Last updated on MARCH 08, 2017
Applies to:COREid Identity - Version: 10.1.4.2
Information in this document applies to any platform.
Using the "modify user" web service from our application to allow a user to change their challenge questions and answers. However, when a user provides both old and new responses, even though the response is incorrect, the system still accepts the old response. No error is returned from OAM.
For Example, a user has three questions set up asking "What is the city you were born in?", "What's is your father's name?", and "What is you mother's maiden name?"
The responses are set as "city", "father", and "city" respectively.
However, when the user attempts to change the responses, they provide "city", "city", and "mother" as the responses. "city" for the second challenge question should be recognized as an incorrect response. However, OAM does not return this as an error."
When the changes are being made thru OAM GUI, the system behaves as expected, ie: errors are returned. It is only using the Web Services as described above that OAM does not return any errors.
Reviewed the SOAP Request and the SOAP Response and I can confirm that no errors are being returned.
Also reviewed the OIS Oblog collected in TRACE mode where you can see the SOAP Request received by the OIS and the SOAP Response served by the OIS. They are consistent with the ones provided by the customer's application. In the OIS Oblog, there is no errors between the SOAP Request received and the SOAP Response served by OIS.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms