My Oracle Support Banner

SAML SSO Authentication Succeeds but Authorization of User Fails (Doc ID 2829182.1)

Last updated on DECEMBER 23, 2021

Applies to:

Oracle WebLogic Server - Version 12.2.1.4.0 and later
Information in this document applies to any platform.

Symptoms

The goal is to configure the application to authenticate on Oracle Access Manager (OAM) over Federation services (SAML) rather than connecting OAM directly to WLS as a security provider. SAML configuration in WebLogic Server was successful, and the application cookie name was updated to match Federation requirements. When a user logs in via the Federation, authentication succeeds and the user is redirected to the application pages but they see an error page: "401 Unauthorized." The log shows the following error:

The user in question is given the required role in OAM (the system-jazn-data.xml and jazn_data.xml files), so the user should be able to access the application.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.