Portal Logins Through Login Portlet End Up in Loop When Global Inactivity Timeout (GITO) is Enabled

(Doc ID 758901.1)

Last updated on NOVEMBER 08, 2016

Applies to:

Portal - Version 10.1.2.2 and later
Information in this document applies to any platform.
Checked for relevance on 25-Sep-2013

Symptoms

Authentication requests which are triggered by the expiration of the Global Inactivity Timeout, may result in a loop when a customized Portal page with Login Portlet is used for authentication. An example of such a page is shown below :


The error message may vary and depends on which internet browser is used :

Safari will display an error page with the following message :
Safari can't open the page.
Too many redirects occurred trying to open
"http://ptl.portalgroup.org:7778/portal/pls/portal/PORTAL.wwsec_app_user_mgr.edit_account_information?
p_back=http%3A%2F%2Fptl.portalgroup.org%3A7778%2Fportal%2Fpage%2Fportal%2Flogin". This might occur if you open a page that is
redirected to open another page which is then redirected to open the original page.

Mozilla Firefox will display an error page with the following message :
The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this
address in a way that will never complete.
This problem can sometimes be caused by disabling or refusing to accept cookies

Internet Explorer will display an error page with the following message :
The page cannot be displayed
The page you are looking for is currently unavailable. The Web
site might be experiencing technical difficulties, or you may need
to adjust your browser settings.

Reproducibility :

  1. Create a Portal page and add the login portlet in a portlet region.
  2. Edit the Access Properties in the Access Tab of the Page Properties. Check the box 'Display Page To Public Users'.
  3. Configure the SSO server to use the Portal page with Login portlet as default Login Page for authentication requests:
    1. Set the environment variables to point to the Single Sign-On Server ORACLE_HOME.
    2. Open the file <ORACLE_HOME>/sso/conf/policies.properties.
    3. Change the parameter loginPageUrl to point to the URL of the Portal Login Page:
      #Deployment login page link
      # loginPageUrl = /sso/jsp/login.jsp
      loginPageUrl = http://ptl.portalgroup.org:7778/portal/page/portal/login
    4. Restart OC4J_SECURITY and the Oracle HTTP Server on the Single Sign-On Server:
      [oracle@ptl conf]$ opmnctl restartproc process-type=OC4J_SECURITY
      opmnctl: restarting opmn managed processes...
      [oracle@ptl conf]$ opmnctl restartproc process-type=HTTP_Server
      opmnctl: restarting opmn managed processes...
  4. Enable the Global Inactivity Timeout (GITO):

    1. Set the environment variables to point to the Single Sign-On Server ORACLE_HOME
    2. Start SQL*PLUS and connect to the Single Sign-On Metadata Repository database as ORASSO database user
    3. Run <ORACLE_HOME>/sso/admin/plsql/sso/ssogito.sql to activate the Global Inactivity Timeout :
      SQL> @ssogito.sql
      =============================================
      SSO Server Inactivity Timeout Configuration
      =============================================
      Timeout      : ENABLED
      Cookie name     : OSSO_USER_CTX
      Cookie domain     : .portalgroup.org
      Inactivity period: 2 minutes
      Encryption key     : 06FEAC70D949E1FF
      -------------------------------------------
      To disable timeout set inactivity period
      to 0, (zero)
      Press return key twice if you do not want
      to change timeout configuration.

      PL/SQL procedure successfully completed.

      Enter value for timeout_cookie_domain: .portalgroup.org
      Enter value for inactivity_period: 30
      Timeout          : ENABLED
      New timeout cookie domain: .portalgroup.org
      New inactivity period     : 30 minutes

      PL/SQL procedure successfully completed.

      No errors.
    4. Restart OC4J_SECURITY and the Oracle HTTP Server on the Single Sign-On Server :
      [oracle@ptl conf]$ opmnctl restartproc process-type=OC4J_SECURITY
      opmnctl: restarting opmn managed processes...
      [oracle@ptl conf]$ opmnctl restartproc process-type=HTTP_Server
      opmnctl: restarting opmn managed processes...
  5. Open an Internet browser and login to Oracle Portal. The error will reproduce if Portal activity is continued after a period of inactivity larger than the configure Global Inactivity Timeout.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms