My Oracle Support Banner

Agile SAML2.0 SSO Implementation - Agile Web Client Session Timeouts And Is Looping Back And Forth Between (Agile URL) & (Single Signon URL - SAML Identity Provider) (Doc ID 2647230.1)

Last updated on MARCH 09, 2020

Applies to:

Oracle Agile Product Collaboration - Version 9.3.6.0 and later
Information in this document applies to any platform.

Symptoms

On : 9.3.6.0 version, Administration/Configuration

Agile SAML2.0 SSO Implementation

When Agile Web Client session timeouts and user refreshes browser to re-authenticate the session the browser is redirected back and forth between the

(Agile URL) xxxxx.com/Agile/PCMServlet & (single signon URL - SAML Identity provider) sso.xxxxxx.com/ofis/Default.aspx?SAMLRequest=xxxxxxxxxxxxxxx

The issue can be reproduced at will with the following steps:

1. Applied Oracle Agile PLM 9.3.6 RUP 12 (9.3.6.12) - Patch 30631158
2. Set the TIMEOUT Session 5mins within Agile Java Client as Admin user
3. Using Chrome Browser:  https://xxxxxxx.com/Agile/PLMServlet
4. Login as user xxxxx
5. Redirected to our SAML Identity provider & Authenticated in to Agile
6. Open a separate new Chrome browser window & leave the Agile login session to running
7. On the new Chrome browser, installed a new Chrome Extension (EditThisCookie)
8. The window shows what is set in realtime:
https://xxxxxxx.com/Agile/PLMServlet
> xxxxxx.com | j_password
> xxxxxx.com | j_username
> xxxxxx.com | _WL_AUTHCOOKIE_JSESSIONID
> xxxxxx.com | BIGipServerCS-AGILE-SB_POOL  --> they have loadbalance
> xxxxxx.com | JSESSIONID  ---> Customer investigated this JSESSIONID  cookie is set against the Path /Agile  is being set by the Agile Application
> xxxxxx.com | JSESSIONID
> xxxxxx.com | WORKFLOW_ROUTING_DATE_FILTER

9. Go Back to the Agile Application window; See the message:  Session Timed Out  Ok button; Click Ok button

The browser is redirected back and forth between the:

(Agile URL) xxxxx.com/Agile/PCMServlet &

(single signon URL - SAML Identity provider) sso.xxxxxx.com/ofis/Default.aspx?SAMLRequest=xxxxxxxxxxxxxxx,  looping back and forth and never resolves


10. Go back to the other browser where the Chrome Extentions is running - (EditThisCookie)
> xxxxxx.com | JSESSIONID  ---> DELETED the Path /Agile --->  This will stop the looping and allow to login.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.