Readers,
Just another post on OAM 11g issue that I have recently seen. OAM version could be 11g R1 or later. It is common practice for OAM to pass headers to downstream applications for userid or any other user/session attributes for SSO to work.
Recently while working on EBS 12.2 and OAM PS3 SSO integration, I have tested OOTB OHS cgi script printenv for printing headers just to ensure that userid, guid are passed along. I found that OAM headers set in Authorization Response are not passed and therefore not printed on printenv script output.
I later came to know that it is OAM-OIM integrated environment thus SSOOnlyMode flag is set to true in oam-config.xml which will disable authorization module execution. Here is the simple fix.
- Shutdown all OAM weblogic servers including Admin server.
- Backup oam-config.xml
- Edit oam-config.xml for SSOOnlyMode to set to false and increment Version. Save the changes.
- Start the weblogic servers.
That’s it for today !
About the Author Mahendra
I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc.,
Look @ my blog: http://talkidentity.blogspot.com