Last updated on MARCH 08, 2017
Applies to:COREid Access - Version: 10.1.4 to 10.1.4 - Release: 10g to 10g
Information in this document applies to any platform.
Checked for relevance on 12-Apr-2010
With the 10.1.4 webgates the obssocookie cookie is set to loggedoutcontinue for both timeout and step-up scenarios. While this is acceptable for an expiry condition, it is unacceptable for a step-up scenario as the user is experience is poor and deemed unacceptable.
- Request resource at protected at level 10 (password)
- When presented with login form, enter username and password
- Now request resource protected at level 20
- Login form is presented
- User chooses not to authenticate (maybe they don't have), and hits back button in browser
- User will now be asked to log on again (with username/password)
- If page above is cached then they won't be challenged to authenticate now but when they request a non-cached page they will be prompted to authenticate again
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms