{"id":1944,"date":"2010-07-14T13:34:28","date_gmt":"2010-07-14T17:34:28","guid":{"rendered":"http:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/"},"modified":"2010-07-14T13:34:28","modified_gmt":"2010-07-14T17:34:28","slug":"authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager","status":"publish","type":"post","link":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/","title":{"rendered":"Authentication Actions not triggered for Form based authentication: Oracle Access Manager"},"content":{"rendered":"<p>I have observed a problem while using Form Based authentication for a resource protected by Oracle Access Manager. We have set Actions in Authentication Rule in the Policy Domain which are found to be not set in http headers. In addition, the authentication actions are getting executed if we use Basic Over LDAP instead of Form based scheme. However, it works fine if we define the actions in Authorization Rules. Hence it is always recommended to define actions to be executed in Authorization Rules.<\/p>\n<p>After the OAM authenticates the user and before the user is served the requested resource, OAM executes the Authentication Actions that are defined.\u00a0 In case of Form based authentication, users\u00a0are\u00a0redirected to a form  when they request a protected resource. Now, when\u00a0users authenticate and  redirect to the requested resource, the ObSSOCookie will have already  been set. The presence of the ObSSOCookie usually indicates that  authentication actions have already been performed and should be  bypassed.<\/p>\n<p>The workaround for this is to include a key called ObTriggerAuthentication (OTA) in both Form based authentication scheme and Policy Domain.<\/p>\n<p>In the Form based authentication scheme, add a new challenge parameter as shown below.<\/p>\n<p>OTA:true<\/p>\n<p>In the Policy domain, goto the Authentication Actions, add a new field as shown below.<\/p>\n<p>The type is cookie.<\/p>\n<p>The Name is NoExecuteOTA.<\/p>\n<p>The Return Value is true.<\/p>\n<p>The way it works is as shown below:<\/p>\n<p>The NoExecuteOTA cookie set to true along with OTA set to true in a  policy domain means that the authentication actions will not be  performed for the resource protected by the policy domain.<\/p>\n<p>The NoExecuteOTA cookie set to false along with OTA key set to true  means that the authentication actions will be performed for the resource  and the OBSSOCookie will be reset.<\/p>\n<p>By default NoExecuteOTA is set to false.<\/p>\n<p><u><strong>Useful Docs:<\/strong><\/u><\/p>\n<p><font face=\"helvetica\">Metalink Note: 472353.1<\/font><\/p>\n<p><a href=\"http:\/\/download.oracle.com\/docs\/cd\/B28196_01\/idmanage.1014\/b25990\/v2authen.htm#CACCJDHC\">Oracle Documentation<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>I have observed a problem while using Form Based authentication for a resource protected by Oracle Access Manager. We have [&hellip;]<\/p>\n","protected":false},"author":115,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1],"tags":[29],"class_list":["post-1944","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-oam"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Authentication Actions not triggered for Form based authentication: Oracle Access Manager -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Authentication Actions not triggered for Form based authentication: Oracle Access Manager -\" \/>\n<meta property=\"og:description\" content=\"I have observed a problem while using Form Based authentication for a resource protected by Oracle Access Manager. We have [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/\" \/>\n<meta property=\"article:published_time\" content=\"2010-07-14T17:34:28+00:00\" \/>\n<meta name=\"author\" content=\"Masroof Ahmad\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Masroof Ahmad\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/\",\"url\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/\",\"name\":\"Authentication Actions not triggered for Form based authentication: Oracle Access Manager -\",\"isPartOf\":{\"@id\":\"https:\/\/onlineappsdba.com\/#website\"},\"datePublished\":\"2010-07-14T17:34:28+00:00\",\"author\":{\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\"},\"breadcrumb\":{\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/onlineappsdba.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Authentication Actions not triggered for Form based authentication: Oracle Access Manager\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/onlineappsdba.com\/#website\",\"url\":\"https:\/\/onlineappsdba.com\/\",\"name\":\"\",\"description\":\"Oracle Implementation &amp; Training Experts\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/onlineappsdba.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\",\"name\":\"Masroof Ahmad\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"caption\":\"Masroof Ahmad\"},\"url\":\"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Authentication Actions not triggered for Form based authentication: Oracle Access Manager -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/","og_locale":"en_US","og_type":"article","og_title":"Authentication Actions not triggered for Form based authentication: Oracle Access Manager -","og_description":"I have observed a problem while using Form Based authentication for a resource protected by Oracle Access Manager. We have [&hellip;]","og_url":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/","article_published_time":"2010-07-14T17:34:28+00:00","author":"Masroof Ahmad","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Masroof Ahmad","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/","url":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/","name":"Authentication Actions not triggered for Form based authentication: Oracle Access Manager -","isPartOf":{"@id":"https:\/\/onlineappsdba.com\/#website"},"datePublished":"2010-07-14T17:34:28+00:00","author":{"@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb"},"breadcrumb":{"@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/onlineappsdba.com\/index.php\/2010\/07\/14\/authentication-actions-not-triggered-for-form-based-authentication-oracle-access-manager\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/onlineappsdba.com\/"},{"@type":"ListItem","position":2,"name":"Authentication Actions not triggered for Form based authentication: Oracle Access Manager"}]},{"@type":"WebSite","@id":"https:\/\/onlineappsdba.com\/#website","url":"https:\/\/onlineappsdba.com\/","name":"","description":"Oracle Implementation &amp; Training Experts","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/onlineappsdba.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb","name":"Masroof Ahmad","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","caption":"Masroof Ahmad"},"url":"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/"}]}},"_links":{"self":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/1944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/users\/115"}],"replies":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/comments?post=1944"}],"version-history":[{"count":0,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/1944\/revisions"}],"wp:attachment":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/media?parent=1944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/categories?post=1944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/tags?post=1944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}