Oracle Access Manager (OAM) Persistent Login Is Not Terminated On Password Change Events
(Doc ID 2666710.1)
Last updated on MAY 11, 2020
Applies to:Oracle Access Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
- Oracle Access Manager (OAM)
- Persistent Login Is Not Terminated On Password Change Events
- Persistent Login was configured as described in 2.9.3 Understanding Persistent Login of Fusion Middleware Administrator's Guide for Oracle Access Management
- OAM_RM token does not invalidate as expected when:
- Password reset by administrator
- Password changed by the user on a different device
- User deleted or locked by the administrator
- After one or more of the above action, users are still able to access to resource without a need to re-authenticate.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document