Oracle Access Manager (IDM suite) And Jdev

We plan to use Access manager et the front end of Jdev ADFBC JSF web application ..
How can we integrate our java application with Access Manager
We can't find any code or application sample about that...
Any extention planned for Access Manager like portlet extention ?
(is true forum here ?)
Thanks for your help....

repost...

Similar Messages

  • Oracle Access Manager 11g Basic with E-Business Suite

    Hi gurus,
    I was just wondering if anyone could tell me if the basic edition of Oracle Access Manager 11g is licensed for use with e-Business Suite 11i as a partner application? Or is it necessary to purchase the full license to use it with EBS?

    925237 wrote:
    Hi gurus,
    I was just wondering if anyone could tell me if the basic edition of Oracle Access Manager 11g is licensed for use with e-Business Suite 11i as a partner application? Or is it necessary to purchase the full license to use it with EBS?You need a license for Oracle Access Manager. However, AccessGate is available at no charge to customers who have already licensed both Oracle E-Business Suite and Oracle Access Manager.
    Oracle E-Business Suite AccessGate Release 1.0.2 Now Available
    https://blogs.oracle.com/stevenChan/entry/ebs_accessgate_102
    Oracle Access Manager 11.1.1.5 Certified with E-Business Suite 12
    https://blogs.oracle.com/stevenChan/entry/oracle_access_manager_11_11
    Oracle Access Manager 11.1.1.3 Certified with E-Business Suite 12
    https://blogs.oracle.com/stevenChan/entry/oracle_access_manager_11_1
    Please contact your Oracle sales representative (account manager), he/she is the best one to answer your license questions.
    Global Pricing and Licensing
    http://www.oracle.com/us/corporate/pricing/index.html
    Thanks,
    Hussein

  • Oracle Access Manager and Passing Cert Info to HTML or JSP

    Friends,
    We are trying to pass the CN information from our smartcard (CAC) that looks i.e. john.doe.123456789 as a parameters to an Oracle Forms using the staticHTML implementation utilizing the OBLIX SSO OR utilizing a JSP or HTML file to read these parameters and update OID. We can pass the UID but since we will have First-time Registration of the Smartcards, the UID doesn't count since the CN information from the Smartcard has not been populated at this point to the OID, we are trying to get the functionality going to get the user first to put in their login and password but at submit time, to update the OID with the CN information to a separate column of OID and not the UID.
    Utilizing the OAM, we have been able to proof concept the authentication using the UID by using the Policy Manager and the Access System Console --> Access System Configuration. It's works well with the plugin that comes with the OAM (SSOOblixAuth.java) and thx to Oracle Support, but we need to be able to pass other parameters that are specified as a part of the Resource - Action as headervars such as
    HeaderVar OBLIX_SN or
    hearderVar OBLIX_MAIL
    Our Oracle Access Implementation is in halt until we find a way to pass these return Attributes to our Oracle Forms. The Oracle Forms running SSO is working greatly with just the userlogin and password (UID is passed as a header) without the Oracle Access Manager (OBLIX) but now we have shifted to this product for reading and processing Smartcard information.
    Any help we can get, we very much appreciate it.
    KA

    O.K.
    I am getting closer but still not getting the ssooblixuser or ssooblixcn. I have
    the following jsp to fire after a successful authentication.
    The following code is utilized in our SSO environment for changing passwords.
    The bolded line should get the ssooblixuser but it is not..
    <%
    response.setHeader("Cache-Control", "no-cache");
    response.setHeader("Pragma", "no-cache");
    response.setHeader("Expires", "Thu, 29 Oct 1969 17:04:19 GMT");
    request.setCharacterEncoding("UTF-8");
    response.setContentType("text/html; charset=UTF-8");
    String remoteUser = null;
    String userDn = null;
    String referer = null;
    String oblixheader = null;
    remoteUser = request.getRemoteUser();
    userDn=request.getHeader("OSSO-USER-DN");
    referer=request.getHeader("referer");
    oblixuser = request.getHeader("ssooblixuser");
    %>
    <HTML>
    <HEAD>
    <SCRIPT language="JavaScript">
    function validatePasswordsMatch()
    var frm = document.forms["changePassword"];
    if(frm.newpwd.value != frm.confirm_newpwd.value)
    alert('The Password and verified password do not match!');
    return false;
    else
    document.changePassword.submit();
    return false;
    function cancelButton()
    document.close();
    </SCRIPT>
    </HEAD>
    <BODY bgcolor="#cae3ff" >
    <table width="750" height="10" border="0" cellspacing="0" cellpadding="0">
    </table>
    <TABLE ALIGN="Center">
    <TR><TD>User Name</TD><TD> <%=remoteUser%> </TD></TR>
    <TR><TD>OBLIX USER</TD><TD> <%=oblixuser%> </TD></TR>
    Edited by: user10130371 on Sep 17, 2009 8:09 AM
    Edited by: user10130371 on Sep 17, 2009 8:10 AM

  • Difference: Oracle Access Manager and Oracle Access Management

    Dear,
    What is the difference between Oracle Access Manager and Oracle Access Management, both 11g
    thanks

    Oracle Access Manager is the foundation(main product), of the new Oracle Access Management platform. Access Manager provides the core functionality of Web Single Sign On(SSO), authentication, authorization, centralized policy administration and agent management, real-time session management and auditing. Built as a 100% Java solution, Access Manager is extremely scalable to handle Internet scale deployments and works with existing heterogeneous environments in the enterprise with agents certified on hundreds of web servers and application servers. Access Manager provides rich functionality, extreme scalability and high availability thereby increasing security, improving user experience and productivity and enhancing compliance while reducing total cost of ownership.
    Oracle Access management solution provides: Comprehensive Web Access Management, Web Single Sign-On, Identity Propagation, and Federation;Mobile and Social Sign-On;Real-time External Authorization;daptive Access and Fraud Detection
    So basically one is a product and the other one is an entire solution.
    I hope this helps,
    Thiago Leoncio.

  • Installing Oracle Access Manager - 11.1.1.5

    Hi
    I am very new to Identity Management and have been trying to set Oracle Access Manager in Windows XP.
    Downloaded ofm_iam_generic_11.1.1.5.0_disk1_1.zip from OTN.
    I cannot find the RCU for 11.1.1.5 version from the website directly. All I could see is only RCU for 11.1.1.3 and 11.1.1.2 version.
    Can anyone send me the download link for RCU 11.1.1.5 and step by step installation guide for setting up Oracle Access Manager.
    I tried creating OAM Domain after installing IDM Suite and running RCU 11.1.1.3 version.
    When I run the WebLogic and OAM server I am getting error
    Caused By: oracle.security.am.common.policy.admin.PolicyManagerException: oracle.security.am.c
    policy.admin.PolicyManagerException: OAMSSA-06251: Unsupported policy store version detected.
    ed "11.1.1.5.0" but found "11.1.1.3.0".
    Also unable to login to OAM console.
    Thanks,
    Ram

    Daren,
    Do you have OAM 11.1.1.3 running and now you wish to upgrade it to 11.1.1.5 or
    You wish to install new 11.1.1.5 ?
    If this is later then better you should use 11.1.1.5 RCU to create schema as this is straight and easy process with no upgrade.
    If you are running 11.1.1.3 and wish to upgrade to 11.1.1.5 then there are steps to apply 11.1.1.5 oatch in My Oracle Support(earlier metalink) Procedure to Upgrade OAM 11.1.1.3.0 to OAM 11.1.1.5.0 [ID 1318524.1
    Atul Kumar
    http://www.amazon.co.uk/Oracle-Identity-Access-Manager-Administrators/dp/1849682682  <- OIM / OAM 11g Book on Amazon
    http://onlineappsdba.com/index.php/book/   <- EBS R12 Integration with OID/OAM for SSO Book                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

  • Integrating Oracle EBS R12 with Oracle Access Manager 11g

    Hi Everyone ,
    Oracle Access Manager version 11.1.1.5
    Oracle Identity Management 11.1.1.6.0
    Oracle Access Manager WebGate 11.1.1.5
    Oracle E-Business Suite AccessGate patch p12796012
    Apps Version : 12.1.1
    DB Version 11.2.0.3
    PLatform : OEL 5.8
    We are trying to Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11g using Oracle E-Business Suite AccessGate.We followed metalink id's
    1309013.1 and 1543803.1 and some other documents.We have performed every step as documented , and everything seems to work fine untill user tries to log out from Oracle Applications i.e User
    is able to login to Oracle Applications through access gate and everything is working fine. But as user click logout button an error messsage is diplayed like "*500*
    *Internal Server Error Servlet error: An exception occured* " (The url at the time of this message is http://hostname:port/OA_HTML/AppsLogout ).
    Apps Tier (oacore) Application log:-
    +13/05/15 19:04:20.229 html: Servlet error+
    java.lang.NoSuchMethodError: oracle.apps.fnd.sso.SSOManager.getAuthAgentLogoutUrl(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;
    at oracle.apps.fnd.sso.AppsLogoutRedirect.doGet(AppsLogoutRedirect.java:193)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)+
    at oracle.apps.jtf.base.session.ReleaseResFilter.doFilter(ReleaseResFilter.java:26)
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)+
    at oracle.apps.fnd.security.AppsServletFilter.doFilter(AppsServletFilter.java:318)
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)+
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)+
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)+
    +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)+
    Apps Tier Apache Error log :-
    +[Wed May 15 18:50:52 2013] [error] [client 192.168.0.2] [ecid: 1368624052:192.168.0.61:10798:0:44,0] File does not exist: /u01/eBiZR12/apps/apps_st/comn/java/classes//+
    WE have set all required profile in Oracle Application as directed in documents , and users are able to login just fine , but they are not able to logout.
    IS there something that we are missing , any help is highly appreciated.
    Regards
    Edited by: TheKop88 on May 16, 2013 11:39 AM

    Hi there ,
    Thanks for reply ,
    We had already gone through that document earlier. We noticed that when Apllication Profile "*Apllications SSO Type* " is set to SSWA then OA_HTML/AppsLogout is
    working fine , but when we set "*Applications SSO Type*" to SSWA w/SSO then OA_HTML/AppsLogout is not working(not redirecting) .Error thrown on web browser is "+500 Internal Server Error Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response+" . we believe that we might have missed some Profile settings that is causing this error.
    Regards
    Edited by: TheKop88 on May 16, 2013 12:03 PM
    Edited by: TheKop88 on May 16, 2013 12:07 PM

  • Oracle Access Manager, ADAM & UCM integration? Help please..

    I`m currently investigating the potential of using Oracle Access Manager (OAM) as a tool that allows connections to multiple Active Directory(AD) or ADAM servers providing a single point to author and manage users with a good easy to use GUI.
    The UCM will connect directly to OAM and authenticate users connecting from AD accounts..
    At the moment we use Quest software to manage users, but the cost for setting up users is £15/user where as OAM is only £3. I believe..
    Right the questions I have :)
    1. Has any one set this type of environment up?
    2. ls OAM stand alone or will I need additional software to set it up?
    Reading the installation guide it says I need the following:
    # Oracle Internet Directory 10g (10.1.4.0.1)
    # Microsoft Active Directory
    # Oracle Virtual Directory Server 10.1.4.0.1
    # Oracle Virtual Directory Manager 10.1.4.0.1
    # Oracle Virtual Directory Patch 10.1.4.0.1 (P5667977)
    # Stand-alone Oracle HTTP Server 2.x (This needs to be preinstalled in your environment. You can download the OHS 2.x standalone from the Oracle SOA Suite 10g Companion (10.1.3.1.0) release from here.)
    3. Can I use IIS instead of Oracle HTTP Server?
    4. Can I install OAM on 1 server or do I need multiple servers, I`v been looking at the diagrams and reading through the guides I`m getting a little confused with Identity and Access server?

    Hi,
    Have you got information reg UCM & OAM integration?
    Could you please help me with the integration guide?
    Regards,
    Ashish

  • Oracle Access Manager, ADAM & Oracle ECM - UCM integration?

    I`m currently investigating the potential of using Oracle Access Manager (OAM) as a tool that allows connections to multiple Active Directory(AD) or ADAM servers providing a single point to author and manage users with a good easy to use GUI.
    The UCM will connect directly to OAM and authenticate users connecting from AD accounts..
    At the moment we use Quest software to manage users, but the cost for setting up users is £15/user where as OAM is only £3. I believe..
    Right the questions I have :)
    1. Has any one set this type of environment up?
    2. ls OAM stand alone or will I need additional software to set it up?
    Reading the installation guide it says I need the following:
    # Oracle Internet Directory 10g (10.1.4.0.1)
    # Microsoft Active Directory
    # Oracle Virtual Directory Server 10.1.4.0.1
    # Oracle Virtual Directory Manager 10.1.4.0.1
    # Oracle Virtual Directory Patch 10.1.4.0.1 (P5667977)
    # Stand-alone Oracle HTTP Server 2.x (This needs to be preinstalled in your environment. You can download the OHS 2.x standalone from the Oracle SOA Suite 10g Companion (10.1.3.1.0) release from here.)
    3. Can I use IIS instead of Oracle HTTP Server?
    4. Can I install OAM on 1 server or do I need multiple servers, I`v been looking at the diagrams and reading through the guides I`m getting a little confused with Identity and Access server?

    The OAM identity system (identity server and WebPass) sound like a good fit for what you want to do. One constraint is that if you want to create/manage users in different directory instances via a single OAM identity system installation, you would also need OVD.
    And yes you definitely can have IIS host the WebPass - OHS, OID etc are not required.
    -Vinod

  • Where to download •Oracle Access Manager WebGate 10.1.4.3

    i am working on OAM/OID integration with EBS R12(Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR1 (11.1.1.5) using Oracle E-Business Suite AccessGate [ID 1309013.1]), As per the document i am trying to download Oracle Access Manager WebGate 10.1.4.3 from this link
    http://www.oracle.com/technetwork/middleware/ias/downloads/101401-099957.html
    i am confused on downloading (Oracle Access Manager Core Components (10.1.4.3.0 or Oracle Access Manager WebGates for OHS 11g and Weblogic Identity Assertion Provider (10.1.4.3.0) or Policy Manager and WebPass on Third Party and non-OHS 11g Web Servers (10.1.4.3.0 )
    which one i need to download.

    Hi,
    Oracle Access Manager 10.1.4.3.0 is a part of 11g R1 release So, you should be fine with OAM 10.1.4.3.0.
    OAM 10G R3 consists of OAM 10.1.4.0.1 (and 10.1.4.2.0).
    -- Pramod Aravind

  • Install Oracle Access Manager in existing Access Manager domain

    Hi
    I am operator of a windows system with Oracle Access Manager installed.
    We use OAM for SSO against Webpages in OIM running on Jboss, and now we are going to implement against a WebLogic webapplication too.
    The userbase is standard Active Directory
    I did not set up OAM myself so I'm not completely sure how it works.
    To be able to test the SSO solution given by an external provider, I need to have a proper stage environment.
    My idea is to set up another OAM on another server, wich points towards the same AD domaincontroller as the existing OAM
    Is this possible? In the installation guide I find that the new AccessManager system should be added into the existing OAM configuration , before we turn of the existing OAM and then install the complete OAM on the new server. Then we can turn on the existing OAM again, and implement them as clusters. I would like them to be two indipendent instances not affecting one another, but in the same AD domain to be able to test features in one of them and use the other as the production server.
    My fear is that I "mess up" the form in AD created from the old OAM, and that way mess the upp production environment.
    Edited by: user631873 on 11.sep.2009 06:22

    Hi,
    Technically, you can certainly set up a new OAM infrastructure which points to the existing AD instance. You could do this in a number of ways, for example:
    - set up the new instance so that it points to the same users and configuration branch as the existing instance, so that the new instance is effectively just an extension of the existing instance (with extra Identity and Access Servers, etc) ;
    - set up the new instance so that it points to the same AD instance, but uses different User searchbase and Config branch. In this case the new instance is more or less completely separate, but it happens to use the same directory ;
    - set up the new instance so that it points to the same Users, but a different Config branch, in which case the new instance has independed OAM configuration (policies, authentication schemes etc) but operates on the same user base.
    (In OAM you can define separate ldap locations for the Users, Identity Config and Access Config.)
    It depends on exactly what you want, but if the idea is to have a proper stage environment, then it is usually better for them to be completely independent, including the directory. OAM can update users as well as policies, and additionally different major versions of OAM have different schemas, so there are risks when using the same directory instance. Load testing is also an issue, since the directory is accessed extensivley by OAM.
    Regards,
    Colin

  • Error during execution of SSO with Oracle Access Manager 11gR2

    Hello friends,
    I have a problem with SSO using Oracle Access Manager 11g R2, then describes the steps taken in this test:
    1. Is accessed by the OAM protected application through IE browser, Chrome and Firefox for testing purposes.
    2. The OAM protected application, here is redirected to the OAM page to enter the credentials for the application.
    3. Shows the application, and again reorders authentication credentials.
    Here the details of the cookie:
    a. cookie1: ADMINCONSOLESESSION
    b. cokkie2: OAMAuthnCookie_webgate11g.domain.com: 7777
    We also found an error when starting the node oam_server in WebLogic Server 11g (10.3.6)
    Log:
    [2012-11-29T18:16:02.411-05:00] [oam_server1] [ERROR] [JPS-03156] [oracle.jps.authorization.framework] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000JhEStpUFW7WFLzRL8A1GhylJ000002,0] [APP: oam_server#11.1.2.0.0] The exception has been thrown by ARME. The authorization result is set to deny.[[
    com.bea.security.providers.authorization.asi.InvocationException: ArmeRUNTIME Exception: null
         at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:396)
         at com.bea.security.ssal.micro.MicroAuthorizationManagerWrapper.isAccessAllowed(MicroAuthorizationManagerWrapper.java:73)
         at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed_internal(AuthorizationServiceImpl.java:914)
         at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:745)
         at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:668)
         at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:622)
         at com.bea.security.AuthorizationService.isAccessAllowed(AuthorizationService.java:365)
         at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.wait4OESRuntimeDBPolicyRefreshCompletion(OESRuntimeProxy.java:263)
         at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.init(OESRuntimeProxy.java:193)
         at oracle.security.am.common.policy.runtime.provider.oes.OESPolicyRuntimeProvider.init(OESPolicyRuntimeProvider.java:167)
         at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getNewInstance(PolicyRuntimeFactory.java:162)
         at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.init(PolicyRuntimeFactory.java:93)
         at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getPolicyRuntime(PolicyRuntimeFactory.java:84)
         at oracle.security.am.common.policy.util.PolicyComponentLifecycle.initialize(PolicyComponentLifecycle.java:100)
         at oracle.security.am.lifecycle.ApplicationLifecycle.initComponentBootstrap(ApplicationLifecycle.java:156)
         at oracle.security.am.lifecycle.ApplicationLifecycle.contextInitialized(ApplicationLifecycle.java:86)
         at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
         at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
         at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1868)
         at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
         at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
         at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
         at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
         at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
         at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
         at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
         at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
         at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
         at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
         at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
         at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
         at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
         at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
         at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
         at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
         at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
         at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
         at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
         at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    Caused by: com.wles.InternalException: ArmeRUNTIME Exception: null
         at com.wles.arme.Credentials_ca.exceptionTransport(Credentials_ca.java:606)
         at com.wles.arme.Credentials_ca._accessAllowed(Credentials_ca.java:343)
         at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:400)
         at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:422)
         at com.wles.arme.CachingCredentialsImpl._accessAllowed(CachingCredentialsImpl.java:225)
         at com.wles.arme.CredentialsImpl.accessAllowed(CredentialsImpl.java:452)
         at com.wles.arme.CachingCredentialsImpl.accessAllowed(CachingCredentialsImpl.java:68)
         at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.ARMEisAccessAllowed(AuthorizationProviderImpl.java:977)
         at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:347)
         ... 52 more
    causal exception is:
    com.wles.InternalException: ArmeRUNTIME Exception: null
         at com.wles.arme.Credentials_ca.exceptionTransport(Credentials_ca.java:606)
         at com.wles.arme.Credentials_ca._accessAllowed(Credentials_ca.java:343)
         at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:400)
         at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:422)
         at com.wles.arme.CachingCredentialsImpl._accessAllowed(CachingCredentialsImpl.java:225)
         at com.wles.arme.CredentialsImpl.accessAllowed(CredentialsImpl.java:452)
         at com.wles.arme.CachingCredentialsImpl.accessAllowed(CachingCredentialsImpl.java:68)
         at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.ARMEisAccessAllowed(AuthorizationProviderImpl.java:977)
         at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:347)
         at com.bea.security.ssal.micro.MicroAuthorizationManagerWrapper.isAccessAllowed(MicroAuthorizationManagerWrapper.java:73)
         at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed_internal(AuthorizationServiceImpl.java:914)
         at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:745)
         at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:668)
         at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:622)
         at com.bea.security.AuthorizationService.isAccessAllowed(AuthorizationService.java:365)
         at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.wait4OESRuntimeDBPolicyRefreshCompletion(OESRuntimeProxy.java:263)
         at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.init(OESRuntimeProxy.java:193)
         at oracle.security.am.common.policy.runtime.provider.oes.OESPolicyRuntimeProvider.init(OESPolicyRuntimeProvider.java:167)
         at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getNewInstance(PolicyRuntimeFactory.java:162)
         at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.init(PolicyRuntimeFactory.java:93)
         at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getPolicyRuntime(PolicyRuntimeFactory.java:84)
         at oracle.security.am.common.policy.util.PolicyComponentLifecycle.initialize(PolicyComponentLifecycle.java:100)
         at oracle.security.am.lifecycle.ApplicationLifecycle.initComponentBootstrap(ApplicationLifecycle.java:156)
         at oracle.security.am.lifecycle.ApplicationLifecycle.contextInitialized(ApplicationLifecycle.java:86)
         at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
         at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
         at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1868)
         at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
         at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
         at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
         at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
         at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
         at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
         at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
         at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
         at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
         at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
         at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
         at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
         at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
         at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
         at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
         at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
         at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
         at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
         at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
         at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    We appreciate your support in solving the case. Thanks...
    JLK
    Edited by: JLK on Nov 30, 2012 9:43 AM

    Hi Viju,
    Did you executed the python script to register OPSS. If not then you will get the mentioned error:
    I have mentioned couple of workarounds. Can you try those and let me know the results. Take the backup of your entire environment before you follow the steps:::
    1. For the ARME issue patch can be applied for 11.1.2
    OAM Bundle Patch Release History (Doc ID 736372.1)
    Yes. This is a benign message. ( the ARME issue)
    OAM 11R2 After Upgrade The Managed Server Start With Error ArmeRUNTIME Exception: Null (Doc ID 1509559.1)
    The other issue is under investgation and is benign.
    <oracle.adfinternal.view.faces.renderkit.rich.RegionRenderer> WARNING when accessing oamconsole (Doc ID 1511967.1)
    The final message is spoken to here:
    WLS 10.3.3: "Auto-Ref-By: WebApp" deployed as shared library is affecting other web applications. (Doc ID 1210393.1)
    Action Plan:
    =========
    1. For the ARME issue patch can be applied for 11.1.2
    OAM Bundle Patch Release History (Doc ID 736372.1)
    Hope this helps.

  • URGENT : Challenge questions query: Oracle Access Manager 10g

    Hi all,
    This is a query regarding password challenge questions in Oracle Access Manager 10g. We have created password policies for a specific container in OID (say cn=xxx,cn=users,dc=oracle,dc=com) and it is working fine.
    In order to exclude certain set of users (say user ABC ) for password policies, we have set the obpasswordchangeflag to false for those users which are in same container for which password policy is created.
    When we try to login to the application with the user say ABC, I am not seeing any reset password page - I am happy till this point. However it is showing Configure Challenge questions page. Is there any way to bypass this page? Or is this the expected behavior?
    This is very urgent and prompt reply is very much appreciated.
    -Mahendra

    Hi Mahendra,
    This is expected behaviour. In order to exclude the password policy management for some certains user for particular domain/container. please add the below configuration parameter to your OAM10g password policy.
    Password Policy Filter Field     (!(|(cn=xxx)(cn=abc)))
    ----Ajay

  • Oracle Access Manager-Protecting resources

    Hi,
    I have installed the Oracle Access Server/Identity Server/Policy managerWebpass/Webgate etc...I want to create policy domains and resources in the policy manager to protect certain internal websites. Is there any crisp documentation that some one can share to do the basics atleast? the oracle documentation is insanely extensive with links/references all over the place and I find it very difficult to understand how the policies are constructed. I have created couple of authentication schemes (basic/Form) that can be used. to start off i have a basic login page created in IIS that can be used for user input and also have a couple of other html files in a folder under it. If some one can share a document that takes me step by step to protecting a resource, it will be great.
    Thanks in advance.
    Naresh

    Two suggestions:
    1) Ask the question in a group inhabited by OAM users ... this group is generically for doc issues. (ANd yes, you mention a doc issue, but very few OAM users visit here.)
    - a place for that might be: http://forums.oracle.com and scroll down to Identify Management
    2) Look through OTN in the product portal (http://otn.oracle.com > Products: Middleware > Identify Management: Identity Management > Oracle Access Manager)

  • Oracle Access manager 10.1.4 (coreid) multiple authentication for same URL

    I am evaluating oracle access manager hence new to this product.
    I have a requirement where i have a /wps URL.
    Users coming externally go through reverse proxy server to the final IIS web server. Internal user access IIS directly.
    /wps should be protected by reverse proxy using forms authentication
    while IIS server also protect /wps but should use basic authentication.
    Looks like policy is shared by all webgates so i can define one authentication method for /wps.
    Comparing this with CA Siteminder each agent have their own URLs to protect and so two agents can protect the same URL but with different authentication method. The single signon works as the protection level is same.

    I have not done what you are speaking of; so I would assume that Boland is correct. One thing that you may want to consider is making the external users log into another resource before they hit the /wps. If the other resource is forms protected and at the same authentication level (number on auth scheme), then they can hit the external login resource, get their OBSSO cookie, then slide right thru the basic authentication request of the current policy domain.
    Another idea would be to get a little more granular with your current policy domain. Have a file that's protected with forms auth in your policy domain that the external users authenticate to. Remember, this could be as simple as a dummy page that just does an HTTP redirect.
    Good luck.
    --Aaron                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

  • Oracle 11g for Oracle access manager,  OID version details

    At present we have 1og db for sso and oid. I have checking in db that our exsisting OID and SSO versions are
    Oracle9iAS Single Sign-On 10.1.2.0.2
    Oracle9iAS Internet Directory
    OID 10.1.2.1.0
    We are moving to diff hosting solution and vendor is recommanding to have 11g Oracle access manager(in 11g sso is replaced by OAM) and OID.
    What is the version of OID with 11g or please refer me to the documentaion where i can greb 11g OAM, oid etc versions

    Kapardhi wrote:
    Where can i find oracle 11g server for windows7 home basic 64bit version...Oracle 11gR2 is certified on Windows 7 x64 - Professional, Enterprise, and Ultimate editions -- http://docs.oracle.com/cd/E11882_01/install.112/e24283/toc.htm#BGBEEBAD
    You can download 11gR2 from http://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html
    Thanks,
    Hussein

Maybe you are looking for