The HTTP header REMOTE_USER was sent twice (Doc ID 2734000.1)

Last updated on FEBRUARY 10, 2023

Applies to:

Oracle Application Express (APEX) - Version 19.2 and later
Oracle REST Data Services - Version 3.0 and later
Oracle Database Cloud Service - Version N/A and later
Information in this document applies to any platform.

Symptoms

When using Kerberos Authentication and SiteMinder, the following error occurs:

The HTTP header REMOTE_USER was sent twice, this could be an attack. •1st value: "<USERNAME>" •2nd value: "apex"

Changes

Upgrade APEX application from APEX 5 to APEX 19.2.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

The HTTP header REMOTE_USER was sent twice (Doc ID 2734000.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!