P6 EPPM Web Application Configured for Single Sign-on (SSO) Over SSL Redirects from HTTPS to HTTP Protocol
(Doc ID 2194523.1)
Last updated on FEBRUARY 15, 2023
Applies to:
Primavera P6 Enterprise Project Portfolio Management - Version 7.0 and laterInformation in this document applies to any platform.
Symptoms
ACTUAL BEHAVIOR
After configuring the P6 EPPM web-based applications for Single Sign-On (SSO) with Oracle Access Manager (OAM) and testing a connection to the web application over SSL (mainly around the SSL connection with the SSO redirection), the web application is redirected to the SSO authentication scheme (for example, form-based authentication) by making an https://<SSO host<:<SSL Port>/obrareq.cgi? request; but after the authentication scheme is satisfied (for example, entering username/password for a form-based authentication scheme), redirection to the OAM server by making an /obrar.cgi? request over non SSL occurs (for example, http://<SSO host>:<Port>/obrar.cgi?), causing the SSO authentication process to fail and prevent redirection back to the P6 EPPM web-based application.
EXPECTED BEHAVIOR
The browser should not redirect from HTTPS to HTTP protocol during the SSO authentication process.
The issue can be reproduced at will using the following steps:
- In a web browser, enter a P6 EPPM web URL protected by SSO.
- Redirection to OAM Login page occurs.
- OAM Server authenticates/authorizes the user's request.
- Observe the reported issue.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |