OIF Resources That are Protected by Webgate Do Not Properly Handle Encoding for URL Parameters
(Doc ID 453378.1)
Last updated on MARCH 08, 2017
Applies to:COREid Federation - Version: 7.0.4 to 10.1.4.0.1 - Release: to 10g
Information in this document applies to any platform.
***Checked for relevance on 31-May-2010***
This document solves the problem where "OIF (with webgate) is not doing encoding for URL parameters". It also provides the steps on "How to integrate OIF with webgate."
OIF is not doing URL-encoding for attributes sent in URL's, so "/" and other forbidden characters are put into query string instead of "%2B" etc.
In customer's environment /fed/idp/samlv20 path is protected by WebGate. This URL should NOT be protected by WebGate. This URL location is used for several profiles, including the logout profile. So forcing the user to be authenticated when accessing the URL will cause issues when exercising some federation flows, especially when performing a logout operation.
Customer has configured this wrongly. See the action plan mentioned below for correct configuration.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|