OAM 10g: Recovery Process After Shared Secret Key Corruption

(Doc ID 557223.1)

Last updated on JUNE 07, 2017

Applies to:

COREid Access - Version 7.0.4.4 to 10.1.4.3.0
Information in this document applies to any platform.
***Checked for relevance on 6-December-2010***


Goal

The Oracle Access Manager (OAM) is part of the Oracle Application Server product suite and consists of the components that specialize in Access and Identity Management.

OAM Access System consists of the following components:

  1. Policy Manager - This act as the Policy Administration Point in the OAM Access System.
  2. Access Server - This acts as the Policy Decision Point in the OAM Access System.
  3. WebGate - This acts as the Policy Enforcement Point in the OAM Access System.
  4. Identity Server - This acts as identity administration point in the OAM identity system.
  5. WebPass- This acts as the information exchanger between web server and OAM identity server.

OAM uses cookies to track user sessions and authorize access to protected resources. Since these cookies contain sensitive information they are encrypted by OAM to prevent tampering. OAM can use the AES, RC6 or RC4 algorithm for encrypting the cookies depending upon the configuration. The encryption algorithm is seeded by using a secret key that is shared by the OAM Identity Server, Access Server and Policy Manager.

This secret key can under some circumstances get corrupted causing an outage of OAM. This document covers the detection and recovery process of Shared Secret Key if it gets corrupted.

Symptoms

The following symptoms would suggest that the shared secret has been corrupted:

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms