My Oracle Support Banner

OAM - After Authentication, is looping on Authorization (Doc ID 2851327.1)

Last updated on FEBRUARY 28, 2022

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


After Authentication, when is redirecting back to WebGate (obrar.cgi) and the OAMAuthnCookie is set, the redirect to Resource is generating a new trip to OAM Server (obrareq.cgi) and so on ...... it will continue in loop.

In this case the Resource was EBS, but the case could happen with any Resource.

Issue could happen in both 12c and 11g OAM versions.


- access Protected Resource
- authenticate
- is redirecting back to WebGate (obrar.cgi) - the OAMAuthnCookie is set
- the redirect to Protected Resource, instead of serving the Resource page, is generating a new trip to OAM Server (obrareq.cgi) ...... and here start the loop (it will redirect back and forth between WebGate and OAM Server)


This is visible in HTTP Header Trace:

GET https://<webgate_host:port>/accessgate/dossologin HTTP/1.1

Cookie: EBSAuthCookie=......

HTTP/1.1 302 Found
Connection: Keep-Alive
Date: ........
Keep-Alive: timeout=15
Location: https://<OAM_Server_port:host>/oam/server/obrareq.cgi?encquery%3D5NuWiXbVNwlQqhfSWZMTgb51Yiti%2F99Fi8..........

      ------------> even OAMAuthnCookie is present, is redirecting back to "obrareq"



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.