My Oracle Support Banner

Multi-step OAM Authentication Plugin - Doesn't Execute All Orchestration Steps (Doc ID 1485211.1)

Last updated on OCTOBER 09, 2023

Applies to:

Oracle Access Manager - Version 11.1.1.5.0 and later
Information in this document applies to any platform.

Goal

Trying to configure a custom authentication plugin in OAM 11.1.1.5, similar to the out-of-box LDAPplugin, but with multiple pairs of UserIdentificationPlugin and UserAuthenticationPlugin pointing to different LDAPs (an AD and a SunDS) the steps are:

UserIdentificationPlugin (points to UserIdentityStore-AD)
UserAuthenticationPlugin (points to UserIdentityStore-AD)
UserIdentificationPlugin (points to UserIdentityStore-SUNDS)
UserAuthenticationPlugin (points to UserIdentityStore-SUNDS)

Using OAM access tester to test for now. In both the AD and SunDS, have a user, "compositeuser1", with different passwords in AD and SunDS.

If attempt to authenticate with the password from AD, it works, but if I enter the password for SunDS, authentication fails.

Have OAM set to TRACE:16, and looking at oamserve1-diagnostics.log, it appears that if the AD steps fail (the UserAuthentication for AD), the plugin is not proceeding to the SunDS-related UI and UA steps.

Have the OnFailure and OnError in the step #2 set to step #3. I've also tried setting those to step #4, but from the diagnostics log, it doesn't appear to proceed to #3 or #4.
 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.