Oracle Access Manager (OAM) Idle Session Times Out Results In A HTTP-502 Error
(Doc ID 2810341.1)
Last updated on MARCH 15, 2023
Applies to:
Oracle Access Manager - Version 12.2.1.3.210701 and laterInformation in this document applies to any platform.
Symptoms
502 Error after OAM idle session times out with integration of EBS and using Federation
When a user idle session times out ...
- For non <GROUP1> users when the session times out then they are returned to oam login page
- But for <GROUP1> users when the session expires they get a HTTP-502 error
- The expected flow for the <GROUP1> users is when the session expires and they clicks on a url, then the system should automatically re-authenticate the user and the user should stay on the same screen instead of seeing a 502 error
- OAM 12.2.1.3.210701 as a Service Provider
- ADFS as an Identity Provider
- Protect resources - Oracle EBS and APEX applications.
Background
- To integrate OAM with Active Directory for specific set of users <GROUP1>, where these user will be authenticated from AD, created a new identity provider in OAM console
- Then created pre-authentication rule for protected resources and used location.isIPinRange predicate to identify the ip range for this particular group of users. Any users coming from this range are directed to the <GROUP1> scheme which then sends the SAML request to AD for authentication, using user's email address as unique identifier
- This is working fine and users are able to login to EBS and Apex applications without going through the OAM standard login screen
- All other clients still go through the normal username/password authentication process and see the OAM standard login screen
- The issue only occurs for the users in <GROUP1> flow, when a session expires
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |