Oracle Access Manager, ADAM & UCM integration? Help please..

Similar Messages

• Oracle Access Manager, ADAM & Oracle ECM - UCM integration?

  I`m currently investigating the potential of using Oracle Access Manager (OAM) as a tool that allows connections to multiple Active Directory(AD) or ADAM servers providing a single point to author and manage users with a good easy to use GUI.
  The UCM will connect directly to OAM and authenticate users connecting from AD accounts..
  At the moment we use Quest software to manage users, but the cost for setting up users is £15/user where as OAM is only £3. I believe..
  Right the questions I have :)
  1. Has any one set this type of environment up?
  2. ls OAM stand alone or will I need additional software to set it up?
  Reading the installation guide it says I need the following:
  # Oracle Internet Directory 10g (10.1.4.0.1)
  # Microsoft Active Directory
  # Oracle Virtual Directory Server 10.1.4.0.1
  # Oracle Virtual Directory Manager 10.1.4.0.1
  # Oracle Virtual Directory Patch 10.1.4.0.1 (P5667977)
  # Stand-alone Oracle HTTP Server 2.x (This needs to be preinstalled in your environment. You can download the OHS 2.x standalone from the Oracle SOA Suite 10g Companion (10.1.3.1.0) release from here.)
  3. Can I use IIS instead of Oracle HTTP Server?
  4. Can I install OAM on 1 server or do I need multiple servers, I`v been looking at the diagrams and reading through the guides I`m getting a little confused with Identity and Access server?

  The OAM identity system (identity server and WebPass) sound like a good fit for what you want to do. One constraint is that if you want to create/manage users in different directory instances via a single OAM identity system installation, you would also need OVD.
  And yes you definitely can have IIS host the WebPass - OHS, OID etc are not required.
  -Vinod

• Configure Oracle Access Manager - from weblogic OIF instance page bombs out

  I am trying to integrate OIF with Oracle Access Manager as SP integration module. But, when clicked on "Configure Oracle Access Manager" it throws the following error:
  Oracle Access Manager cannot be configured properly. Make sure the Oracle Access Manager SDK Server has been configured properly and the required environment variables have been set. Details can be found on Online Help and Administrative Guide.
  I have updated the environment variables and classpath, also confirmed the Access Server SDK to work properly by testing java JAccessGate.
  any help is greatly appreciated.
  The diagnostic logs show these errors:
  ========================
  Login of admin identity cn=usca_iam_admin failed. Please check to make sure the admin user ID is valid.
  at com.oblix.accessmgr.ObAccessManager.sendRequest(ObAccessManager.java:163)
  at com.oblix.accessmgr.ObAccessManager.setAdmin(ObAccessManager.java:195)
  at oracle.security.fed.admin.config.mbeans.OAMConfigUtils.configureOAM(Unknown Source)
  at oracle.security.fed.admin.config.mbeans.AdminUtilMXBeanImpl.configureOAM(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.doInvoke(OracleStandardEmitterMBean.java:889)
  at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalInvoke(ContextClassLoaderMBeanInterceptor.java:94)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.generic.spi.interceptors.MBeanRestartInterceptor.internalInvoke(MBeanRestartInterceptor.java:116)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.internalInvoke(AbstractMBeanSecurityInterceptor.java:174)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.invoke(OracleStandardEmitterMBean.java:803)
  at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
  at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
  at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:268)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
  at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1426)
  at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
  at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1264)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1366)
  at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
  at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
  at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
  at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
  at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  My Oracle Access Manager is 10.1.4.3 and OIF is 11.1.1.3
  thanks

  Hello,
  I'm having the same problem. Did anybody find a solution to fix it?
  Any help is appreciated.
  Regards,
  Ignacio.

• Integrating Oracle EBS R12 with Oracle Access Manager 11g

  Hi Everyone ,
  Oracle Access Manager version 11.1.1.5
  Oracle Identity Management 11.1.1.6.0
  Oracle Access Manager WebGate 11.1.1.5
  Oracle E-Business Suite AccessGate patch p12796012
  Apps Version : 12.1.1
  DB Version 11.2.0.3
  PLatform : OEL 5.8
  We are trying to Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11g using Oracle E-Business Suite AccessGate.We followed metalink id's
  1309013.1 and 1543803.1 and some other documents.We have performed every step as documented , and everything seems to work fine untill user tries to log out from Oracle Applications i.e User
  is able to login to Oracle Applications through access gate and everything is working fine. But as user click logout button an error messsage is diplayed like "*500*
  *Internal Server Error Servlet error: An exception occured* " (The url at the time of this message is http://hostname:port/OA_HTML/AppsLogout ).
  Apps Tier (oacore) Application log:-
  +13/05/15 19:04:20.229 html: Servlet error+
  java.lang.NoSuchMethodError: oracle.apps.fnd.sso.SSOManager.getAuthAgentLogoutUrl(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;
  at oracle.apps.fnd.sso.AppsLogoutRedirect.doGet(AppsLogoutRedirect.java:193)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)+
  at oracle.apps.jtf.base.session.ReleaseResFilter.doFilter(ReleaseResFilter.java:26)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)+
  at oracle.apps.fnd.security.AppsServletFilter.doFilter(AppsServletFilter.java:318)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)+
  Apps Tier Apache Error log :-
  +[Wed May 15 18:50:52 2013] [error] [client 192.168.0.2] [ecid: 1368624052:192.168.0.61:10798:0:44,0] File does not exist: /u01/eBiZR12/apps/apps_st/comn/java/classes//+
  WE have set all required profile in Oracle Application as directed in documents , and users are able to login just fine , but they are not able to logout.
  IS there something that we are missing , any help is highly appreciated.
  Regards
  Edited by: TheKop88 on May 16, 2013 11:39 AM

  Hi there ,
  Thanks for reply ,
  We had already gone through that document earlier. We noticed that when Apllication Profile "*Apllications SSO Type* " is set to SSWA then OA_HTML/AppsLogout is
  working fine , but when we set "*Applications SSO Type*" to SSWA w/SSO then OA_HTML/AppsLogout is not working(not redirecting) .Error thrown on web browser is "+500 Internal Server Error Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response+" . we believe that we might have missed some Profile settings that is causing this error.
  Regards
  Edited by: TheKop88 on May 16, 2013 12:03 PM
  Edited by: TheKop88 on May 16, 2013 12:07 PM

• LifeRay Poratl & Oracle Access Manager Integration

  Hi All
  Am trying to integrate LifeRay Portal with Oracle Access Manager to provide SSO. Steps I done is Created Proxy (Required) to the application with Apache Web Server and installed Apache Web Gate on it to protect the proxy. Now I need help to configure Portal to enable SSO and Authentication with LDAP Users Customization. Any one Please try to help me in this issue please
  Version of LifeRay : 6.0.6
  Oracle Access Manager : 10g (10.1.4.3.0)

  Have you provided all the hostname and port combinations in the Host Identifier?
  What have you configured as Preferred Host in webgate configuration? What is configured in the Host Identifier?
  ~Yagnesh

• Issues integrating WebCenter with Oracle Access Manager

  Hi All,
  I am trying to integrate WebCenter 10.1.3.2 with Oracle Access Manager (CoreId). Followed the steps described in the Chapter 11 of the OC4J Security Guide.
  I was able to successfully authenticate WebCenter using IWA with Access Manager.
  Then I proceeded with the below steps:
  - Implemented ADF Security in the application. Created application roles and login page and worked fine on my local machine.
  - Provide the auth-method of "COREIDSSO" in orion-application.xml
  - Renamed the app-jazn-data.xml to give the OID groups
  - Mapped the OID groups to application roles in orion-application.xml
  - Used the jazn migration tool to populate the system-jazn-data.xml
  When trying to access the application, it looks like the ADF Context identifies that this is an authenticated user.
  ADFContext.getCurrent().getSecurityContext().isAuthenticated() retruns true
  ADFContext.getCurrent().getSecurityContext().isAuthorizationEnabled() returns true
  I get the below error message on the server console:
  [CoreIDLoginModule::getUserSessionFromCookie]: This user session for F3iwZhUGgjej9RSrMLSo0wjH5Ec6c2oeC0OBRH12y7%2FvfPVncz6dYoBoFD6q8DWAlMtzah%2FYV4T1t7jztVFYbxwfOyu0VOMXMEIosRrFicfJwoPRrM8MOkFsziQxpUqo98XrC9iBRHffdWSItNHZRZK4ZoCJMi6HZZ6noOc4Z%2BGJDGj3kWndYHTWjiG0cJhkSbL95wMmrXCDElzZHjPMdkuNQUHW1TfAJvgSlDeX6hhhIThlc%2BGmxMP3MQ%2FZoxUysbKieIJgDXo1%2FEMmLmTVjA%3D%3D is not valid or user is not logged in.
  I also tried using the "Headervar" variable to display the obmygroups value, but it comes as blank.
  Any help would be appreciated.
  Thanks
  Aneesh

  We recently integrated Webcenter Application (with ADF Authentication and Authorization) with OAM. May be the following will be of some help to you.
  We did the following steps documented in Chapter 11 Oracle Access Manager in Oracle J2EE security guide.
  OAM
  1. Created ALL specified policies , authentication schemes, protection specified in OAM section of the document.
  OC4J
  1. Ran all configuration listed for the OC4J section.
  Webcenter
  1. Developed the Webcenter Application
  2. Enabled ADF Security (Authentication & Authorization)
  3. Deployed the application. While deploying chose File based provider.
  4. After the deployment, changed orion-application.xml to have COREIDSSO as documented in Oracle documentation
  system-jazn-data.xml
  1. Added login module details as specified in the document. (Changed only the application name. Rest all was same as we used names as specified in the earlier steps of the document)
  OID Migration
  Reference document: "Configuring a WebCenter Application to Use Oracle Access Manager" in Webcenter Framework Developer guide.
  1. Located app-jazn-data.xml in the deployed application
  2. Removed "realm-name" and "type" subelements of "grantee" tags. Removed any realm details in user name.
  3. changed references to "class oracle.security.jazn.spi.xml.XMLRealmRole" to "oracle.security.jazn.realm.CoreIDPrincipal"
  4. ran the JAZN migration tool with "all" options. Migration from app-jazn-data.xml to OID.
  OAM
  Created policies for protecting our application.
  Test the application.
  Debugging.
  1. Enable oracle.adf.share.security , oracle.j2ee.security & oracle.j2ee.security.oc4j loggers to debug if the application is not working the way you expect to work.
  2. Set log level in Enterprise manager.
  3. All logging information are written in log.xml in $ORACLE_HOME/j2ee/OC4J_Webcenter/log/OC4J_WebCenter_default_group_1/oc4j
  Thanks

• Integrating Oracle Access Manager with Kerberos (WNA)

  Hi,
  I have working Oracle Access Manager currently being able only to authenticate users against Active Directory. I want to enable WNA. But I am still having issues with correctly configure it:
  I do not know what am I doing wrong.
  I am logged as example.com\testuser into Windows XP, using firefox with WNA enabled for URI example.com. Then I enter http://oracle.example.com which is my Oracle HTTP Server's protected URL, then I am receiving ERROR from Oracle Access Manager: "The user account is locked or disabled. Please contact the System Administrator."
  In OAM Log there is this: <Jun 19, 2012 4:14:15 PM CEST> <Error> <oracle.oam.controller> <OAM-02010> <User account is locked. Authentication failed.>
  Interesting is when I disable WNA support in firefox, then this behavior occurs: fisrt there is this dialog shown "A username and password are being requested by http://oracle.example.com:14100. The site says: "OAM 11g"" --> here I enter example.com\testuser and password. After this new dialog is shown: A username and password are being requested by http://oracle.example.com:14100. The site says: "WebLogic Server", then after entering weblogic/password I receive "The user account is locked or disabled. Please contact the System Administrator."
  In the OAM log this is logged:
  <Jun 19, 2012 4:22:28 PM CEST> <Error> <oracle.oam.user.identity.provider> <OAMSSA-20023> <Authentication Failure for user : weblogic.>
  <Jun 19, 2012 4:22:28 PM CEST> <Error> <oracle.oam.controller> <OAM-02010> <User account is locked. Authentication failed.>
  Any ideas? I am really stuck here.
  I am using this keytab file:
  [root@oracle centos]# klist -ke /home/oracle/keytab.testuser1
  Keytab name: WRFILE:/home/oracle/keytab.testuser1
  KVNO Principal
  7 HTTP/[email protected] (des-cbc-crc)
  7 HTTP/[email protected] (des-cbc-md5)
  7 HTTP/[email protected] (arcfour-hmac)
  7 HTTP/[email protected] (aes256-cts-hmac-sha1-96)
  7 HTTP/[email protected] (aes128-cts-hmac-sha1-96)
  kinit passes fine:
  [root@oracle centos]# kinit -V HTTP/[email protected] -k -t /home/oracle/keytab.testuser1
  Using default cache: /tmp/krb5cc_0
  Using principal: HTTP/[email protected]
  Using keytab: /home/oracle/keytab.testuser1
  Authenticated to Kerberos v5
  Why and which user is locked? I can lock with the AD user into windows domain, so I assume it is not locked + I checked it in the Active Directory.

  Ok, now I got it working. Sh~t! Why oracle documentation says I should set AD datasource with this parameter:
  User Name Attribute: UserPrincipalName, when this does not work?!
  After changing to User Name Attribute: sAMAccountName my WNA works!!!
  I have been fighting all day with this! The question is why such behavior - if the problem is in wrongly written oracle documentation, or I have problem somewehere else.
  Btw my user in AD looks like this:
  distinguishedName:     CN=John Doe,CN=Users,DC=example,DC=com
  sAMAccountName:     doejohn
  userPrincipalName     [email protected]
  It looks OAM takes "doejohn" from Windows via WNA/Kerberos and searches for this using UserPrincipalName and this is giving no match of course because "doejohn != [email protected]".
  The question is why does it take doejohn and not [email protected] from Windows WNA/Kerberos ???

• OBIEE Integration with Oracle Access Manager (OAM)

  Hi All,
  I am new to OBIEE and not familiar with Security part. We have one request from the client to have OBIEE Integration with Oracle Access Manager (OAM) through eternal identity management tool (OID/other LDAP).
  I tried google and found some information, but non of them has Step-by-Step process.
  Does anyone has document or know good portal which gives step by step information on how to Integrate OBIEE with OAM using external identity management tool?
  Appreciate if you share the information.

  Hi,
  You can use this note/doc attached in the note to configure:
  Oracle Access Manager (OAM) and Oracle Business Intelligence (OBI) Integration [ID 1217103.1]
  Regards,
  Jay

• Oracle Access Manager 10.1.4.0.1 WebPass

  Hi,
  Where can I download Oracle Access Manager WebPass for Sparc machine. I downloaded the whole Access Manager package when I unpack it i found the following webpass file;
  Oracle_Access_Manager10_1_4_0_1_sparc-s2_NSAPI_WebPass
  During installtion of above file it requires a obj.conf file absolute path instead of httpd.conf. I think I need following file
  Oracle_Access_Manager10_1_4_0_1_sparc-s2_OHS2_WebPass
  Where can I find above installation file????
  Note: I have downloaed the OHS server from following link as I couldn't found any link for 10g version of OHS and the example given on Oracle website is using OHS 2.x for identity manager and following met the requirements.
  http://www.oracle.com/technology/software/products/middleware/htdocs/111110_fmw.html
  Oracle instruction page to install Identity Manager --> http://www.oracle.com/technology/obe/fusion_middleware/im1014/ovd-oam/oam-ovd/install_oam/install_oam.htm
  Please help.

  Hi Sheeraz,
  The OHS2 WebPass can be found in the file oam_int_solaris_v2_cd2.zip which can be downloaded here:
  http://www.oracle.com/technology/software/products/ias/htdocs/101401.html
  Click the CD3 link in the 3rd Party Integration row in the Solaris column.
  Regards,
  Colin

• Oracle access manager - Policy domain - Return Type

  Hi,
  I have a requirement where I need to return few LDAP parameter values through Policy domain while redirecting. But the return type should be propertytype and not headervar or cookie. This is SSO integration with websphere using JAAS subject. We have inhouse TAI connector developed for integration between websphere and oracle access manager.
  Please help me to resolve this issue.
  Regards,
  Prashant

  Hi Prashant,
  OAM can return any type that you want, and OAM will set the name/value for that type - you can put "propertytype" in the type column, and the name and return attribute in the respective fields. "Cookie" and "HeaderVar" are the only types used by OAM WebGates, but your AccessGate (custom in-house connector) should be able to retrieve the values of propertytype that OAM sets.
  Regards,
  Colin

• Oracle Access Manager 11gR2 Web application: "oam" failed to preload

  Any pointers for troubleshooting this error?
  Managed Server starts up but fails to start-up "oam" deployment.
  weblogic.application.ModuleException: [HTTP:101216]Servlet: "AMInitServlet" failed to preload on startup in Web application: "oam".
  java.lang.ExceptionInInitializerError
          at oracle.security.am.pbl.transport.http.AMInitServlet.initializeAmServer(AMInitServlet.java:113)
          at oracle.security.am.pbl.transport.http.AMInitServlet.init(AMInitServlet.java:79)
          at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:283)
          at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
          at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
          at weblogic.servlet.internal.StubSecurityHelper.createServlet(StubSecurityHelper.java:64)
          at weblogic.servlet.internal.StubLifecycleHelper.createOneInstance(StubLifecycleHelper.java:58)
          at weblogic.servlet.internal.StubLifecycleHelper.<init>(StubLifecycleHelper.java:48)
          at weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.java:539)
          at weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletContext.java:1981)
          at weblogic.servlet.internal.WebAppServletContext.loadServletsOnStartup(WebAppServletContext.java:1955)
          at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1874)
          at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
          at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
          at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
          at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
          at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
          at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
          at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
          at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
          at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
          at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
          at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
          at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
          at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
          at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
          at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
          at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:569)
          at weblogic.deploy.internal.targetserver.operations.ActivateOperation.activateDeployment(ActivateOperation.java:150)
          at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doCommit(ActivateOperation.java:116)
          at weblogic.deploy.internal.targetserver.operations.StartOperation.doCommit(StartOperation.java:149)
          at weblogic.deploy.internal.targetserver.operations.AbstractOperation.commit(AbstractOperation.java:323)
          at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentCommit(DeploymentManager.java:844)
          at weblogic.deploy.internal.targetserver.DeploymentManager.activateDeploymentList(DeploymentManager.java:1253)
          at weblogic.deploy.internal.targetserver.DeploymentManager.handleCommit(DeploymentManager.java:440)
          at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.commit(DeploymentServiceDispatcher.java:163)
          at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doCommitCallback(DeploymentReceiverCallbackDeliverer.java:195)
          at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$100(DeploymentReceiverCallbackDeliverer.java:13)
          at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$2.run(DeploymentReceiverCallbackDeliverer.java:68)
          at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:545)
          at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
          at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
  Caused by: java.lang.NullPointerException
          at oracle.security.am.pbl.diagnostic.DiagnosticUtil.<init>(DiagnosticUtil.java:80)
          at oracle.security.am.pbl.diagnostic.DiagnosticUtil.<clinit>(DiagnosticUtil.java:65)
          ... 45 more
          at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1520)
          at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
          at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
          at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
          Truncated. see log file for complete stacktrace
  Caused By: java.lang.NullPointerException
          at oracle.security.am.pbl.diagnostic.DiagnosticUtil.<init>(DiagnosticUtil.java:80)
          at oracle.security.am.pbl.diagnostic.DiagnosticUtil.<clinit>(DiagnosticUtil.java:65)
          at oracle.security.am.pbl.transport.http.AMInitServlet.initializeAmServer(AMInitServlet.java:113)
          at oracle.security.am.pbl.transport.http.AMInitServlet.init(AMInitServlet.java:79)
          at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:283)

  SOA is not required. WebGate is a separate installation, separate from where you install the Oracle Access Manager.
  Oracle Access Manager is like the management station, WebGate would typically be installed on a host where a Web Server is running. So WebGate running on the WebServer host would be used to provide access control functions for web pages hosted on Web Server. You will have to do the configuration of WebGate separately after Access Manager has been installed. Please mark answer helpful/correct if helpful.

• Oracle Access Manager Webgate

  Hi All,
  I have a little confutation about Oracle Access Manager webgate. Please help me to figure it out.
  There are five web server I need to protected using OAM. Three are IIS 6.0/7.0 in Wondows 2008, one is Apache v2 in RHEL 5 and one in Apache Tomcat in Cent OS 5. All OS are 64 bit platform.
  I need to know which webgate I have to download and install for IIS and Apache? Please provide me the download link.
  I have seen following documentation, but I am unable to find Oracle_Access_Manager10_1_4_3_0_Win64_ISAPI_Webgate.exe or Oracle_Access_Manager10_1_4_3_0_platform_OHS_Webgate
  http://docs.oracle.com/cd/E28271_01/doc.1111/e15478/apch2ihs.htm
  http://docs.oracle.com/cd/E21764_01/doc.1111/e15478/iis_wg.htm
  Thanks
  Tamim Khan

  Hi Chinni,
  Thanks for you help.
  I am downloading oam_int_win_v11_cd1.zip, I have few more question on webgate?
  1. How can I determine which webgate use for which web server considering the version of the server (ie: IIS6/7). I have found oam-3rd.xls file. is it the way to chose webgate for some platform.
  2. Is there any official documentation to perform this operation for third pary webgate.
  3. Please consider the following senior:
  We have one Web application that authentication of RCPS performs from Data base tables. After successfully login, user got different types of roles like Admin, Manager, Guest User, Internal User etc, Base on the that role user menu is populate. For example Admin user has 7 menus but internal user has 4 menus. That menu item load from Database tables after login in to the application.
  As because the application are not authenticating from Database after implementation of OAM, so after authenticating from OAM how the user menu is populate?
  Thanks
  Tamim Khan

• Problem in customizing Oracle Access Manager 10g

  HI,
  I am facing some problem while incorporating customizations into Oracle Access Manager 10g.
  When trying to access the url with a particular style name.... i am getting the following error :
  obhtmlpage.cpp:160: Error:
  obhtmlpage.cpp:277: Error: ExXSLTProcessingGeneric: Exception processing stylesheet. Root stylesheet ID: ../../../lang/en-us/style0/login.xsl
  obxdkxsl.cpp:224: Error: ObXDKTransform
  obxdkcache.cpp:528: Error:
  obxdkcache.cpp:565: Error:
  ../obcacheof.cpp:429: Error:
  ../obcacheof.cpp:795: Error:
  ../obcacheof.cpp:932: Error:
  obxdkcache.cpp:291: Error: ObXdkObject::ObXdkObject
  Front Page Admin
  Sun Microsystems Solaris
  Could someone please provide some help as to how to solve the problem.
  Thanks.

  One good way to debug the XSL stylesheet issue is to apply the XSL outside of OAM with input XML and see if you get the results. You can use tools such as XML SPy for XSL development and testing.
  This error is more in line with XSL syntax and processing.
  Thanks
  Ram

• Oracle Access Manager 10g3 Blog

  Hi Everyone,
  I have created a New Blog for Oracle Access Manager and i would like everyone to have a look at it and give me some comments on it like what are the other topics i can keep which can help us all etc....
  You can visit it at http://go4oam.blogspot.com/

  HI,
  I am facing some problem while incorporating customizations into Oracle Access Manager 10g.
  When trying to access the url with a particular style name.... i am getting the following error :
  obhtmlpage.cpp:160: Error:
  obhtmlpage.cpp:277: Error: ExXSLTProcessingGeneric: Exception processing stylesheet. Root stylesheet ID: ../../../lang/en-us/style0/login.xsl
  obxdkxsl.cpp:224: Error: ObXDKTransform
  obxdkcache.cpp:528: Error:
  obxdkcache.cpp:565: Error:
  ../obcacheof.cpp:429: Error:
  ../obcacheof.cpp:795: Error:
  ../obcacheof.cpp:932: Error:
  obxdkcache.cpp:291: Error: ObXdkObject::ObXdkObject
  Front Page Admin
  Sun Microsystems Solaris
  Could someone please provide some help as to how to solve the problem.
  Thanks.

• Configuration of APEX applications to use Oracle Access Manager for Login

  Is there Oracle documentation on configuring an APEX application to accept a login id passed by Oracle Access Manager? Would someone please help with some instructions on how to do it. Thanks.

  Hi Ravi,
  this looks like a WLS issue.
  1-You can try as a workaround to remove this validator configuration in taglib definition file: .tld and see the behavior.
  2-Or you are missing something into url.
  I hope this helps,
  Thiago Leoncio.