During WebCenter Portal Upgrade from 11.1.1.6 To 11.1.1.7, the "6.8.3.5 Verifying SSOFilter Grant" Succeed But "AccessControlException" Raised in the Logs (Doc ID 1597720.1)

Last updated on NOVEMBER 01, 2022

Applies to:

Symptoms

During the WebCenter patching from 11.1.1.6 to 11.1.1.7.1, the post step below required when Oracle Access Manager is used as Single Sign On solution, does not succeed:
The listpermissions shows existing permissions but not the one described in the documentation:

The grant permissions succeed:

wls:/wcm_domain/serverConfig> grantPermission(codeBaseURL='file:$common.components.home/modules/oracle.ssofilter_11.1.1/ssofilter.jar',permClass='oracle.security.jps.service.attribute.AttributeAccessPermission',permTarget='*', permActions='get,set,remove') 

But after this post upgrade step, the following error raised many times per seconds:

java.security.AccessControlException: access denied (oracle.security.jps.service.attribute.AttributeAccessPermission QsyYS4TLm1jT4PJvpP8tmnxByJyyyRB5YLd7qfbPT36p5QJ9KyZL!37544000!-694998850!1383650155636 remove)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374)
at java.security.AccessController.checkPermission(AccessController.java:549)
at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:463)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:523)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:549)
Truncated. see log file for complete stacktrace

Changes

The Fusion Middleware environment has been upgraded from 11.1.1.6 to 11.1.1.7, following this documentation:

Oracle® Fusion Middleware Patching Guide 11g Release 1 (11.1.1.7.0)
6.8.3.5 Verifying SSOFilter Grant

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.