Error Statement:
If the authentication scheme is configured to set "Secure" OAMAuthnCookie/ObSSOCookie and the user is accessing an insecure resource, the browser may enter an authentication browser loop. Show an error i.e.:"The authentication scheme protecting the resource sets 'Secure' OAMAuthnCookie/ObSSOCookie, but the resource is not being accessed via secure http."
Workaround:
In authentication scheme, remove the following parameter & save the changes;| Syntax for 11g Webgate and OAMAuthnCookie | Syntax for 10g Webgate and ObSSOCookie |
|---|
ssoCookie=Secure | ssoCookie:Secure |
Make sure changes are applied properly, as in the policy sync-up at OAM server happens successfully.
You may restart the server instance (ohs/apache/iis etc) or you can wait for webgate cache clean. Try accessing the protected resource once again, you should be prompted for login.
Resolution:
Recheck you SSL settings at WebServer end.
References:
Enjoy :-)
