OAM 10.1.4.2 Webgate: Blank Page After Anonymous Session Timeout and WebServer Segmentation Fault (Doc ID 604808.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Access - Version: 10.1.4.2 and later   [Release: 10g and later ]
Information in this document applies to any platform.
Checked for relevance on 06-MAY-2011

Symptoms

Access to Oracle Access Manager (OAM) protected resource after anonymous OAM session timeout fails with blank page in browser and the Apache-based webserver process crashes with a SEGV segmentation fault and/or GLIB double free error.

This problem may occur with Apache or Oracle HTTP Server WebGates. It is specific to environments with an authenticating WebGate i.e. with Challenge Redirect configured.                     It may occur in single or multi-domain SSO environments. 

If the authentication Webgate is on Windows platform the exception is handled/caught as an Unknown Exception.

Steps to reproduce:

Either:

1. Access site homepage protected with OAM anonymous authentication scheme.
2. Access form-protected resource: redirect to OAM login page.
3. Leave browser idle for longer than OAM user or idle session timeout.
4. Access another OAM-protected resource link: blank page displayed.

Or:

1. Access site homepage.
2. Access form-protected resource: redirect to OAM login page.
3. Submit valid credentials: redirect to OAM-protected resource.
4. Click logout link: ObSSOCookie is set to loggedout
5. Access form-protected resource again: blank page displayed

The HTTP Header trace shows that the last request issued is for http://<authenticating_webgate_host>:<port>/obrareq.cgi......

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms