My Oracle Support Banner

SSO login fails with Error: Authentication failed. Please try again. (Doc ID 1260514.1)

Last updated on AUGUST 16, 2018

Applies to:

Oracle Application Server Single Sign-On - Version 10.1.2 to 10.1.4 [Release 10gR2 to 10gR3]
Information in this document applies to any platform.
***Checked for relevance on 16-Aug-2018***

Symptoms

SSO login is failing with "Error: Authentication failed. Please try again." for all users.

$ORACLE_HOME/sso/log/ssoServer.log shows 'LDAP: error code 32 - No Such Object' error e.g.:
Wed Oct 06 17:50:36 GMT-05:30 2010 [ERROR] AJPRequestHandler-ApplicationServerThread-7 Could not get attributes for user, orcladmin
oracle.ldap.util.UtilException: NamingException encountered when resolving user - SIMPLE NAME = orcladmin [LDAP: error code 32 - No Such Object]
at oracle.ldap.util.Subscriber.getUser_NICKNAME(Subscriber.java:1215)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:923)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:870)
at oracle.security.sso.server.ldap.OIDUserRepository.getUserProperties(OIDUserRepository.java:537)
at oracle.security.sso.server.auth.SSOServerAuth.authenticate(SSOServerAuth.java:508)
at oracle.security.sso.server.ui.SSOLoginServlet.processSSOPartnerRequest(SSOLoginServlet.java:1076)
at oracle.security.sso.server.ui.SSOLoginServlet.doPost(SSOLoginServlet.java:547)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
....................
Wed Oct 06 17:50:36 GMT-05:30 2010 [DEBUG] AJPRequestHandler-ApplicationServerThread-7 Directory Exception while getting the user attributes: auth_fail_exception
oracle.security.sso.server.ldap.DirectoryException: auth_fail_exception
at oracle.security.sso.server.ldap.OIDUserRepository.getUserProperties(OIDUserRepository.java:642)
at oracle.security.sso.server.auth.SSOServerAuth.authenticate(SSOServerAuth.java:508)
at oracle.security.sso.server.ui.SSOLoginServlet.processSSOPartnerRequest(SSOLoginServlet.java:1076)
...........
In OID (with heavy trace debugging enabled) the log file $ORACLE_HOME/oid/ldap/oidldapd01s<PID>.log shows a search performed by orclapplicationcommonname=orasso_ssoserver,cn=sso,cn=products,cn=oraclecontext failing with ldap error code 32. For example:
BEGIN
2010/10/06:17:50:36 * ServerWorker (REG):8
 ConnID:6740 * mesgID:8 * OpID:7 * OpName:search         
 ConnIP:192.168.11.11 ConnDN: orclapplicationcommonname=orasso_ssoserver,cn=sso,cn=products,cn=oraclecontext
INFO :gslfseADoSearch BASE = cn=Employee,dc=us,dc=oracle,dc=com FILTER = (uid=orcladmin) #REQDATTR = 7 scope =2
17:50:36 * => gsldbBuildFilterList
17:50:36 * INFO : gsleswrASndResult2 RESULT = 32 nentries=0 
END

Changes

The value for Common User Search Base (orclcommonusersearchbase attribute) was modified or new values were added. 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.