Unable To Post Data To An Application As Coreid Webgate Is Consuming The Data
(Doc ID 737343.1)
Last updated on MARCH 25, 2019
Applies to:COREid Access - Version 10.1.4.0.1 to 10.1.4.2 [Release 10g]
COREid Access - Version: 10.1.4.0.1 to 10.1.4.2
You may face an issue when posting data on Apache 2 Web server with 7.0.4 Webgate. You may be not able to post data to an application as Webgate consumes the data
Assume you have below environment.
-- 7.0.4 Webgate for Apache2 Web server on Linux OS
-- Assume you have configured a Policy Domain to protect "sr_test.jsp" with None Authentication for test_guest user and Policy inside the Policy Domain to protect sr_test.jsp?SSOLOGIN=true with Form Authentication with 'Query String Variables'.
-- Assume you have set headervar value for "SSOOblixUser" to test_guest for None Authentication Scheme and headervar value for "SSOOblixUser" to test_user for Form Authentication Scheme on Authentication Success.
Below mentioned is an example of configuration.
In the Apache file, there is a rewrite to go to tomcat :
Contents of sr_test.jsp
<form action="" method="POST">
<input type="hidden" name="requestparam_1" value="Some Value for PARAM-1" />
<input type="hidden" name="requestparam_2" value="Some Value for PARAM-2" />
<input type="submit" name="submit">
http://<hostname>/testApp/sr_test.jsp display all headers when POST to itself. This page has 2 static hidden variables.
The below mentioned test gives two scenarios where in for first example it is not working as expected and in the second one it is working as expected.
Steps to Reproduce :
1) Browse the URL http://hostname/testApp/sr_test.jsp. If you open this page, and click submit, there is an error. The POST data doesn't reach Tomcat. When using None Authentication, Policy Domain is configured to set "" to test_guest".
2) Browse URL http://hostname/testApp/sr_test.jsp?SSOLOGIN=true is protected with a Form login in Policies of a Policy Domain. If you go to this page and click submit, the data comes right back. When using Form Authentication, Policy Domain is configured to set "SSOOblixUser" to "test_user".
This issue is only observed with Apache2 and 2.2. This issue is not observed on Apache 1.3.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document