Post Authentication rule to switch to authentication scheme does not work in OAM

Oracle Access Manager – Version 11.1.2.2.5 and later

Reason:
This is due to a known bug in OAM Bug:19777125 POST AUTHENTICATION CONDITIONS IN ADVANCE RULES DOES NOT REDIRECT

Solution:
Apply OAM BP07 or higher where this issue is addressed.

Advertisements

Integrate OAM 11g R2 PS3 and Oracle Mobile Authenticator

Below steps cover integration of OAM with OMA for strong authentication i.e multi factor authentication.

Pre-requisites:
1. Oracle Access Manager 11gR2PS3 installed and configured
2. Oracle HTTP Sever installed and configured
3. OAM WebGate OHS installed and configured

  1. Enable “Mobile and Social Service” & “Adaptive Authentication Service”, login to OAM console –> Configuration –> Available Services
    chrome_2018-01-28_16-00-15
  2. Configure OAuth
    image
    image
    image
    chrome_2018-01-28_15-42-06
    image
    image
    Click on apply
  3. Edit “TOTPPlugin” Authentication Plugin
    image
  4. Edit “TOTPModule” Authentication Module
    image
    image
  5. Create New Authentication Scheme
    Go to LDAPScheme and duplicate
    chrome_2018-01-28_15-54-43chrome_2018-01-30_09-19-36
  6. Update authentication policy in application domain
    imagechrome_2018-01-28_16-03-33
    image
    chrome_2018-01-28_16-06-01
  7. Create a HTML page with below content and copy it in any web server
    image
    To generate QR Code follow https://docs.oracle.com/cd/E52734_01/oam/AIAAG/GUID-800C0912-8452-4DA7-9762-A2A21E897C17.htm#AIAAG90224
  8. Download and install Oracle mobile authenticator app from play store or google play
  9. Open above HTML page in mobile browser. Click on the link on page. Enter username and password on prompt.

Test the application access. User will be prompted for LDAP authentication and post authentication user will be prompted for entering OTP.
chrome_2018-01-30_09-22-07
chrome_2018-01-30_09-22-45

chrome_2018-01-30_09-26-52
chrome_2018-01-30_09-26-55