Skip to Main Content
Forums

Security Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

OAM Custom External Login Page - loop and cookie problem

VerdascaDec 30 2016 — edited Jan 4 2017

Hi everyone,

OAM: Version: 11.1.2.3.0

Browser: Firefox

Scenario

-------------------------

I want to use a login page form made by me instead of the oam server and I followed the instructions by this site (http://www.ateam-oracle.com/external-custom-login-forms-with-oracle-access-manager-11g/ ). Basically, I created a new scheme according to the site but with the challenge url of my login page. I created the login page and change the scheme from the authentication policies->protected.. to the new scheme that I have created.

Problem

-------------------------

When I logout on the portal and try to go to the login page, I notice it starts a loop (I can see the link changing to the login page link and the oam authm link) for maybe 5 seconds and then I get this error:

Bad Request

Your browser sent a request that this server could not understand.
Size of a request header field exceeds server limit.

Cookie

I cannot figured it out why this keeps happening. I tried using other login pages code and gives the cookie problem. I tried using another browser (IE) and here the loop does not stop and I don't get the cookie problem. Did I missed anything or need to change other aspects in the OAM? The site that I followed only said to create a scheme, the page and change the scheme. I tried to research the problem but nothing works....

**Here is the scheme example of the site (I change the challenge url for my login page)
**

oam-external-form-authentication-scheme.jpg

Here are some parts of the login page code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>Login - Oracle Access Management 11g</title>

<link rel="stylesheet" href="./Login_files/login_page.css">

<link rel="stylesheet" type="text/css" href="./Login_files/general.css">

<!-- Start Disable frame hijacking Script-->

<script type="text/javascript">

if (self === top) {

   var antiClickjack = document.getElementById("antiClickjack");

   antiClickjack.parentNode.removeChild(antiClickjack);

} else {

    top.location = self.location;

}

</script>

<!-- End Disable frame hijacking Script-->

<style>

body

................

<script language="javascript" type="text/javascript">

<!--

var currentPageLang = 'en';

var userLanguageArray = new Array();

var isError;

// -->

.........................

<script language="javascript" type="text/javascript">

function submitform()

{

 document.loginData.action = "/oam/pages/login.jsp";

 document.loginData.submit();

 document.loginData.action ="/oam/server/auth\_cred\_submit";

}

</script>

................

<body onload="setFocusOnElement('username');javascript:onBodyLoad();">

<div style="position:absolute; visibility:show; left:0px; top:0px;z-index:1">

<img src="./Login_files/login_logo.png">

</div>

<div style="position:relative; visibility:show; left:0px; top:0px;z-index:1">

 \<div id="top">

    \<div id="login-header">

    \</div>

    \<div id="content">

        \<div id="login">

            \<div id="title">  Welcome \</div>

            \<div id="login-form">

                \<form id="loginData" action="[http://vskgroupidmdev01:14100/oam/server/auth\_cred\_submit](http://vskgroupidmdev01:14100/oam/server/auth_cred_submit)" method="post" name="loginData">

                    \<!------------ DO NOT REMOVE ------------->

                    \<!----- loginform renderBrowserView ------>

                    \<!-- Required for SmartView Integration -->

                    \<div class="message-row">

                        \<noscript>&lt;p class="loginFailed"&gt;JavaScript is required. Enable JavaScript to use WebLogic Administration Console.&lt;/p&gt;\</noscript>

                        \<p>Enter your Single Sign-On credentials below\</p>

                    \</div>

                    \<div class="input-row">

                      \<table>

                        \<tbody>\<tr>\<td>

                         \<p> \<label style="margin-top:-14px" for="username">Username:\</label>\</p>

                        \</td>

                        \<td>

                        \<span class="ctrl">

                        \<input type="text" name="username" id="username" class="textinput" data-cip-id="username">

                        \</span>

                        \</td>

                        \</tr>

                        \</tbody>\</table>

                    \</div>

                    \<div class="input-row">

                        \<table>\<tbody>\<tr>

                        \<td>

                      \<p> \<label style="margin-top:-14px" for="password">Password:\</label>\</p>

                        \</td>

                        \<td>

                        \<span class="ctrl">

                        \<input type="password" name="password" id="password" class="textinput" autocomplete="off" data-cip-id="password">

                        \</span>

                        \</td>\</tr>\</tbody>\</table>

                    \</div>

                    \<div class="button-row">

                        \<span class="ctrl">

                            \<input type="submit" value="Login" class="formButton" onclick="this.disabled=true;document.body.style.cursor = &#39;wait&#39;; this.className=&#39;formButton-disabled&#39;;form.submit();return false;">

                        \</span>

                        \<input type="hidden" name="request\_id" value="-3895623097175227712">          

                    \</div>

                    \<img src="./Login\_files/spacer.gif" alt="X" width="5" height="10">

                    \<img src="./Login\_files/spacer.gif" alt="X" width="5" height="10">

                    \<br>

                    \<img src="./Login\_files/spacer.gif" alt="X" width="5" height="10">

                    \<hr>

                     \<input type="hidden" name="displayLangSelection" id="displayLangSelectionId" value="false">

                    \<img src="./Login\_files/world\_36x20.png" alt="map" name="languages1" id="languages1" class="defaultHidden" width="36" align="bottom" height="20" style="visibility: hidden;">

                    \<select name="Languages" class="defaultHidden" id="Languages" onchange="javascript:localeSelect(); " style="visibility: hidden;">

                    \<option value=""> Select Language \</option>

                    \</select>

                    \<br>

                    \<!--\<input type="hidden" name="request\_id" value="${param.request\_id}" id="reqid1"/>-->

                      \<!--\<input type="hidden" name="OAM\_REQ" value="${param.OAM\_REQ}" id="oamreq1"/>-->

                \</form>

            \</div>

        \</div>

    \</div>

\</div>

\</div>      

\<div class="login-footer-version">

  \<div class="info">

   \<p id="copyright">Copyright © 1996,2015, Oracle and/or its affiliates. All rights reserved.\</p>

   \<p id="trademark">Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.\</p>

  \</div>

\</div>

.........

</body></html>
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Feb 1 2017
Added on Dec 30 2016
#identity-management, #identity-manager, #oam
3 comments
1,541 views