Oracle Access Manager login Problem

Similar Messages

• Sun Access Manager login problem

  Hi,
  This is a very basic problem. I have installed Sun Access Manager 7 using JES installer. It is configured to authenticate against a LDAP datastore. I am able to login into the amconsole application using the amAdmin DN but I am not able to login with any other user that I create through Sun Access Manager.Any help will be highly appreciated.
  TIA.

  Hello,
  When you create any user through SUN Access Manager, is that user is created in LDAP
  datastore, or is it created in SAM flat file repository ?

• Problem in customizing Oracle Access Manager 10g

  HI,
  I am facing some problem while incorporating customizations into Oracle Access Manager 10g.
  When trying to access the url with a particular style name.... i am getting the following error :
  obhtmlpage.cpp:160: Error:
  obhtmlpage.cpp:277: Error: ExXSLTProcessingGeneric: Exception processing stylesheet. Root stylesheet ID: ../../../lang/en-us/style0/login.xsl
  obxdkxsl.cpp:224: Error: ObXDKTransform
  obxdkcache.cpp:528: Error:
  obxdkcache.cpp:565: Error:
  ../obcacheof.cpp:429: Error:
  ../obcacheof.cpp:795: Error:
  ../obcacheof.cpp:932: Error:
  obxdkcache.cpp:291: Error: ObXdkObject::ObXdkObject
  Front Page Admin
  Sun Microsystems Solaris
  Could someone please provide some help as to how to solve the problem.
  Thanks.

  One good way to debug the XSL stylesheet issue is to apply the XSL outside of OAM with input XML and see if you get the results. You can use tools such as XML SPy for XSL development and testing.
  This error is more in line with XSL syntax and processing.
  Thanks
  Ram

• Configuration of APEX applications to use Oracle Access Manager for Login

  Is there Oracle documentation on configuring an APEX application to accept a login id passed by Oracle Access Manager? Would someone please help with some instructions on how to do it. Thanks.

  Hi Ravi,
  this looks like a WLS issue.
  1-You can try as a workaround to remove this validator configuration in taglib definition file: .tld and see the behavior.
  2-Or you are missing something into url.
  I hope this helps,
  Thiago Leoncio.

• Configure Oracle Access Manager - from weblogic OIF instance page bombs out

  I am trying to integrate OIF with Oracle Access Manager as SP integration module. But, when clicked on "Configure Oracle Access Manager" it throws the following error:
  Oracle Access Manager cannot be configured properly. Make sure the Oracle Access Manager SDK Server has been configured properly and the required environment variables have been set. Details can be found on Online Help and Administrative Guide.
  I have updated the environment variables and classpath, also confirmed the Access Server SDK to work properly by testing java JAccessGate.
  any help is greatly appreciated.
  The diagnostic logs show these errors:
  ========================
  Login of admin identity cn=usca_iam_admin failed. Please check to make sure the admin user ID is valid.
  at com.oblix.accessmgr.ObAccessManager.sendRequest(ObAccessManager.java:163)
  at com.oblix.accessmgr.ObAccessManager.setAdmin(ObAccessManager.java:195)
  at oracle.security.fed.admin.config.mbeans.OAMConfigUtils.configureOAM(Unknown Source)
  at oracle.security.fed.admin.config.mbeans.AdminUtilMXBeanImpl.configureOAM(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.doInvoke(OracleStandardEmitterMBean.java:889)
  at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalInvoke(ContextClassLoaderMBeanInterceptor.java:94)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.generic.spi.interceptors.MBeanRestartInterceptor.internalInvoke(MBeanRestartInterceptor.java:116)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.internalInvoke(AbstractMBeanSecurityInterceptor.java:174)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.invoke(OracleStandardEmitterMBean.java:803)
  at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
  at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
  at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:268)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
  at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1426)
  at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
  at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1264)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1366)
  at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
  at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
  at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
  at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
  at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  My Oracle Access Manager is 10.1.4.3 and OIF is 11.1.1.3
  thanks

  Hello,
  I'm having the same problem. Did anybody find a solution to fix it?
  Any help is appreciated.
  Regards,
  Ignacio.

• Oracle Access Manager 10g3 Blog

  Hi Everyone,
  I have created a New Blog for Oracle Access Manager and i would like everyone to have a look at it and give me some comments on it like what are the other topics i can keep which can help us all etc....
  You can visit it at http://go4oam.blogspot.com/

  HI,
  I am facing some problem while incorporating customizations into Oracle Access Manager 10g.
  When trying to access the url with a particular style name.... i am getting the following error :
  obhtmlpage.cpp:160: Error:
  obhtmlpage.cpp:277: Error: ExXSLTProcessingGeneric: Exception processing stylesheet. Root stylesheet ID: ../../../lang/en-us/style0/login.xsl
  obxdkxsl.cpp:224: Error: ObXDKTransform
  obxdkcache.cpp:528: Error:
  obxdkcache.cpp:565: Error:
  ../obcacheof.cpp:429: Error:
  ../obcacheof.cpp:795: Error:
  ../obcacheof.cpp:932: Error:
  obxdkcache.cpp:291: Error: ObXdkObject::ObXdkObject
  Front Page Admin
  Sun Microsystems Solaris
  Could someone please provide some help as to how to solve the problem.
  Thanks.

• Installing Oracle Access Manager - 11.1.1.5

  Hi
  I am very new to Identity Management and have been trying to set Oracle Access Manager in Windows XP.
  Downloaded ofm_iam_generic_11.1.1.5.0_disk1_1.zip from OTN.
  I cannot find the RCU for 11.1.1.5 version from the website directly. All I could see is only RCU for 11.1.1.3 and 11.1.1.2 version.
  Can anyone send me the download link for RCU 11.1.1.5 and step by step installation guide for setting up Oracle Access Manager.
  I tried creating OAM Domain after installing IDM Suite and running RCU 11.1.1.3 version.
  When I run the WebLogic and OAM server I am getting error
  Caused By: oracle.security.am.common.policy.admin.PolicyManagerException: oracle.security.am.c
  policy.admin.PolicyManagerException: OAMSSA-06251: Unsupported policy store version detected.
  ed "11.1.1.5.0" but found "11.1.1.3.0".
  Also unable to login to OAM console.
  Thanks,
  Ram

  Daren,
  Do you have OAM 11.1.1.3 running and now you wish to upgrade it to 11.1.1.5 or
  You wish to install new 11.1.1.5 ?
  If this is later then better you should use 11.1.1.5 RCU to create schema as this is straight and easy process with no upgrade.
  If you are running 11.1.1.3 and wish to upgrade to 11.1.1.5 then there are steps to apply 11.1.1.5 oatch in My Oracle Support(earlier metalink) Procedure to Upgrade OAM 11.1.1.3.0 to OAM 11.1.1.5.0 [ID 1318524.1
  Atul Kumar
  http://www.amazon.co.uk/Oracle-Identity-Access-Manager-Administrators/dp/1849682682  <- OIM / OAM 11g Book on Amazon
  http://onlineappsdba.com/index.php/book/   <- EBS R12 Integration with OID/OAM for SSO Book                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

• Error during execution of SSO with Oracle Access Manager 11gR2

  Hello friends,
  I have a problem with SSO using Oracle Access Manager 11g R2, then describes the steps taken in this test:
  1. Is accessed by the OAM protected application through IE browser, Chrome and Firefox for testing purposes.
  2. The OAM protected application, here is redirected to the OAM page to enter the credentials for the application.
  3. Shows the application, and again reorders authentication credentials.
  Here the details of the cookie:
  a. cookie1: ADMINCONSOLESESSION
  b. cokkie2: OAMAuthnCookie_webgate11g.domain.com: 7777
  We also found an error when starting the node oam_server in WebLogic Server 11g (10.3.6)
  Log:
  [2012-11-29T18:16:02.411-05:00] [oam_server1] [ERROR] [JPS-03156] [oracle.jps.authorization.framework] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000JhEStpUFW7WFLzRL8A1GhylJ000002,0] [APP: oam_server#11.1.2.0.0] The exception has been thrown by ARME. The authorization result is set to deny.[[
  com.bea.security.providers.authorization.asi.InvocationException: ArmeRUNTIME Exception: null
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:396)
       at com.bea.security.ssal.micro.MicroAuthorizationManagerWrapper.isAccessAllowed(MicroAuthorizationManagerWrapper.java:73)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed_internal(AuthorizationServiceImpl.java:914)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:745)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:668)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:622)
       at com.bea.security.AuthorizationService.isAccessAllowed(AuthorizationService.java:365)
       at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.wait4OESRuntimeDBPolicyRefreshCompletion(OESRuntimeProxy.java:263)
       at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.init(OESRuntimeProxy.java:193)
       at oracle.security.am.common.policy.runtime.provider.oes.OESPolicyRuntimeProvider.init(OESPolicyRuntimeProvider.java:167)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getNewInstance(PolicyRuntimeFactory.java:162)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.init(PolicyRuntimeFactory.java:93)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getPolicyRuntime(PolicyRuntimeFactory.java:84)
       at oracle.security.am.common.policy.util.PolicyComponentLifecycle.initialize(PolicyComponentLifecycle.java:100)
       at oracle.security.am.lifecycle.ApplicationLifecycle.initComponentBootstrap(ApplicationLifecycle.java:156)
       at oracle.security.am.lifecycle.ApplicationLifecycle.contextInitialized(ApplicationLifecycle.java:86)
       at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
       at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1868)
       at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
       at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
       at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
       at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
       at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
       at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
       at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
       at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
       at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
       at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
       at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
       at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
       at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
       at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
       at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
       at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
       at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
       at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
       at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
       at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
       at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
       at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
  Caused by: com.wles.InternalException: ArmeRUNTIME Exception: null
       at com.wles.arme.Credentials_ca.exceptionTransport(Credentials_ca.java:606)
       at com.wles.arme.Credentials_ca._accessAllowed(Credentials_ca.java:343)
       at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:400)
       at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:422)
       at com.wles.arme.CachingCredentialsImpl._accessAllowed(CachingCredentialsImpl.java:225)
       at com.wles.arme.CredentialsImpl.accessAllowed(CredentialsImpl.java:452)
       at com.wles.arme.CachingCredentialsImpl.accessAllowed(CachingCredentialsImpl.java:68)
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.ARMEisAccessAllowed(AuthorizationProviderImpl.java:977)
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:347)
       ... 52 more
  causal exception is:
  com.wles.InternalException: ArmeRUNTIME Exception: null
       at com.wles.arme.Credentials_ca.exceptionTransport(Credentials_ca.java:606)
       at com.wles.arme.Credentials_ca._accessAllowed(Credentials_ca.java:343)
       at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:400)
       at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:422)
       at com.wles.arme.CachingCredentialsImpl._accessAllowed(CachingCredentialsImpl.java:225)
       at com.wles.arme.CredentialsImpl.accessAllowed(CredentialsImpl.java:452)
       at com.wles.arme.CachingCredentialsImpl.accessAllowed(CachingCredentialsImpl.java:68)
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.ARMEisAccessAllowed(AuthorizationProviderImpl.java:977)
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:347)
       at com.bea.security.ssal.micro.MicroAuthorizationManagerWrapper.isAccessAllowed(MicroAuthorizationManagerWrapper.java:73)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed_internal(AuthorizationServiceImpl.java:914)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:745)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:668)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:622)
       at com.bea.security.AuthorizationService.isAccessAllowed(AuthorizationService.java:365)
       at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.wait4OESRuntimeDBPolicyRefreshCompletion(OESRuntimeProxy.java:263)
       at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.init(OESRuntimeProxy.java:193)
       at oracle.security.am.common.policy.runtime.provider.oes.OESPolicyRuntimeProvider.init(OESPolicyRuntimeProvider.java:167)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getNewInstance(PolicyRuntimeFactory.java:162)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.init(PolicyRuntimeFactory.java:93)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getPolicyRuntime(PolicyRuntimeFactory.java:84)
       at oracle.security.am.common.policy.util.PolicyComponentLifecycle.initialize(PolicyComponentLifecycle.java:100)
       at oracle.security.am.lifecycle.ApplicationLifecycle.initComponentBootstrap(ApplicationLifecycle.java:156)
       at oracle.security.am.lifecycle.ApplicationLifecycle.contextInitialized(ApplicationLifecycle.java:86)
       at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
       at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1868)
       at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
       at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
       at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
       at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
       at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
       at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
       at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
       at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
       at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
       at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
       at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
       at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
       at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
       at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
       at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
       at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
       at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
       at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
       at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
       at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
       at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
       at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
  We appreciate your support in solving the case. Thanks...
  JLK
  Edited by: JLK on Nov 30, 2012 9:43 AM

  Hi Viju,
  Did you executed the python script to register OPSS. If not then you will get the mentioned error:
  I have mentioned couple of workarounds. Can you try those and let me know the results. Take the backup of your entire environment before you follow the steps:::
  1. For the ARME issue patch can be applied for 11.1.2
  OAM Bundle Patch Release History (Doc ID 736372.1)
  Yes. This is a benign message. ( the ARME issue)
  OAM 11R2 After Upgrade The Managed Server Start With Error ArmeRUNTIME Exception: Null (Doc ID 1509559.1)
  The other issue is under investgation and is benign.
  <oracle.adfinternal.view.faces.renderkit.rich.RegionRenderer> WARNING when accessing oamconsole (Doc ID 1511967.1)
  The final message is spoken to here:
  WLS 10.3.3: "Auto-Ref-By: WebApp" deployed as shared library is affecting other web applications. (Doc ID 1210393.1)
  Action Plan:
  =========
  1. For the ARME issue patch can be applied for 11.1.2
  OAM Bundle Patch Release History (Doc ID 736372.1)
  Hope this helps.

• Integrating Oracle EBS R12 with Oracle Access Manager 11g

  Hi Everyone ,
  Oracle Access Manager version 11.1.1.5
  Oracle Identity Management 11.1.1.6.0
  Oracle Access Manager WebGate 11.1.1.5
  Oracle E-Business Suite AccessGate patch p12796012
  Apps Version : 12.1.1
  DB Version 11.2.0.3
  PLatform : OEL 5.8
  We are trying to Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11g using Oracle E-Business Suite AccessGate.We followed metalink id's
  1309013.1 and 1543803.1 and some other documents.We have performed every step as documented , and everything seems to work fine untill user tries to log out from Oracle Applications i.e User
  is able to login to Oracle Applications through access gate and everything is working fine. But as user click logout button an error messsage is diplayed like "*500*
  *Internal Server Error Servlet error: An exception occured* " (The url at the time of this message is http://hostname:port/OA_HTML/AppsLogout ).
  Apps Tier (oacore) Application log:-
  +13/05/15 19:04:20.229 html: Servlet error+
  java.lang.NoSuchMethodError: oracle.apps.fnd.sso.SSOManager.getAuthAgentLogoutUrl(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;
  at oracle.apps.fnd.sso.AppsLogoutRedirect.doGet(AppsLogoutRedirect.java:193)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)+
  at oracle.apps.jtf.base.session.ReleaseResFilter.doFilter(ReleaseResFilter.java:26)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)+
  at oracle.apps.fnd.security.AppsServletFilter.doFilter(AppsServletFilter.java:318)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)+
  Apps Tier Apache Error log :-
  +[Wed May 15 18:50:52 2013] [error] [client 192.168.0.2] [ecid: 1368624052:192.168.0.61:10798:0:44,0] File does not exist: /u01/eBiZR12/apps/apps_st/comn/java/classes//+
  WE have set all required profile in Oracle Application as directed in documents , and users are able to login just fine , but they are not able to logout.
  IS there something that we are missing , any help is highly appreciated.
  Regards
  Edited by: TheKop88 on May 16, 2013 11:39 AM

  Hi there ,
  Thanks for reply ,
  We had already gone through that document earlier. We noticed that when Apllication Profile "*Apllications SSO Type* " is set to SSWA then OA_HTML/AppsLogout is
  working fine , but when we set "*Applications SSO Type*" to SSWA w/SSO then OA_HTML/AppsLogout is not working(not redirecting) .Error thrown on web browser is "+500 Internal Server Error Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response+" . we believe that we might have missed some Profile settings that is causing this error.
  Regards
  Edited by: TheKop88 on May 16, 2013 12:03 PM
  Edited by: TheKop88 on May 16, 2013 12:07 PM

• URGENT : Challenge questions query: Oracle Access Manager 10g

  Hi all,
  This is a query regarding password challenge questions in Oracle Access Manager 10g. We have created password policies for a specific container in OID (say cn=xxx,cn=users,dc=oracle,dc=com) and it is working fine.
  In order to exclude certain set of users (say user ABC ) for password policies, we have set the obpasswordchangeflag to false for those users which are in same container for which password policy is created.
  When we try to login to the application with the user say ABC, I am not seeing any reset password page - I am happy till this point. However it is showing Configure Challenge questions page. Is there any way to bypass this page? Or is this the expected behavior?
  This is very urgent and prompt reply is very much appreciated.
  -Mahendra

  Hi Mahendra,
  This is expected behaviour. In order to exclude the password policy management for some certains user for particular domain/container. please add the below configuration parameter to your OAM10g password policy.
  Password Policy Filter Field     (!(|(cn=xxx)(cn=abc)))
  ----Ajay

• Oracle Access Manager-Protecting resources

  Hi,
  I have installed the Oracle Access Server/Identity Server/Policy managerWebpass/Webgate etc...I want to create policy domains and resources in the policy manager to protect certain internal websites. Is there any crisp documentation that some one can share to do the basics atleast? the oracle documentation is insanely extensive with links/references all over the place and I find it very difficult to understand how the policies are constructed. I have created couple of authentication schemes (basic/Form) that can be used. to start off i have a basic login page created in IIS that can be used for user input and also have a couple of other html files in a folder under it. If some one can share a document that takes me step by step to protecting a resource, it will be great.
  Thanks in advance.
  Naresh

  Two suggestions:
  1) Ask the question in a group inhabited by OAM users ... this group is generically for doc issues. (ANd yes, you mention a doc issue, but very few OAM users visit here.)
  - a place for that might be: http://forums.oracle.com and scroll down to Identify Management
  2) Look through OTN in the product portal (http://otn.oracle.com > Products: Middleware > Identify Management: Identity Management > Oracle Access Manager)

• Oracle Access manager 10.1.4 (coreid) multiple authentication for same URL

  I am evaluating oracle access manager hence new to this product.
  I have a requirement where i have a /wps URL.
  Users coming externally go through reverse proxy server to the final IIS web server. Internal user access IIS directly.
  /wps should be protected by reverse proxy using forms authentication
  while IIS server also protect /wps but should use basic authentication.
  Looks like policy is shared by all webgates so i can define one authentication method for /wps.
  Comparing this with CA Siteminder each agent have their own URLs to protect and so two agents can protect the same URL but with different authentication method. The single signon works as the protection level is same.

  I have not done what you are speaking of; so I would assume that Boland is correct. One thing that you may want to consider is making the external users log into another resource before they hit the /wps. If the other resource is forms protected and at the same authentication level (number on auth scheme), then they can hit the external login resource, get their OBSSO cookie, then slide right thru the basic authentication request of the current policy domain.
  Another idea would be to get a little more granular with your current policy domain. Have a file that's protected with forms auth in your policy domain that the external users authenticate to. Remember, this could be as simple as a dummy page that just does an HTTP redirect.
  Good luck.
  --Aaron                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

• Oracle Access Manager and Passing Cert Info to HTML or JSP

  Friends,
  We are trying to pass the CN information from our smartcard (CAC) that looks i.e. john.doe.123456789 as a parameters to an Oracle Forms using the staticHTML implementation utilizing the OBLIX SSO OR utilizing a JSP or HTML file to read these parameters and update OID. We can pass the UID but since we will have First-time Registration of the Smartcards, the UID doesn't count since the CN information from the Smartcard has not been populated at this point to the OID, we are trying to get the functionality going to get the user first to put in their login and password but at submit time, to update the OID with the CN information to a separate column of OID and not the UID.
  Utilizing the OAM, we have been able to proof concept the authentication using the UID by using the Policy Manager and the Access System Console --> Access System Configuration. It's works well with the plugin that comes with the OAM (SSOOblixAuth.java) and thx to Oracle Support, but we need to be able to pass other parameters that are specified as a part of the Resource - Action as headervars such as
  HeaderVar OBLIX_SN or
  hearderVar OBLIX_MAIL
  Our Oracle Access Implementation is in halt until we find a way to pass these return Attributes to our Oracle Forms. The Oracle Forms running SSO is working greatly with just the userlogin and password (UID is passed as a header) without the Oracle Access Manager (OBLIX) but now we have shifted to this product for reading and processing Smartcard information.
  Any help we can get, we very much appreciate it.
  KA

  O.K.
  I am getting closer but still not getting the ssooblixuser or ssooblixcn. I have
  the following jsp to fire after a successful authentication.
  The following code is utilized in our SSO environment for changing passwords.
  The bolded line should get the ssooblixuser but it is not..
  <%
  response.setHeader("Cache-Control", "no-cache");
  response.setHeader("Pragma", "no-cache");
  response.setHeader("Expires", "Thu, 29 Oct 1969 17:04:19 GMT");
  request.setCharacterEncoding("UTF-8");
  response.setContentType("text/html; charset=UTF-8");
  String remoteUser = null;
  String userDn = null;
  String referer = null;
  String oblixheader = null;
  remoteUser = request.getRemoteUser();
  userDn=request.getHeader("OSSO-USER-DN");
  referer=request.getHeader("referer");
  oblixuser = request.getHeader("ssooblixuser");
  %>
  <HTML>
  <HEAD>
  <SCRIPT language="JavaScript">
  function validatePasswordsMatch()
  var frm = document.forms["changePassword"];
  if(frm.newpwd.value != frm.confirm_newpwd.value)
  alert('The Password and verified password do not match!');
  return false;
  else
  document.changePassword.submit();
  return false;
  function cancelButton()
  document.close();
  </SCRIPT>
  </HEAD>
  <BODY bgcolor="#cae3ff" >
  <table width="750" height="10" border="0" cellspacing="0" cellpadding="0">
  </table>
  <TABLE ALIGN="Center">
  <TR><TD>User Name</TD><TD> <%=remoteUser%> </TD></TR>
  <TR><TD>OBLIX USER</TD><TD> <%=oblixuser%> </TD></TR>
  Edited by: user10130371 on Sep 17, 2009 8:09 AM
  Edited by: user10130371 on Sep 17, 2009 8:10 AM

• Oracle Access Manager Webgate

  Hi All,
  I have a little confutation about Oracle Access Manager webgate. Please help me to figure it out.
  There are five web server I need to protected using OAM. Three are IIS 6.0/7.0 in Wondows 2008, one is Apache v2 in RHEL 5 and one in Apache Tomcat in Cent OS 5. All OS are 64 bit platform.
  I need to know which webgate I have to download and install for IIS and Apache? Please provide me the download link.
  I have seen following documentation, but I am unable to find Oracle_Access_Manager10_1_4_3_0_Win64_ISAPI_Webgate.exe or Oracle_Access_Manager10_1_4_3_0_platform_OHS_Webgate
  http://docs.oracle.com/cd/E28271_01/doc.1111/e15478/apch2ihs.htm
  http://docs.oracle.com/cd/E21764_01/doc.1111/e15478/iis_wg.htm
  Thanks
  Tamim Khan

  Hi Chinni,
  Thanks for you help.
  I am downloading oam_int_win_v11_cd1.zip, I have few more question on webgate?
  1. How can I determine which webgate use for which web server considering the version of the server (ie: IIS6/7). I have found oam-3rd.xls file. is it the way to chose webgate for some platform.
  2. Is there any official documentation to perform this operation for third pary webgate.
  3. Please consider the following senior:
  We have one Web application that authentication of RCPS performs from Data base tables. After successfully login, user got different types of roles like Admin, Manager, Guest User, Internal User etc, Base on the that role user menu is populate. For example Admin user has 7 menus but internal user has 4 menus. That menu item load from Database tables after login in to the application.
  As because the application are not authenticating from Database after implementation of OAM, so after authenticating from OAM how the user menu is populate?
  Thanks
  Tamim Khan

• Extending Domain with Oracle Access Manager 10g

  Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management
  11g Release 1 (11.1.1)
  Part Number E12035-05
  http://download.oracle.com/docs/cd/E14571_01/core.1111/e12035/toc.htm
  Chapter 10 - Extending the Domain with Oracle Access Manager 10g
  - Section 10.4.3 Installing WebGate on OAMADMINHOST, WEBHOST1, and WEBHOST2
  Question:
  How many webgate instances should be created?
  1) Is there only on instance and the three installation share the same ID?
  2) Is there two instances? one for the web cluster, the other for the OAM Admin Console server?
  3) Is there three separate webgates and instances?
  Thanks

  It should be this way:
  Ebiz:
  1. Integrate OAM with OASSO
  2. Register OASSO and OID with Ebiz11.5.10.2
  3. Protect the resource in OAM
  4. Verify if authentication is successful for this resource.
  Obiee:
  1. Integrate OBIEE with OAM
  2. Verify if authentication is successful for this resource.
  IWA:
  1. Install IIS webser and webgate
  2. Create authentication scheme which protects / of IIS web server.
  Create a Form Authentication Scheme(this scheme should protect OBIEE and EBiz resource) which will have challenge redirect to IIS web server where IWA is configured and / is protected.
  Login Flow:
  1. User tries to access ebiz or obiee resource.
  2. Form Authentication Scheme will challenge redirect to IIS web server where IWA is configured.
  3. As IWA is configured. User will be automatically get ObSSOCookie.
  4. User gets redirected back to the requested resource.
  There is a My oracle support doc which talks in details about this setup.