SecurityException When Custom Code In One WebLogic Domain Calls APIs Of OIM Server In Another WebLogic Domain (Doc ID 1313058.1)

Last updated on AUGUST 08, 2017

Applies to:

Identity Manager - Version 11.1.1.3.0 and later
Information in this document applies to any platform.
Checked for relevance on 21-Sep-2012

Symptoms

A custom J2EE application is written which calls the OIM APIs, and is deployed to one WebLogic domain, while the OIM server it is accessing via those APIs is running in another WebLogic domain. When attempting to use the APIs, the following exception occurs:

java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[username]
Caused by: oracle.iam.platform.utils.NoSuchServiceException: java.lang.reflect.InvocationTargetException
at oracle.iam.platform.OIMClient.getServiceDelegate(OIMClient.java:197)
at oracle.iam.platform.OIMClient.getService(OIMClient.java:174)

Where username is the user the client is attempting to use.

It has been confirmed that the credentials are correct, and the same code works fine when deployed to the same WebLogic domain as the OIM server.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms