"IdentityProviderException: OAMSSA-20027: Could not get user " For Chain Authentication

(Doc ID 1490276.1)

Last updated on MAY 01, 2017

Applies to:

Oracle Access Manager - Version 11.1.1.5.0 and later
Information in this document applies to any platform.
Implemented chain authentication in OAM 11gR1. After that, you observed OAMSSA-20027 error in oam-diagnostic log eventhough users can login without issue.

Symptoms

User can login without issue, but OAM diagnostic log produce the following exception

[2012-09-09T12:11:03.410-07:00] [OAM_Server2] [ERROR] [] [oracle.oam.plugin] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 004mKaQ7yjcBp2e_p_d9iY0002dv00000e,0:1] [APP: oam_server] [URI: /oam/server/auth_cred_submit] Exception occurred when authenticating the user against UserIdentityStore - [[
oracle.security.am.engines.common.identity.provider.exceptions.IdentityProviderException: OAMSSA-20027: Could not get user : <Username>.
at oracle.security.am.engines.common.identity.provider.impl.UserProviderImpl.getUser(UserProviderImpl.java:1309)
at oracle.security.am.engines.common.identity.provider.impl.UserProviderImpl.locateUser(UserProviderImpl.java:1093)
at oracle.security.am.engines.common.identity.provider.impl.IdentityProviderImpl.locateUser(IdentityProviderImpl.java:893)
at oracle.security.am.engines.common.identity.provider.impl.OracleUserIdentityProvider.locateUser(OracleUserIdentityProvider.java:465)
at oracle.security.am.plugin.authn.UserIdentificationPlugIn.process(UserIdentificationPlugIn.java:477)
at oracle.security.am.engine.authn.internal.executor.PlugInExecutor.execute(PlugInExecutor.java:179)
at oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor.execute(AuthenticationSchemeExecutor.java:102)
at oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl.validateUser(AuthenticationEngineControllerImpl.java:268)
at oracle.security.am.engines.enginecontroller.AuthnEngineController.authenticateUser(AuthnEngineController.java:673)
at oracle.security.am.engines.enginecontroller.AuthnEngineController.processEvent(AuthnEngineController.java:296)
at oracle.security.am.controller.MasterController.processEvent(MasterController.java:568)
at oracle.security.am.controller.MasterController.processRequest(MasterController.java:757)
at oracle.security.am.controller.MasterController.process(MasterController.java:680)
at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLFlowManager.java:209)
at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.java:147)
at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.java:107)
at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServlet.java:170)
at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java:135)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.doFilter(OAMServletAuthenticationFilter.java:265)
at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilter(OAMValidationSystemFilter.java:134)
at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentWrapperFilter.java:120)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: oracle.security.idm.ObjectNotFoundException: No User found matching the criteria
at oracle.security.idm.providers.stdldap.util.DirectSearchResponse.initSearch(DirectSearchResponse.java:174)
at oracle.security.idm.providers.stdldap.util.NonPagedSearchResponse.<init>(NonPagedSearchResponse.java:52)
at oracle.security.idm.providers.stdldap.util.LDAPRealm.searchUsers(LDAPRealm.java:430)
at oracle.security.idm.providers.stdldap.LDIdentityStore.searchUser(LDIdentityStore.java:440)
at oracle.security.idm.providers.stdldap.LDIdentityStore.searchUser(LDIdentityStore.java:489)
at oracle.security.am.engines.common.identity.provider.impl.UserProviderImpl.getUser(UserProviderImpl.java:1296)
... 46 more

]]


Changes

Implemented chain authentication

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms