-protected resource that has a higher level authentication level then the user is only prompted for their KBA challenge questions.

For example:

App1 Authn Scheme : LDAPScheme_OUDStore
App1 Authn Level : 2
App1 Resource URL : http://hostname.domain:port/index.html

App2 Authn Scheme : TAPScheme
App2 Authn Level : 4
App2 Resource URL : http://hostname.domain:port/oaamtap.html

When accessing the App1 resource the user is prompted for username and password for OUD and login works as expected. Then in the same browser accessing the App2 resource the user is prompted for only their KBA challenge question and skips the username and password steps. 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.