Oracle Access Server (OAM) WNA Authentication Fails When An OCI LBaaS Load Balancer Is In The Network Path Between The Browser And The OAM Servers
(Doc ID 2689760.1)
Last updated on SEPTEMBER 19, 2023
Applies to:
Oracle Access Manager - Version 12.2.1.3.191201.0123.S and laterInformation in this document applies to any platform.
Symptoms
Oracle Access Server (OAM) WNA Authentication Fails When An OCI LBaaS Load Balancer Is In The Network Path Between The Browser And The OAM Servers
- OAM 12c (12.2.1.3.191201), OHS, OUD all configured in High Availability mode
- A cluster of 2 OAM Managed Servers
- An OCI LBaaS load Balancer in front of 2 OHS Servers with WebGate each
- WNA authentication fails when the LBaaS load balancer is in place. The browser sends an NTLM token instead of a Kerberos Token
- WNA fails when tested with IE 11, Firefox and Chrome
- In case of IE 11, WNA works only if the Fiddler Trace utility is up and running
- With Firefox and Chrome browsers, WNA fails, whether Fiddler is running or not
- If the LBaaS load balancer is removed and new keytab is generated, WNA works fine
Changes
An OCI LBaaS load Balancer placed in front the 2 OHS Servers with WebGate
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |