SAML SSO Authentication Succeeds but Authorization of User Fails
(Doc ID 2829182.1)
Last updated on DECEMBER 23, 2022
Applies to:Oracle WebLogic Server - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
The goal is to configure the application to authenticate on Oracle Access Manager (OAM) over Federation services (SAML) rather than connecting OAM directly to WLS as a security provider. SAML configuration in WebLogic Server was successful, and the application cookie name was updated to match Federation requirements. When a user logs in via the Federation, authentication succeeds and the user is redirected to the application pages but they see an error page: "401 Unauthorized." The log shows the following error:
The user in question is given the required role in OAM (the system-jazn-data.xml and jazn_data.xml files), so the user should be able to access the application.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document