With the release of OpenSSO Enterprise 8.0, policy evaluation for URL pattern matching of rules with query parameters no longer match the generic asterisk (*); you must explicitly allow query parameters for the URL policies. For those URLs which include query parameters, the policy definition must include the following rules.
http*://host:port/appcontext/*
http*://host:port/appcontext/*?*
This modification can be done before the upgrade as Access Manager 7.x will evaluate these additional rules without issue.