Some Users Cannot Access OAM Protected Resource: Oracle Access Manager Operation Error

(Doc ID 1232763.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Access - Version: 10.1.4.3.0 and later   [Release: No Release Description and later ]
Information in this document applies to any platform.

Symptoms


Some users cannot access Oracle Access Manager (OAM) protected resources in an OAM 10.1.4.3 environment. When they attempt login the following error is displayed after submitting valid credentials:


Oracle Access Manager Operation Error
An exception has occurred in the Access Server.

Contact your website administrator to remedy this problem.


The authentication scheme used to protect the resource being accessed has OAM Password Policy checking enabled.

The LDAP directory attributes of working users and failing users has been compared. The notable difference is that the users who can login have the attribute obver=10.1.4.0 where the users who cannot login do not have obver set.

The Access Server TRACE level oblog.log shows the following:


2010/10/08@08:43:42.655939 28672 28746 ACCESS_SERVER WARNING 0x00001111 /usr/abuild/Oblix/10143hf/palantir/aaa_server/src/plugins.cpp:1289 "Caught exception" Function^ObAuthenticationHandler::EvaluateValidatePassword

2010/10/08@08:43:42.656073 28672 28746 ACCESS_SERVER WARNING 0x00001111 /usr/abuild/Oblix/10143hf/palantir/aaa_server/src/plugins.cpp:176 "Caught exception" Function^ObAuthenticationHandler::ExecutePlugin

2010/10/08@08:43:42.656175 28672 28746 ACCESS_SERVER WARNING 0x00001111 /usr/abuild/Oblix/10143hf/palantir/aaa_server/src/obauthentication_handler.cpp:743 "Caught exception" Function^ObAuthenticationHandler::Authenticate
2010/10/08@08:43:42.656183 28672 28746 ACCESS_SERVER TRACE 0x00000204 /usr/abuild/Oblix/10143hf/palantir/aaa_server/src/obauthentication_handler.cpp:750 "Function exited" _TraceName^ObAuthenticationHandler::Authenticate _TraceDuration^0.036791 opStatus^majorCode = 3[FatalError], minorCode = 33[Exception], StatusMsg = , GSN = 0, needInfo = NONE

2010/10/08@08:43:42.656244 28672 28746 AUTHENTICATION DEBUG2 0x00000201 /usr/abuild/Oblix/10143hf/palantir/aaa_server/src/aaa_service_server.cpp:1206 "Authentication Failed" 



Steps to reproduce

1. Access an OAM-protected resource in a new brower session.
2. The OAM login page is displayed.
3. Submit valid credentials for a user who has never logged into the OAM site previously.
4. Error 'Oracle Access Manager Operation Error' is displayed.



Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms