My Oracle Support Banner

EM 13C: Login Fails For All LDAP Users On First Two Attempts But Same User Can Successfully Login On Third Attempt (Doc ID 2567704.1)

Last updated on SEPTEMBER 05, 2019

Applies to:

Enterprise Manager Base Platform - Version 13.1.0.0.0 and later
Information in this document applies to any platform.

Symptoms

Login to OEM 13c fails for all LDAP users on first two attempts but same user can login on the third attempt.

Observed the following errors in log file: .$EM_INSTANCE_BASE/gc_inst/em/EMGC_OMS1/sysman/log/EMGC_OMS1.out:

First attempt:

Line 278522: <Jun 7, 2019 9:18:34 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <DN for user <LDAP USERNAME>: null>
Line 278525: <Jun 7, 2019 9:18:34 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <DN for user <LDAP USERNAME>: _NOT_EXIST_>
Line 278527: <Jun 7, 2019 9:18:34 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User <LDAP USERNAME> denied
Line 278600: <Jun 7, 2019 9:18:35 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate authenticate failed for user <LDAP USERNAME>>
Line 278620: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User <LDAP USERNAME> java.lang.NullPointerException

Second attempt:

Line 278946: <Jun 7, 2019 9:18:38 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <DN for user <LDAP USERNAME>: _NOT_EXIST_>
Line 278949: <Jun 7, 2019 9:18:38 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <DN for user <LDAP USERNAME>: _NOT_EXIST_>
Line 278951: <Jun 7, 2019 9:18:38 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User <LDAP USERNAME> denied
Line 279024: <Jun 7, 2019 9:18:40 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate authenticate failed for user <LDAP USERNAME>>
Line 279044: javax.security.auth.login.FailedLoginException: [Security:090306]Authentication Failed Getting Groups for User <LDAP USERNAME> java.lang.NullPointerException

Third attempt:

Line 279230: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <Retrieved username from LDAP :<LDAP USERNAME>>
Line 279232: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <LDAP Atn Authenticated User <LDAP USERNAME>>
Line 279233: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <List groups that member: <LDAP USERNAME> belongs to>
Line 279234: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <DN for user <LDAP USERNAME>: CN=<CN>,OU=<OU>,OU=<OU>,OU=<OU> OU=<location>,DC=<Domain>,DC=com>
Line 279235: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <Retrieved dn:CN=<CN>,OU=<OU>,OU=<OU>,OU=<OU> OU=<location>,DC=<Domain>,DC=com> for user:<LDAP USERNAME>>
Line 279240: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <DN for user <LDAP USERNAME>: CN=<CN>,OU=<OU>,OU=<OU>,OU=<OU> OU=<location>,DC=<Domain>,DC=com>
Line 279241: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <Retrieved dn:CN=<CN>,OU=<OU>,OU=<OU>,OU=<OU> OU=<location>,DC=<Domain>,DC=com> for user:<LDAP USERNAME>>
Line 279242: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <login succeeded for username <LDAP USERNAME>>
Line 279250: Principal: <LDAP USERNAME>
Line 279251: Private Credential: <LDAP USERNAME>
Line 279254: Principal = class weblogic.security.principal.WLSUserImpl("<LDAP USERNAME>")
Line 279257: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principal) Principal=<LDAP USERNAME>>
Line 279261: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <Signed WLS principal <LDAP USERNAME>>
Line 279265: Principal = class weblogic.security.principal.WLSUserImpl("<LDAP USERNAME>")
Line 279267: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate authenticate succeeded for user <LDAP USERNAME>, Identity=Subject: 1
Line 279268: Principal = class weblogic.security.principal.WLSUserImpl("<LDAP USERNAME>")
Line 279270: <Jun 7, 2019 9:18:43 AM CEST> <Debug> <SecurityAtn> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate login succeeded and <LDAP USERNAME> was not previously locked out>

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.