Leave a Comment:
9 comments
Hi,
i am doing OAM 11Gr2-EBS 12.1.3 integration, when ever i request EBS URL it goes to accessgate url and when i enter the credentials oam login fails it throws the following error.
the resource null is not protected.
Reply@ praveen,
Is this creating session in OAM ? (Check session management in OAM )
If it is then enable DEBUG in EBSAccessGate and check AccessGate DEBUG logs .
ReplyHi ,
when the user’s session is destroyed in OAM Server due to reasons like timeout how will the application know that it has to destroy the session on its end?
Or if a user logs out from one application, how will the other application know that it has to destroy user’s session on its end?
ReplyHi Atul,
POur Enviroment consist of OID11.1.1.6, OAM 10.1.4.3, OHS 11.1.1.6, EBS 12.1.3.
This is a new installation.
All the steps to configure SSO while integrating EBS and OAM is Done. Ad – OID Synchronisation is working fine. Users in OID have same GUID of respective users in EBS.
When we access EBS SSO URL, EBS Accessgate Page appears, after keying in correct credentials, same page remains. It does not redirect to EBS Home Page.
Please suggest.
@ Deepika T,
Check HTTP Headers to see why user is not redirected to original URL (EBS) after successful authentication.
Use IEHTTPHeader for IE or HTTP Header Plug-In for Firefox
ReplyHi,
We are using OAM 11.1.1.5.0 in our production environment. The front end is hosted on apache server. When a request comes comes to OAM, the 10g webgate/agent intercepts the request and checks if the requested url is protected or not. If yes , oam server will create a session to store the the requested/targeted URL. The request is then sent to OAM server and it then redirects to cred collector. The cred collector post the data to OAM and it validates with OIM/OID and creates ObSSOCookie. A session for the user is created once authentication is validated. Now when the user is logging out, the session should be get invalidated or destroyed which is not happening.
I am new to OAM and would need your help to resolve this issue. I checked the http header trace but didn’t get a clear idea.
Please suggest
test made on my internal lab :
======================
– OAM 11.1.1.5.0
– Webgate 10.1.4.3
– OHS 11.1.1.5.0
– Protected ressource : http://example.Test.fr:5555/protected.html with a standard LDAP scheme
0- Access the protected resource
=> the Login page is displayed
=> credential validated
=> Access to the protected resource
CHECK : ObSSOCookie and OAM_ID are set
TEST 1 : use the logout page : http://example.Test.fr:5555/logout.html
=> logout page is displayed
CHECK : ObSSOCookie and OAM_ID are removed
– Access the protected resource
=> the Login page is displayed
=> credential validated
=> Access to the protected resource
CHECK : ObSSOCookie and OAM_ID are set
TEST 2 : Clear ONLY the OAM_ID THEN use the logout page : http://example.Test.fr:5555/logout.html
=> logout page is displayed
CHECK : ObSSOCookie IS NOT removed
– Access the protected resource
=> Access to the protected resource DIRECTLY : NO Login page
CHECK : ObSSOCookie is set (no change) OAM_ID is not set
On a standard OAM installation, the fact that the OAM_ID is not set in the browser leads to incorrect behaviour during the logout phase with the logout page.
Replytest made on my internal lab :
======================
– OAM 11.1.1.5.0
– Webgate 10.1.4.3
– OHS 11.1.1.5.0
– Protected ressource : http://example.Test.fr:5555/protected.html with a standard LDAP scheme
0- Access the protected resource
=> the Login page is displayed
=> credential validated
=> Access to the protected resource
CHECK : ObSSOCookie and OAM_ID are set
TEST 1 : use the logout page : http://example.Test.fr:5555/logout.html
=> logout page is displayed
CHECK : ObSSOCookie and OAM_ID are removed
– Access the protected resource
=> the Login page is displayed
=> credential validated
=> Access to the protected resource
CHECK : ObSSOCookie and OAM_ID are set
TEST 2 : Clear ONLY the OAM_ID THEN use the logout page : http://example.Test.fr:5555/logout.html
=> logout page is displayed
CHECK : ObSSOCookie IS NOT removed
– Access the protected resource
=> Access to the protected resource DIRECTLY : NO Login page
CHECK : ObSSOCookie is set (no change) OAM_ID is not set
On a standard OAM installation, the fact that the OAM_ID is not set in the browser leads to incorrect behaviour during the logout phase with the logout page
ReplyHi Atul,
Now i meet a issue that after EBS logout, OAM is able to logout.
But after OAM logout, EBS is not logout.
Do you have any idea?
Thanks
Wayne