Identity Manager


OIF/OAM Logout issue using OAM logout


We have OIF (11.1.1.6.0) acting as IDP and OAM (11.1.2.1.0) as the authentication engine. We have an Federated application using SAML 2.0 and has issue with logging out. The application does not support SAML logout out hence it uses OAM logout URL "/oam/server/logout?end_url=" as mentioned in Doc ID 2064734.1. The issue that we see is when the application sends a post request to the OAM logout URL, OAM responds with a redirect to "/fed/user/authnslooam11g" but instead of using the dns name in the redirect, it is using the internal host name and port number (OIF port 7499). DNS name for OIF and OAM is "devoifserv.xyz.com", port 443 and the internal hostname for OIF and OAM is "fmwdev214.yyy.xyz.com". This ends up with a internal server error 500. If we try to manually substitute the correct DNS name we still get the same internal server error. At this point we only see null pointer exception in the OIF log  files. Any suggestion to what loggers should we set to get more details or how/where is OAM picking up the internal hostname for redirection. Are then any pre-requisites that are needed to use OAM logout instead of SAML logout.  Thank you
The redirect URL is build using the hostname of the load balancer URL configured in either OAM or OIF. You can overwrite it by specifying the absolute URL instead of the default relative URL if you don't want to change the OAM load balancer URL.
Hello, we get correct redirection during login but only during logout OAM redirects to OIF internal host name and port. e.g. to initiate logout the users will post to this urlhttps://devoifserv.xyz.com/oam/server/logout?end_url=https://ssotest.fedapp.com/homewhich responds with a 302 redirect tohttp://fmwdev214.yyy.xyz.com:7499/fed/user/authnslooam11g?doneURL=https%3A%2F%2Fssotest.fedapp.com%2Fhomeinstead ofhttps://devoifserv.xyz.com/fed/user/authnslooam11g?doneURL=https%3A%2F%2Fssotest.fedapp.com%2FhomeThank you
You need to reconfigure OIF so it knows which URL to use. Locate the Oracle Identity Federation instance in Fusion Middleware Control, and navigate to Administration, then Server Properties, then Connection Settings. Update the server and port there.Also, double check your SP.xml and see if the internal URL is set in there. If it is, then you need to re-export the xml and reimport into OAM.

Related Links

Error Starting OIM
Provisioning into OID cn=Users container
Problem in prepopulate adapter
OHS 10.1.3.1- Failed To start After Webpass 10.1.4.0.1
Prepopulate start date field in the user creation page from system date
OIM DB Row LOCK Exception on Quartz tables
Unable to login in Entitlements Admin Application using admin/password
Challenge and response attributes
OID connector maps User ID to uppercase
How to catch rollback in Disable user process task in Xellerat User Process
Configuring Oracle Schema In Sun Directory Server 6.0 - Manually
Oracle Access Manager - WebPass 10.1.4.0.1
OVD - Admin Gateway URL
OIM DB Connectors
Attestation
ERROR IN PROVISIONING USER TO HOMEDRIVE USING THE WINNDOWS 2000 CONNECTOR

Categories

ORACLE DEV
Fusion Middleware
Designer Headstart
Heterogeneous Connecti...
User Groups
XQuery
SyncML
SOA & Process Manageme...
.NET Stored Procedures
E-Business Suite (Korean)
Product Hub
Sales
Hyperion BI & Applicat...
Business Intelligence ...
General EBS Discussion
Process and Integration
WebLogic Portal
Transaction Processing
Packaged Applications
Data Service Integrator
WebLogic Server/Java E...
weblogic.developer.int...
Ensemble
SQL Developer Data Mod...
Industries
Archived Discussion Fo...
SOA Suite 11gR1 Early ...
Develop Tools (Chinese)
WebLogic Server - Diag...
LCM: Oracle Applicatio...
Beehive Online
Tutor
Designer (Korean)
Oracle Solaris
Java EE (Java Enterpri...
Java Web Start & JNLP
Networking
Solaris Zones
Java ME SDK
Accessibility
Java Technology & XML
Server & Storage Syste...
Java EE SDK
Solaris Networking
Java SE Embedded
Database Firewall
Oracle Sales and Marke...
Oracle JRockit (Japanese)
Audit Vault and Databa...
Oracle WebCenter/Oracl...
Webservice(SOA) (Korean)
Oracle Mobile Security...
Engineered Systems
Build
Influence
OpenStack on Oracle Linux
Benelux Eloqua User Group
Austin Eloqua Users
CX Central
B2B Digital Marketing
Eloqua-Netsuite Integr...
SRM/Eloqua users
OTN América Latina Tou...
Business Intelligence ...
Oracle Eloqua Training...
OMC - Industry Solutio...
Digital Learning
JavaOne
Español
Supply Planning
Oracle Cloud Applicati...
Oracle Applications Us...
Oracle Learning Library
SPOUG - Spain Oracle U...
Oracle Database In-Memory
RAC - Real Application...
Sites Cloud Service (SCS)
Home of Oracle Certifi...
JavaScript - Nashorn
Microservices
NightHacking
Java User Groups
Oracle Identity Cloud ...
North Central Oracle A...
DBA Gruppe
Resources
Oracle Insurance Polic...
Java Puzzle Ball
Modern Marketing Eloqu...
Find PLM Apps
Web Cache and Edge Sid...
Discoverer
Sales and Marketing
Sensor-Based Services ...
产品
weblogic.community.gen...
weblogic.developer.int...
tuxedo.general
Identity Services
PLM Community
Transportation Management

Resources

Encrypt Message



code
soft
python
ios
c
html
jquery
cloud
mobile