{"id":1942,"date":"2010-07-14T11:20:51","date_gmt":"2010-07-14T15:20:51","guid":{"rendered":"http:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/"},"modified":"2010-07-15T08:36:48","modified_gmt":"2010-07-15T12:36:48","slug":"header-variables-not-set-in-ie-browser-oracle-access-manager","status":"publish","type":"post","link":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/","title":{"rendered":"Header variables not set in IE browser: Oracle Access Manager"},"content":{"rendered":"<p>Hi all,<\/p>\n<p>This post will cover an important caveat of Oracle Access Manager with Form Based authentication when there are multiple web servers in your architecture resulting into multiple redirections.<\/p>\n<p>Lets say the architecture has components WebServer1, WebServer2, WebServer3 and Oracle Access Manager.<\/p>\n<p>Lets assume WebServer1 is used as reverse proxy server, WebServer2 is where a web application is deployed and WebServer3 is where the form login page is residing.<\/p>\n<p>Ideally in a real time project, we would place form login page in a centralized location. (Please write your queries in comments if you want to know why this?)<\/p>\n<p>Here, the OAM WebGates will be installed on WebServer1(Reverse Proxy server) and WebServer3 (Form login page resides here). (Also, the form action will be protected by Anonymous Authentication Scheme) . Lets assume, the application deployed in WebServer2 is protected in OAM by a policy domain with resource host identifier as Reverse Proxy WebServer1 (not WebServer2 ****** This is important to remember).<\/p>\n<p>Generally, you will add Header variables to return to the protected application in Authorization &amp; Authentication Actions.\u00a0 (I will cover the caveats with Authentication Actions in a separate post). This means, the authorization actions gets executed after the Authorization is performed by OAM.<\/p>\n<p>In this case, when the user access the protected application through Proxy server WebServer1,\u00a0 the webgate intercepts and redirects to WebServer3 displaying the form login page. User enters the credentials and lets assume OAM authenticates it and authorization actions are executed. Now the WebGate on WebServer3 will redirect to the WebServer1 with the cookie created and header variables set.<\/p>\n<p>The WebServer1 will inturn redirect it to the WebServer2 where the actual resource is located.<\/p>\n<p>Hence, you can observe multiple re-directions happening and there is a possibility of headers being lost when it finally reaches the protected application.<\/p>\n<p><strong>Workaround:\u00a0<\/strong><\/p>\n<p>This is just a temporary workaround to overcome this issue.<\/p>\n<p>In general you would have passed the header variable as shown below.<\/p>\n<p><u>HeaderType \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 HeaderName \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0  HeaderAttribute <\/u><br \/>\nHeaderVar\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 HTTP_REMOTE_UID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 uid<br \/>\nYou will need to define a Cookie instead of HeaderVar in Authorization Actions as shown below.<\/p>\n<p><u>HeaderType \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 HeaderName \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 HeaderAttribute <\/u><\/p>\n<p>Cookie\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 HTTP_REMOTE_UID\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 uid<\/p>\n<p>You can observe the uid value as a <strong>cookie <\/strong>instead of header variable and this will be persistent in session regardless of multiple re-directions.<br \/>\nYou will also need to modify your protected application to fetch the UID from a cookie instead of header variable.<\/p>\n<p>Please check the <a href=\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/fetch-userid-from-custom-cookie-from-http-session-oracle-access-manager\/\">post <\/a>for the code you need to embed in protected application to fetch cookie and security loopholes of this approach.<\/p>\n<p><u><strong>Helpful Docs:<\/strong><\/u><\/p>\n<p>Metalink Note: 403280.1<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hi all, This post will cover an important caveat of Oracle Access Manager with Form Based authentication when there are [&hellip;]<\/p>\n","protected":false},"author":115,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[42],"tags":[29],"class_list":["post-1942","post","type-post","status-publish","format-standard","hentry","category-troubleshooting","tag-oam"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Header variables not set in IE browser: Oracle Access Manager -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Header variables not set in IE browser: Oracle Access Manager -\" \/>\n<meta property=\"og:description\" content=\"Hi all, This post will cover an important caveat of Oracle Access Manager with Form Based authentication when there are [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/\" \/>\n<meta property=\"article:published_time\" content=\"2010-07-14T15:20:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2010-07-15T12:36:48+00:00\" \/>\n<meta name=\"author\" content=\"Masroof Ahmad\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Masroof Ahmad\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/\",\"url\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/\",\"name\":\"Header variables not set in IE browser: Oracle Access Manager -\",\"isPartOf\":{\"@id\":\"https:\/\/onlineappsdba.com\/#website\"},\"datePublished\":\"2010-07-14T15:20:51+00:00\",\"dateModified\":\"2010-07-15T12:36:48+00:00\",\"author\":{\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\"},\"breadcrumb\":{\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/onlineappsdba.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Header variables not set in IE browser: Oracle Access Manager\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/onlineappsdba.com\/#website\",\"url\":\"https:\/\/onlineappsdba.com\/\",\"name\":\"\",\"description\":\"Oracle Implementation &amp; Training Experts\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/onlineappsdba.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\",\"name\":\"Masroof Ahmad\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"caption\":\"Masroof Ahmad\"},\"url\":\"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Header variables not set in IE browser: Oracle Access Manager -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/","og_locale":"en_US","og_type":"article","og_title":"Header variables not set in IE browser: Oracle Access Manager -","og_description":"Hi all, This post will cover an important caveat of Oracle Access Manager with Form Based authentication when there are [&hellip;]","og_url":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/","article_published_time":"2010-07-14T15:20:51+00:00","article_modified_time":"2010-07-15T12:36:48+00:00","author":"Masroof Ahmad","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Masroof Ahmad","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/","url":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/","name":"Header variables not set in IE browser: Oracle Access Manager -","isPartOf":{"@id":"https:\/\/onlineappsdba.com\/#website"},"datePublished":"2010-07-14T15:20:51+00:00","dateModified":"2010-07-15T12:36:48+00:00","author":{"@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb"},"breadcrumb":{"@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/header-variables-not-set-in-ie-browser-oracle-access-manager\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/onlineappsdba.com\/"},{"@type":"ListItem","position":2,"name":"Header variables not set in IE browser: Oracle Access Manager"}]},{"@type":"WebSite","@id":"https:\/\/onlineappsdba.com\/#website","url":"https:\/\/onlineappsdba.com\/","name":"","description":"Oracle Implementation &amp; Training Experts","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/onlineappsdba.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb","name":"Masroof Ahmad","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","caption":"Masroof Ahmad"},"url":"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/"}]}},"_links":{"self":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/1942","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/users\/115"}],"replies":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/comments?post=1942"}],"version-history":[{"count":0,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/1942\/revisions"}],"wp:attachment":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/media?parent=1942"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/categories?post=1942"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/tags?post=1942"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}