Oracle Access Manager (OAM) Muilti-Data Center Logout Fails To Clear Sessions In All Data Centers (DC)
(Doc ID 2761855.1)
Last updated on SEPTEMBER 27, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.180717 and laterInformation in this document applies to any platform.
Symptoms
Logout in MDC environment fails to clear session in all DC's - NameNotFoundException: While trying to look up comp/env/wm/MDCTermSessionWM
- OAM 11.1.2.3.x
- WebGate Detached Crednetial Collector (DCC)
- MDC
- In a MDC env, when user logs in , OAM creates a session in both data centers due to authN happening in DC1 and authZ happening in DC2.
- Upon calling logout (/oam/server/logout) the session is cleared ONLY from the DC2 data center but not the DC1 data center.
- When accessing the protected resource a 2nd time (after logout) user is allowed access without having to re-authenticate.
Steps to Reproduce
1. Prepare MDC setup.
2. Setup one WG agent for DCC tunneling for logout URL
3. Access master DC protected resource and in the same browser access clone DC protected resource, check session management,
both master clone DC has session for the user.
4. Now access logout through DCC tunneled logout URL: http://<FQDN>:<PORT>/oam/server/logout
5. The session from other DC will not get removed.
1. Prepare MDC setup.
2. Setup one WG agent for DCC tunneling for logout URL
3. Access master DC protected resource and in the same browser access clone DC protected resource, check session management,
both master clone DC has session for the user.
4. Now access logout through DCC tunneled logout URL: http://<FQDN>:<PORT>/oam/server/logout
5. The session from other DC will not get removed.
- Error from log file
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |