My Oracle Support Banner

Oracle Access Manager Operation Error - Access To The URL Has Been Denied - When Authorization LDAP Access Rule Is Configured (Doc ID 1271706.1)

Last updated on FEBRUARY 28, 2019

Applies to:

COREid Access - Version 10.1.4.0.1 and later
Information in this document applies to any platform.

Symptoms

An application resource has been protected with Oracle Access Manager (OAM), and an OAM Policy Domain Authorization Rule has been configured with an LDAP rule to restrict access to users who have a specific attribute value set.

For example:

ldap:///dc=<HOSTNAME>,dc=<DOMAIN>??sub?(appaccessflag=yes)


On access to the OAM protected page, after submitting credentials for a user with the LDAP attribute set, the following error occurs:

Oracle Access Manager Operation Error - Access to the URL has been denied


The URL displayed in the browser address bar is similar to the following, showing ErrAuthzDeny.

https://<HOSTNAME>.<DOMIAN>/oberr.cgi?status=500 errmsg=ErrAuthzDeny p1=cn%3djsmith,cn%3dUsers,DC%3duk,DC%3doracle,DC%3dcom p2=/appurl/protectedpage.html


The user LDAP entry has been checked and the attribute value is definitely set to the same value as specified in the LDAP access rule.


Steps to reproduce

1. Start a new browser session and access https://<HOSTNAME>.<DOMIAN>/appurl/protectedpage.html
2. OAM prompts for login: submit valid OAM credentials.
3. Error page is displayed: Oracle Access Manager Operation Error - Access to the URL has been denied

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.