CR 6897101: After a login to a non-default realm, user experiences multiple logins after a timeout (Oracle OpenSSO 8.0 Update 2 Release Notes)

Oracle OpenSSO 8.0 Update 2 Release Notes

Previous: CR 7002787: OpenSSO 8.0 Update 2 is not working with Active Directory Data Store
Next: CR 6983035: Remote console with OpenSSO server returns errors after a session timeout

CR 6897101: After a login to a non-default realm, user experiences multiple logins after a timeout

Previously, if a user entered valid credentials after an authentication module timeout occurred, the login screen for the second authentication module was presented and the user could enter an invalid password to get access to a protected resource.

Patch 1 fixes this CR; however, this fix works only with non-JAAS modules. If you write a custom authentication module, you must use non-JAAS modules.

Previous: CR 7002787: OpenSSO 8.0 Update 2 is not working with Active Directory Data Store
Next: CR 6983035: Remote console with OpenSSO server returns errors after a session timeout