Readers,
Just another post on OAM 11g issue that I have recently seen. OAM version could be 11g R1 or later. It is common practice for OAM to pass headers to downstream applications for userid or any other user/session attributes for SSO to work.
Recently while working on EBS 12.2 and OAM PS3 SSO integration, I have tested OOTB OHS cgi script printenv for printing headers just to ensure that userid, guid are passed along. I found that OAM headers set in Authorization Response are not passed and therefore not printed on printenv script output.
I later came to know that it is OAM-OIM integrated environment thus SSOOnlyMode flag is set to true in oam-config.xml which will disable authorization module execution. Here is the simple fix.
- Shutdown all OAM weblogic servers including Admin server.
- Backup oam-config.xml
- Edit oam-config.xml for SSOOnlyMode to set to false and increment Version. Save the changes.
- Start the weblogic servers.
That’s it for today !
Comments are closed.