OAM 11gR1 resource issue.

OAM 11.1.1.5
Webgate: Deny on Not protected is unchecked. So any resource not present in Policy should be accessible.
We have following resource protected :- /ResourceRoot/xml/.../*
OAM is also protecting resources: /ResourceRoot/xmldef/.../*
There might be some bug with regular expression used to match the resource policy, where for /ResourceRoot/xmldef/ is matched to policy /ResourceRoot/xml/ ?

Yes its a bug.

Similar Messages

OAM 11gR1 (11.1.1.3) Authorization issue

Hi,
We have OAM 11gR1 (11.1.1.3) in place.
Some of our users are being denied by our OAM Authorization rule, when they should not.
The rule is simple, a user needs to be in an OID group to get access to the protected site.
This is what I can find in the audit logs in the "Resource" column during the Authorization event:
- This value appears for the users who is successfully authorized: HTTP:IDMDomain:/polopoly
- This value appears for the users who is NOT authorized: IDMDomain:0%2Fpolopoly
I think this look like something related to the "Host Identifier" settings, but I have tried logging in with the accounts from the same computer, so the value changes based on the user I log in with.)
Any ideas why this happens?
The full audit line below:
2012-11-01 11:18:22.266 "<OID-user-id>" "CheckAuthorization" false "" "0000JevgNod1rYx_S9o2yc1GMNxa003Pa2,0" "0" - - - "oam_server" "Authoriza
tion" "15" "-" "" - "IDMDomain:0%2Fpolopoly" - - "" - "Web_Agent" - - - - "IDMDomain:0%2Fpolopoly" "" - - "IDMDomain" "55003121884236737
8" - "" - - - - - - "oam_server1" - - - - -
2012-11-01 11:21:17.430 "<OID-user-id>" "CheckAuthorization" true "" "0000Jevh2_m1rYx_S9o2yc1GMNxa003PaS,0" "0" - - - "oam_server" "Authorization" "21" "-" "" - "HTTP:IDMDomain:/polopoly" - - "Web_Agent" - "Web_Agent" - - - - "HTTP:IDMDomain:/polopoly" "UserPassAuthorizationPolicy" - - "IDMDomain" "-7259007590981892465" - "" - - - - - - "oam_server1" - - - - -
NOTE: The authentication step is working fine, for both users.
Regards,
Henrik
Edited by: user1154522 on Nov 1, 2012 4:37 AM

Nevermind - I'm an idiot.
Microsoft's guidance on reg key to disable IPv6:
Type any one of the following values in the Value data field to configure the IPv6 protocol to the desired state, and then click OK:
Type 0 to enable all IPv6 components. (Windows default setting)
Type 0xffffffff to disable all IPv6 components except the IPv6 loopback interface. This value also configures Windows to prefer using IPv4 over IPv6 by changing entries in the prefix policy table. For more information, seeSource and Destination Address Selection.
Type 0x20 to prefer IPv4 over IPv6 by changing entries in the prefix policy table.
Type 0x10 to disable IPv6 on all nontunnel interfaces (both LAN and Point-to-Point Protocol [PPP] interfaces).
Type 0x01 to disable IPv6 on all tunnel interfaces. These include Intra-Site Automatic Tunnel Addressing Protocol (ISATAP), 6to4, and Teredo.
Type 0x11 to disable all IPv6 interfaces except for the IPv6 loopback interface.

OBIEE 11.1.1.5 SSO integration with OAM 11gR1 (11.1.1.5)

Hi,
I am integrating OBIEE 11.1.1.5 with OAM 11gR1 (11.1.1.5).
I have configured as per section 12.3 of following link:
http://docs.oracle.com/cd/E22203_01/doc.31/e20664/chapter_12.htm#CHDFAFHH
After making all these configurtions, when i access:
http://<OHS server>:<OHS port>/analytics
User is getting prompted for auth from OAM. After successful auth, request gets redirected to WebLogic server hosting the OBIEE app. I have verified in OBI logs that the header value OAM_REMOTE_USER gets passed to OBI.
But even with all this, after successful OAM authentication, user is getting prompted with OBI login page.
Pls help.
Thanks

Hi Abhinay,
I have already make the following configurations as per the documentation:
To enable SSO:
1.Log in to OBIEE at
http://[OBIEE server:port]/em.
2.Click Farm_<OBIEEDomain>_domain > Business Intelligence > Coreapplication.
3.Click the Security tab.
4.Select Enable SSO.
5.Select SSO Provider: Oracle Access Manager.
6.Click Apply and Activate Changes.
Do we need to make some other configurations also at OBIEE EM ?
Thanks

BW system ran out of "session" = transaction SMGW; how to track down "resource" issues?

Hi SAP Experts,
we had on our SAP BW system the following situation:
We are having a week daily process chains, that is uploading data from our ECC system.
Once in a month, we are uploading from our APO/SCM system data from our BW system.
Parallel we are having also SAP PreCalculation Server (with three PreCalc instances) instances running. The PreCalc Server is running daily.
The landscape in short: (DB server = AIX/Oracle, App-Server = Linux, SAP System=7.01; PreCalc Server = Win2008/64)
This week when all was running at the same time, we faced problems, that log-on to SAP System via ABAP took a long time, same BEx Reports (some failed with Run Time errors).
From the landscape infrastructure we couldn’t detect any resource issues (we are having two application servers connected to the BW landscape).
What we saw from the system transactions (SM66, SM51, SM21, ST02, ST04, ST06N) the issue did not seem to be resource based, by network, database, amount of work processes etc.
But we noticed in transaction SMGW, that it seemed not possible for external programs, like a BEx reports or the PreCalc Server to connect with new session to the BW ABAP landscape.
The trace showed in SMGW:
* LOCATION    SAP-Gateway on host server / sapgw##
* ERROR       Conversation 01792797 not found
* TIME        Tue Jul 22 14:13:03 2014
* RELEASE     720
* COMPONENT   SAP-Gateway
* VERSION     2
* RC          728
* MODULE      gwxxconn.c
* LINE        971
* COUNTER     75240
In system log, database alert log, we could not find any dead locks reported or anything reported, that explained why, via the SMGW is was not possible to connect with new sessions.
We restarted the PreCalc Server and after clarifying with application team of APO/SCM we stop the process chain and than the system was back to “normal” operation.
Now the question is, if you faced similar issues and what the solution, or how you where able to track down the issue?
Thanks for your ideas.
Best regards
Carlos Behlau

Hi Alwina,
thank you for your help.
What I was able to is in SMGW, because the system was very slow, that some connection where "red".
I forgot to capture screenshots and now I am not able to recall the the status text.
It is there a way to find out, if we reach the "max" connection numbers, like parameter gw/max_conn 500, via ST03N or via SMGW or via some logs?
I checked the SMGW trace, but I am not able to identify via the trace in SMGW, if the failures happened now, because max. values of parameters have been reached or what the cause was/is.
What I meant:
All external programs, like SAP BW BEx Analyzer (Excel Reporting tool for BW) are connecting via RFC calls. Also SAP Pre-Calculation Server is using RFC calls to generate the reports and send them via E-mail.
Usually, I can see these connections in SMGW (goto => logon clients).
There I didn't noticed that we reach 500, when we had the problem.
Best regards
Carlos

OAM 11gR1: WNA Fallback does not works

Hi all
I have configured Kerberos authentication in OAM 11.1.1.5 BP04 and it works fine. The basic authentication also works fine in my environment.
But when I try to access the OAM protected resource from a browser which is not configured for WNA, I get a basic prompt for credentials and upon providing valid/invalid credentials, I am redirected to an OAM error page with the following message:
Error: The user account is locked or disabled. Please contact the System Administrator.
I am not able to figure out what can the problem be. Any clue will be appreciated. Thanks !!!

WOW, that solves the problem. Still not clear why selectBooleanCheckbox needed PPR, but the other inputText components that are part of the same record in the form do not need PPR.
Thanks, a lot.

OAM WebLogic integration issue

Hi
I have integrated portal application hosted on WebLogic with OAM using SSPI.
The integration is successful and the application is working fine but we see following Error message in the weblogic logs whenever user hits the Portal home page.
<Dec 2, 2008 1:39:20 AM PST> <Error> <NetPointSecurityProviders> <700012> <Access system authorization failed for resource. Type [wl_authen], Name [Authen/Basic], Operation [LOGIN]. Reason - User's authentication level is insufficient for a requested resource.>
We see this message only when user is not authenticated before and hits Portal home page which also has Login portlet. Once user is authenticated and access any resource on the portal application, we do not see such error messages.
Has anyone faced this issue before? And what could be wrong with the integration?
Thanks
Kiran Thakkar

Hi kiran,
U hve said tht u r successfull in integrating weblogic application server with OAM using SSPI
The same oly v are also trying to do but we are facing some issues:
I'm using BEA weblogic8.1sp3,OAM10.1.4.0.1 and SSPI10.1.4.0.1
During instillation of SSPI i have selected the advanced instillation so the policies are automatically getting deployed in my OAM but after tht my weblogic is not able to start.
In the log file it is showing the following errors:
####<Jan 28, 2009 12:37:02 PM IST> <Debug> <NetPointSecurityProviders> <wipro-67b4e0638> <myserver> <main> <<WLS Kernel>> <000000> <ObUserSession ctor from username, password failed
com.oblix.access.ObAccessException: Unprotected resource LOGIN wl_authen:/Authen/Basic used in an ObAuthenticationScheme or ObUserSession constructor.
at com.oblix.access.ObUserSession.initCppSideAuthenticate(Native Method)
at com.oblix.access.ObUserSession.<init>(ObUserSession.java:243)
at com.oblix.weblogic.internal.OblixDatabase.login(OblixDatabase.java:192)
at com.oblix.weblogic.security.providers.authentication.OblixLoginModuleImpl.login(OblixLoginModuleImpl.java:193)
at weblogic.security.service.DelegateLoginModuleImpl.login(DelegateLoginModuleImpl.java:71)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at weblogic.security.service.PrincipalAuthenticator.authInternal(PrincipalAuthenticator.java:326)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:279)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.doBootAuthorization(SecurityServiceManagerDelegateImpl.java:786)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:886)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:717)
at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:822)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:670)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:344)
at weblogic.Server.main(Server.java:32)
####<Jan 28, 2009 12:37:02 PM IST> <Debug> <NetPointSecurityProviders> <wipro-67b4e0638> <myserver> <main> <<WLS Kernel>> <000000> <Entering OblixLoginModuleImpl.abort>
####<Jan 28, 2009 12:37:02 PM IST> <Critical> <Security> <wipro-67b4e0638> <myserver> <main> <<WLS Kernel>> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
Can you please help me to solve this problem.
Thanks in advance.

OIF+OAM: install/config issues

This post is long. Hoping that at least one of the issues is seen by someone or someone has insights before we open SR(s) with Oracle.
We have a working OAM/OVD 11.1.1.5 installation (done according to the EDG at http://docs.oracle.com/cd/E21764_01/core.1111/e12035/toc.htm).
We started an evaluation of OIF and ran into some issues grouped under Install and Config categories.
h2. Install issues:
We installed it per chapter 16 of that EDG and and all the steps went OK except step 16.7 (http://docs.oracle.com/cd/E21764_01/core.1111/e12035/oif.htm#BAJCJHBG).The config properties userldaphaenabled, fedldaphaenabled are getting set via WLST but don't appear to be persisted anywhere. On a restart they are false again. Are they supposed to be saved to config.xml of the IDMDomain? Can I try adding them manually like this as child elements under each of the wls_oif managed servers?
<datastore>
<userldaphaenabled>true</userldaphaenabled>
<fedldaphaenabled>true</fedldaphaenabled>
</datastore>
If those settings were properly set what is it supposed to do? I can see that config.xml, cots.xml files are stored as blobs in one of the OIF db tables. Will the above setting move them from DB to LDAP?
h2. Config/Runtime Issues:
We proceeded with configuration because the /sp/metadata and /idp/metadata test URLs are working fine via the VIP address. we used this manual to do the integration.
http://docs.oracle.com/cd/E21764_01/doc.1111/e15740/oif.htm#CACJDDGE. In section 4.3.1.6 (Configure Oracle Identity Federation in SP Mode) of this document it says to configure Oracle SSO. We only have OAM and not osso. We went ahead and configured the second tab (OAM) in the screen capture in that section as well (is there any documentation on how to configure that tab?)
In SP mode (section 4.3) , testing of a resource protected with OIFScheme in OAM is not successful. It does not show any OIF login screen. Instead it takes the user to through these URLs:
     1.     https://sso.company.com/test-app/
     2.     https://sso.company.com/fed/user/sposso
     3.     https://sso.company.com/fed/user/authnoam?refid=id-tB20kXzmHjpn6MUSdOr7qbmd2OU-
     4.     https://sso.company.com/fed/sp/art20?SAMLart=AAQAAbV1ElKBtte9uuhKoeo4h%2FMufCdY2wDlDIM2T9dL%2BvhsvtfUrwCuZg8%3D&RelayState=id-JPh8MY05pAZRckl4yOc2J4-80GI-
and then shows this error in the browser:
Error 401--Unauthorized
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.2 401 Unauthorized
The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.
The following errors are seen in the WLS_OIF1 (we turned off WLS_OIF2 during this test) managed server logs:
<Mar 10, 2012 10:58:37 AM PST> <Error> <oracle.security.fed.eventhandler.authn.engines.oam.OAMAuthnEventHandler> <FED-18068> <Authentication failed: WebGate did not authenticate the user>
<Mar 10, 2012 10:58:37 AM PST> <Emergency> <oracle.security.fed.model.config.Configuration> <FED-10174> <Property was not found: httpheaderattrcollector.>
<Mar 10, 2012 10:59:27 AM PST> <Warning> <oracle.security.fed.http.handlers.authn.LoginRequestHandler> <FED-18051> <Authentication instant was not sent from the authentication engine.>
<Mar 10, 2012 10:59:37 AM PST> <Error> <oracle.security.fed.util.ssl.KeystoreUtil> <FED-18080> <Could not retrieve key from the key store. Please verify that the key password is equal to the key store
< this error is followed by an exception shown below>
<Mar 10, 2012 10:59:39 AM PST> <Error> <oracle.security.fed.eventhandler.authn.engines.osso.OssoFinishSPSSOEventHandler> <FED-15134> <The service providercould not map the identity provider response to a user>
FED-18080 exception:
java.security.UnrecoverableKeyException: Cannot recover key
     at sun.security.provider.KeyProtector.recover(KeyProtector.java:311)
     at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:121)
     at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:38)
     at java.security.KeyStore.getKey(KeyStore.java:763)
     at com.sun.net.ssl.internal.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:113)
     at com.sun.net.ssl.internal.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:48)
     at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:239)
     at oracle.security.fed.util.ssl.KeystoreUtil.createKeyManagers(Unknown Source)
     at oracle.security.fed.util.soap.OIFSSLProtocolSocketFactory.createSSLContext(Unknown Source)
     at oracle.security.fed.util.soap.OIFSSLProtocolSocketFactory.getSSLContext(Unknown Source)
     at oracle.security.fed.util.soap.OIFSSLProtocolSocketFactory.createSocket(Unknown Source)
     at oracle.security.fed.util.soap.OIFSSLProtocolSocketFactory.createSocket(Unknown Source)
     at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
     at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
     at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
     at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
     at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
     at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
     at oracle.security.fed.util.soap.SimpleSoapSender.sendMessage(Unknown Source)
     at oracle.security.fed.http.flow.profiles.sp.SendSoapRequestSSOResponseHandler.perform(Unknown Source)
     at oracle.security.fed.controller.ApplicationController.processServletRequest(Unknown Source)
     at oracle.security.fed.controller.web.servlet.FederationServlet.doGet(Unknown Source)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
     at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
     at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
     at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
     at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
     at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
     at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
     at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
     at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
     at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
     at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
A minor other problem seems to be with adcri:
Cause: DFW-40112: There was an error executing adrci commands; the following errors have been found "Cannot run program "/app/iam/middleware/wlserver_10.3/server/adr/adrci": java.io.IOException: error=12, Cannot allocate memory"
Action: Ensure that command line tool "adrci" can be executed from the command line.
We can run the adcri tool from command line using the same LD_LIBRARY_PATH as used by the wls_oif1 server. Why is it trying to run it and failing and what is it trying to do? Can we turn it off?

I reinstalled the suite. This time, during the Policy Manager install I left the "Root Directory for Policy Domains" (step/page 7-12) at the default, which was "/". The GUI now works correctly.
On the previous install I changed the path to /AccessManagerPolicy -- it wasn't clear to me what the installer meant by 'root directory'. I did try to get /AccessManagerPolicy to work by creating a directory under my web root to match, but I still had issues with the Policy Domain -- the no policy domains would match. So, it looks like this parameter should never be changed in the installer.
Aaron.

UCCX 7.0(1) RmCm resource issue

I have an issue with our UCCX 7.0(1):
In RmCm -> Resource configuration
Just for one particular resource - the resource group changes from "Service Desk" to "Not selected" overnight and team changes from "Service Desk" to "Default". The next morning the agent is not able to login and we have to manually change both Resource group and team to "Service Desk" for the agent to be able to login. There are no issues once we manully reassign the resource to the correct resource group and team but overnight the resource group and team again changes to "Not selected" and "Default". I wonder what happens overnight that might cause this?
Note: I have attached a screenshot. And this only happens for 1 resource not anybody else.
Please help.

Hi Andrew,
Thanks for the reply. No, I don't know the exact time that this happens but it does happen everyday.I think you are wondering about the LDAP sync in CUCM and yes we do have an LDAP sync at 1:00 am everyday. This might have something to do with the issue but I don't know what. And no, nobody changes anything in the system - there are only 2 people (myself and another) with access to UCCX admin and we didn't do anything. And this happens only for this one user.

IEEE 1394 insufficient resources issue

We currently have a CVS-1454 with two cameras performing inspections. Due to circumstances with the inspection and machine, we are trying to move the inspections to the computer that is currently communicating with the CVS. We are getting the error "The selected IEEE 1394 camera could not be initialized because of insufficient resources on the IEEE-1394 bus". This error is only happening in Vision Builder. It is not happening in MAX.
The system specifics are: the PC is running XP SP3 with a PCI-8252 card. There are two Basler scA1390-17fm cameras performing the inspection. The cameras are using Format 7, Mode 0, 1392x1040. The PCI card is new out of the box, the cameras are a couple of years old. VBAI version 3.5, LabView 8.6, MAX is version 4.6.2.
I found the various articles on NI.com addressing this issue, but the recommendations have not had an effect.
Framerate & Packet size: In MAX the frame rate can only be set to 100Mbs. Reducing the packet size has no effect. It was set at the default to 1024, but we lowered it to 200 with no effect.
We installed the AVT Bus Driver Package, but when we switched to the AVT bus driver, the bus went away in MAX and then Windows went through the found new hardware wizard and we were unable to get the cameras to show up correctly in Windows Device Manager, nor did they ever show up in MAX. All the documentation I've seen looks like we should not need to install additional drivers for the Basler cameras.
The machine does not appear to have Hotfix 885222 installed, but I was contemplating trying to run this update anyway: http://support.microsoft.com/kb/955408
Alternate video modes: We tried to set the cameras to any other video mode. We can put one camera at some insanely small resolution, but then the other camera still doesn't work regardless of the video mode.
I hope I've put all the details out there. Any thoughts? Should we need to install anything else after switching to the AVT bus driver? I was hopeful that would solve the problem.
Thanks,
Paul
Solved!
Go to Solution.

I concur with Brad that your issue is surely the famous Microsoft issue whereby XP SP2 and SP3 downgraded potential throughput to S100, requiring either rollback to the SP1 1394 driver from Microsoft, or upgrade to Win7 where they finally fixed the problem.
Or using a substitute Microsoft compatible replacement 1394 driver, such as that offered by AVT.
But I'd respectfully differ with Brad that re. whether the AVT driver "worked right" or not... as it was only designed to work with AVT cameras - and will not work with Basler cameras. That was an intentional design feature. Or constraint, depending on one's perspective. ;-)
Scott

OAM configureSecurityStore.py issue

Has anyone faced this issue??
even though i am entering correct database password for opss but still I am facing this issue?
CLASSPATH=/app01/oracle/Middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/app01/jdk1.6.0_38/lib/tools.jar:/app01/oracle/Middleware/wlserver_10.3/server/lib/weblogic_sp.jar:/app01/oracle/Middleware/wlserver_10.3/server/lib/weblogic.jar:/app01/oracle/Middleware/modules/features/weblogic.server.modules_10.3.6.0.jar:/app01/oracle/Middleware/wlserver_10.3/server/lib/webservices.jar:/app01/oracle/Middleware/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/app01/oracle/Middleware/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/app01/oracle/Middleware/oracle_common/modules/oracle.jrf_11.1.1/jrf-wlstman.jar:/app01/oracle/Middleware/oracle_common/common/wlst/lib/adfscripting.jar:/app01/oracle/Middleware/oracle_common/common/wlst/lib/adf-share-mbeans-wlst.jar:/app01/oracle/Middleware/oracle_common/common/wlst/lib/mdswlst.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/auditwlst.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/igfwlsthelp.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/jps-wlst.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/jrf-wlst.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/oamap_help.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/oamAuthnProvider.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/ossoiap_help.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/ossoiap.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/ovdwlsthelp.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/sslconfigwlst.jar:/app01/oracle/Middleware/oracle_common/common/wlst/resources/wsm-wlst.jar:/app01/oracle/Middleware/utils/config/10.3/config-launch.jar::/app01/oracle/Middleware/wlserver_10.3/common/derby/lib/derbynet.jar:/app01/oracle/Middleware/wlserver_10.3/common/derby/lib/derbyclient.jar:/app01/oracle/Middleware/wlserver_10.3/common/derby/lib/derbytools.jar::
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Info: Data source is: opss-DBDS
Info: DB JDBC driver: oracle.jdbc.OracleDriver
Info: DB JDBC URL: jdbc:oracle:thin:@(DESCRIPTION=(ENABLE=BROKEN)(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=qa2-scan.tst2.test.edu)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=test)))
INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used.
INFO: Found persistence provider "org.eclipse.persistence.jpa.PersistenceProvider". OpenJPA will not be used.
[EL Severe]: 2013-09-10 04:18:46.822--ServerSession(814358328)--Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
Error Code: 1017
[oracle.security.jps.internal.config.db.DbCredStoreServiceConfigurator] checkServiceSetup - failed: javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
Error Code: 1017
Exception in thread "main" java.lang.RuntimeException: javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
Error Code: 1017
oracle.security.jps.service.policystore.PolicyStoreException: javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
Error Code: 1017
        at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.processJPAException(JpsDBDataManager.java:1671)
        at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.init(JpsDBDataManager.java:781)
        at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.beginTransaction(JpsDBDataManager.java:1139)
        at oracle.security.jps.internal.common.rdbms.util.JpsDbBootstrapImpl.<init>(JpsDbBootstrapImpl.java:154)
        at oracle.security.jps.internal.config.db.DbServiceConfiguratorDelegate.getJpsLdapBootstrap(DbServiceConfiguratorDelegate.java:87)
        at oracle.security.jps.internal.config.ldap.AbstractServiceConfigurator.checkServiceSetup(AbstractServiceConfigurator.java:122)
        at oracle.security.jps.internal.config.ldap.AbstractPersistServiceConfigurator.checkServiceSetup(AbstractPersistServiceConfigurator.java:88)
        at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.runConfiguration(LdapServiceEnabler.java:378)
        at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.configureCredentialStoreService(LdapServiceEnabler.java:221)
        at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.configureSecurityServices(LdapServiceEnabler.java:160)
        at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.main(LdapServiceEnabler.java:119)
Caused by: javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
Error Code: 1017
        at org.eclipse.persistence.internal.jpa.EntityManagerSetupImpl.deploy(EntityManagerSetupImpl.java:517)
        at org.eclipse.persistence.internal.jpa.EntityManagerFactoryDelegate.getDatabaseSession(EntityManagerFactoryDelegate.java:188)
        at org.eclipse.persistence.internal.jpa.EntityManagerFactoryDelegate.createEntityManagerImpl(EntityManagerFactoryDelegate.java:277)
        at org.eclipse.persistence.internal.jpa.EntityManagerFactoryImpl.createEntityManagerImpl(EntityManagerFactoryImpl.java:294)
        at org.eclipse.persistence.internal.jpa.EntityManagerFactoryImpl.createEntityManager(EntityManagerFactoryImpl.java:272)
        at oracle.security.jps.internal.policystore.rdbms.JpsDBDataManager.init(JpsDBDataManager.java:750)
        ... 9 more
Caused by: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.3.1.v20111018-r10243): org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
Error Code: 1017
        at org.eclipse.persistence.exceptions.DatabaseException.sqlException(DatabaseException.java:324)
        at org.eclipse.persistence.exceptions.DatabaseException.sqlException(DatabaseException.java:319)
        at org.eclipse.persistence.sessions.DefaultConnector.connect(DefaultConnector.java:138)
        at org.eclipse.persistence.sessions.DatasourceLogin.connectToDatasource(DatasourceLogin.java:162)
        at org.eclipse.persistence.internal.sessions.DatabaseSessionImpl.loginAndDetectDatasource(DatabaseSessionImpl.java:584)
        at org.eclipse.persistence.internal.jpa.EntityManagerFactoryProvider.login(EntityManagerFactoryProvider.java:206)
        at org.eclipse.persistence.internal.jpa.EntityManagerSetupImpl.deploy(EntityManagerSetupImpl.java:488)
        ... 14 more
Caused by: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
        at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:445)
        at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:389)
        at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:382)
        at oracle.jdbc.driver.T4CTTIfun.processError(T4CTTIfun.java:600)
        at oracle.jdbc.driver.T4CTTIoauthenticate.processError(T4CTTIoauthenticate.java:445)
        at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:450)
        at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:192)
        at oracle.jdbc.driver.T4CTTIoauthenticate.doOAUTH(T4CTTIoauthenticate.java:380)
        at oracle.jdbc.driver.T4CTTIoauthenticate.doOAUTH(T4CTTIoauthenticate.java:760)
        at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:401)
        at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:546)
        at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:236)
        at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
        at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521)
        at java.sql.DriverManager.getConnection(DriverManager.java:582)
        at java.sql.DriverManager.getConnection(DriverManager.java:154)
        at org.eclipse.persistence.sessions.DefaultConnector.connect(DefaultConnector.java:98)
        ... 18 more
        at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.throwExceptionWithStackTrace(LdapServiceEnabler.java:135)
        at oracle.security.jps.internal.tools.configuration.ldap.LdapServiceEnabler.main(LdapServiceEnabler.java:127)
Error: Failed to initialize security store.
Error: Create operation has failed.

Hi ,
Can you try to connect OPSS Schema from the sqldeveloper . Before running the security store ,set the Environment variables and do not start the Admin or Managed Server .
Thanks.
Ari

OAM ps1 upgrade issue

Has anyone faced this issue??I am doing upgrade from OAM 11g r2 to OAM 11g r2 PS1
copyMbeanXmlFiles('/app01/oracle/Middleware/user_projects/domains/IAM','/app01/oracle/Middleware/IAM_IDM') wls:/DIAM/serverConfig>
java.io.FileNotFoundException: /app01/oracle/Middleware/user_projects/domains/IAM/output/upgrade/ovd-default-mbeans.xml (No such file or directory)
        at java.io.FileOutputStream.open(Native Method)
        at java.io.FileOutputStream.<init>(FileOutputStream.java:194)
        at java.io.FileOutputStream.<init>(FileOutputStream.java:145)
        at oracle.security.am.upgrade.plugin.util.UpgradeCommonUtil.copyFilesFromSrc(Unknown Source)
        at oracle.security.am.wlst.util.WLSTServerUtil.copyMbeanXmlFiles(WLSTServerUtil.java:1214)
        at oracle.security.am.wlst.util.WLSTServerUtil.executeCommand(WLSTServerUtil.java:208)
        at oracle.security.am.wlst.WLSTWrapper.executeCommand(WLSTWrapper.java:151)
        at oracle.security.am.wlst.WLSTWrapper.execute(WLSTWrapper.java:106)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.python.core.PyReflectedFunction.__call__(Unknown Source)
        at org.python.core.PyReflectedFunction.__call__(Unknown Source)
        at org.python.core.PyObject.__call__(Unknown Source)
        at org.python.core.PyObject.invoke(Unknown Source)
        at OamInternal_handler$py.copyMbeanXmlFilesImpl$70(/app01/oracle/Middleware/IAM_IDM/common/script_handlers/OamInternal_handler.py:1179)
        at OamInternal_handler$py.call_function(/app01/oracle/Middleware/IAM_IDM/common/script_handlers/OamInternal_handler.py)
        at org.python.core.PyTableCode.call(Unknown Source)
        at org.python.core.PyTableCode.call(Unknown Source)
        at org.python.core.PyFunction.__call__(Unknown Source)
        at org.python.core.PyObject.invoke(Unknown Source)
        at Oam_common$py.copyMbeanXmlFiles$66(/app01/oracle/Middleware/IAM_IDM/common/script_handlers/Oam_common.py:808)
        at Oam_common$py.call_function(/app01/oracle/Middleware/IAM_IDM/common/script_handlers/Oam_common.py)
        at org.python.core.PyTableCode.call(Unknown Source)
        at org.python.core.PyTableCode.call(Unknown Source)
        at org.python.core.PyFunction.__call__(Unknown Source)
        at org.python.core.PyObject.__call__(Unknown Source)
        at org.python.core.PyObject.invoke(Unknown Source)

Hi,
I don't think I've seen that before. Have you performed the post patching step mentioned here: Applying the Latest Oracle Fusion Middleware Patch Set - 11g Release 2 (11.1.2.1)
In addition to copying the files, it will also save the original ones in the .../output/upgrade directory (See Note 1563490.1), and it looks like a subsequent step is expecting at least one of them to be there.
Regards,
Colin

OAM Second Site Issue

I'm running into an issue with OAM forcing users to re-authenticate to the application they are logged into when I access a second site protected by OAM.
I'm using the same forms authentication scheme setup for both sites. I access site 1 first and log in. Then site 1 has a link that pops up a new window that takes the user to the second site. The user gets logged in automatically to the second site without any issues. But when I try to do anything in site 1, it forces me to re-authenticate.
I've read on metalink that if the shared secret is corrupted that this could occur, but I regenerated the shared secret and restarted all the OAM components but still run into this issue.
Both sites are in the same domain. Is there something I need to do with the policy of the authentication level?

Thanks for the response. Both sites are using the same webgate, and timeout is set pretty high since this is dev. The authentication level is the same as is the directory store.
I'm using the same form login auth scheme for both sites. I'm going to try creating two different form logins and adding the redirect to see if that will help.

OAM failover installation issues

Hi,
Our requirement is to install OAM with failover configuration. For that we have setup the Virtual Server Name for Oracle Internet Directory (to store the policy and config data) as oid.mydomain.com. I was able to connect to oid.mydomain.com using a ldap browser. Was successful in installing Identity Server, Web Pass and Policy Manager. But when i was trying to install the Access Manager, it was unable to create a windows service to start/stop/restart the service. Also, when i try to uninstall the access server and delete the Access Server Configuration from the Access system console it shows the following error:
Error
The following messages were produced by the product. Please contact your webmaster to fix the problem.
Searching the directory server failed - DSA is unwilling to perform in LoadDBEntrySetSorted()
Any idea on this error.
Thanks in advance.

Here are the steps I followed. I have one instance of OHS and installed everything except the WebGate on it. I took another box and installed WebGate on it and created a policy. You can even install WebGate on the same machine where you installed all the components and try to protect /access and /identity resources.
Step 1: Install Oracle HTTP Server
Step 2: Install Identity Server
Step 3: Install WebPass
Step 4: Setting Up Identity System Console
Step 5: Installing Policy Manager
Step 6: Configuring Access System Console
Step 7: Setting Up Access Server
Step 8: Installing Access Server
Step 9A: Configuring WebGate
Step 9B: Installing WebGate
Step 10-1: Creating Host Identifier
Step 10-2: Creating Authentication Scheme
Step 10-3: Creating a Policy Domain
Step 10-4: Creating Resources For Policy Domain
Step 10-5: Creating Authorization Rule
Step 10-6: Creating Default Rules
Step 10-7: Creating Policies
Step 10-8 Testing the Policies

Edge OAM audio playback issues with Adobe DPS

Hi,
Previous to the CC 2014.1 update, Edge OAM animations placed into my Adobe DPS folios worked and interacted fine. E.g. I had animation build and then on 'tap' elements would animate and playback audio to reflect the movement. Since updating to the 2014.1 version, any newly created OAM files placed into Adobe DPS, the audio does not work.
Please can you advise on this issue. If there is no fix, can I get access to the previous version of Edge as it is vital I regain this function.
Many thanks
Lewis

Hi,
Thank you for the post.
Can you please share your composition in which you are getting this issue. We will investigate this issue.
In the mean time, you can install the previous version of Edge animate using below link.
HTML animation | Download free Adobe Edge Animate CC trial
Regards,
Devendra

ClickOnce and a System.Windows.Interacticity.resources issue

Hi,
I'm publishing my wpf app with clickOnce. I have put all the stuff like dlls, reference, prerequisites and so on.
But, when I try to install it to a virgin virtual machine, it says me that I need the System.Windows.Interacticity.resources version 4.0.0.0.
I use the System.Windows.Interacticity.dll in my project, but I've never used the .resources. If I try to use the System.Windows.Interacticity.dll version 4.5 instead of 4.0... nothing changes!!
How can I include System.Windows.Interacticity.resources with clickOnce or exclude it?
I have System.Windows.Interacticity.resources in my bin/debug folders, but if I try to include it, it gives me a nullPointerException error.
I have tried a lot of other forums/discussions/tickets, but still nothing worked for me.
NOTES: updating my project with dlls and prerequisites, the System.Windows.Interacticity.resources began necessary. Before, it wasn't in this way.
Can I ignore it? or, how can I include it?
I saw it in the /bin folder, inside the folders with the language name (en, de, fr, it..). But if I try to refer to one of these System.Windows.Interacticity.resources,
it gives me nullPointerException.
This error is stopping my installer, so it is a big problem.
Thanks in advance,
Piero

Hello,
>>But, when I try to install it to a virgin virtual machine, it says me that I need the System.Windows.Interacticity.resources version 4.0.0.0.
1. To clarify this issue, you could share us the screenshot about that message.
>>I use the System.Windows.Interacticity.dll in my project, but I've never
used the .resources. If I try to use the System.Windows.Interacticity.dll version 4.5 instead of 4.0... nothing changes!!
>>How can I include System.Windows.Interacticity.resources with clickOnce or exclude it?
2. What did you mean by "use"? Calling method? Or did you added any reference to it?
Regards,
Carl
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

OAM 11gR1 resource issue.

Similar Messages

Maybe you are looking for