Duo Integrated With Oracle Access Manager Two-Factor Authentication (2FA) - Login Fails "An Incorrect Username Or Password Was Specified"
(Doc ID 2686776.1)
Last updated on SEPTEMBER 26, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.190209 and laterInformation in this document applies to any platform.
Oracle is not responsible for instructions/information from 3rd party sites that may be contained in this KM note
Symptoms
After being approved the user from DUO application, is redirected to a login error page indicating "ERROR - An incorrect Username or Password was specified"
- Duo Integrated With Oracle Access Manager as per Duo for Oracle Access Manager
- Two-Factor Authentication (2FA)
- Detached Credential Collector (DCC) - do not see sig_response when it is in DCC mode.
- Note no issue if using Embedded Credential Collector (ECC) - see sig_response received by tunnel's OAM
Expected Flow ...
1. User submits username/pw to OAM.
2. OAM checks primary creds and invokes the Duo plugin
3. The Duo plugin puts the auth on PAUSE and redirects the browser to the duologin.jsp page with a sig_request. This jsp page renders the Duo prompt
4. The Duo prompt page communicates with Duo to perform a 2FA flow. When complete, a sig_response is POSTed back to OAM.
5. The Duo plugin resumes, consumes the sig_response token, and reports success.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |