This content has been marked as final. Show 1 reply
There is a missing item in the doc at the wiki. The user should access the URL : http://oiahost:port/rbacx/j_acegi_security_check
Instead of attempting to access the OIA default login page to access the application when the product is setup to integrate in an SSO situation like SiteMinder or OAM.
Siteminder, OAM all redirect the user to the URL that was first access in the application that was being protected. So if you access the login page first, the request is intercepted by Siteminder or OAM and once login happens at Siteminder it redirects the user to the OIA login page which will result in the user not being displayed the main home page of the OIA application.
Secondly you need to make sure the HTTP header set by Siteminder is same as the headers that were configured in security-context.xml
<property name="preAuthUsernameHeaderKey" value="sm-user"/>
<property name="preAuthPasswordHeaderKey" value="sm-user"/>
If Siteminder is configured to send a different header than sm-user then these properties above need to be modified.
FYI: OIA == SRM