OIF Cannot Decrypt OAM Token (Doc ID 1562327.1)

Last updated on JUNE 09, 2017

Applies to:

Oracle Identity Federation - Version 11.1.2.1.0 and later
Information in this document applies to any platform.

Goal

SP Integration Mode, after registering OIF as a DAP Partner with the keystore generated by OIF, issue with dencrypting token

OIF diagnostic logs shows the following error:

[2013-06-12T22:31:03.118-04:00] [wls_oif1] [WARNING] [FED-18071] [oracle.security.fed.eventhandler.authn.engines.osso.OssoStartSPSSOE ventHandler] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 004rj zg3Z2jESO^WtTv1Fl0002Ls0001LD,0:2] [APP: OIF#11.1.1.2.0] [URI: /fed/user/sposso] Service provider Oracle Single Sign-On integration module: could not decrypt the token with current key
[2013-06-12T22:31:03.121-04:00] [wls_oif1] [ERROR] [FED-18070] [oracle.security.fed.eventhandler.authn.engines.osso.OssoStartSPSSOEve ntHandler] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 004rjzg 3Z2jESO^WtTv1Fl0002Ls0001LD,0:2] [APP: OIF#11.1.1.2.0] [URI: /fed/user/sposso] Service provider Oracle Single Sign-On integration mod ule: could not decrypt the token with current key, and old key expired
[2013-06-12T22:31:03.122-04:00] [wls_oif1] [ERROR] [FED-12064] [oracle.security.fed.controller.ActionStateMachine] [tid: [ACTIVE].Exe cuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 004rjzg3Z2jESO^WtTv1Fl0002Ls0001LD,0 :2] [APP: OIF#11.1.1.2.0] [URI: /fed/user/sposso] Exception: {0}[[
oracle.security.fed.event.EventException: SP OSSO Integration Module: could not decrypt the token with current key, and old key expir ed
  at oracle.security.fed.eventhandler.authn.engines.osso.OssoStartSPSSOEventHandler.decrypt(OssoStartSPSSOEventHandler.java:210 )
  at oracle.security.fed.eventhandler.authn.engines.osso.OssoStartSPSSOEventHandler.perform(OssoStartSPSSOEventHandler.java:78)
  at oracle.security.fed.controller.ActionStateMachine.processEvent(ActionStateMachine.java:141)
  at oracle.security.fed.controller.EventControllerImpl.processEvent(EventControllerImpl.java:118)
  at oracle.security.fed.controller.ApplicationController.publishEvent(ApplicationController.java:425)
  at oracle.security.fed.controller.web.action.RequestHandlerContext.publishEvent(RequestHandlerContext.java:48)
  at oracle.security.fed.controller.web.action.RequestHandlerSupport.perform(RequestHandlerSupport.java:15)
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms