OAM11g : Oracle Access Manager IdentityAsserterProvider doesn't set identity for Name Callback when OAM_REMOTE_USER is set to 'Anonymous' user (Doc ID 1616080.1)

Last updated on JUNE 06, 2017

Applies to:

Oracle Fusion Middleware - Version 11.1.1.7.0 and later
Oracle Access Manager - Version 11.1.1.5.0 and later
Information in this document applies to any platform.

Symptoms

On : 11.1.1.7.0  FMW env

Oracle Access Manager Identity Asserter Provider (IAP) doesnt set Name callback for the user "Anonymous" 

weblogic security debug logs show below messages

<Debug> <SecurityAtn> <> <server01_01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <aa48c6ef8c1bbb26:-9dce951:141716027a0:-7fef-00000000
0000011c> <1380587442059> <BEA-000000> <com.bea.common.security.internal.service.IdentityAssertionCallbackServiceImpl.assertIdentity returning null>

and below expected log message is not observed

<Debug> <SecurityAtn> <> <server01_01> <[ACTIVE] ExecuteThread: '8' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <aa48c6ef8c1bbb26:7e5cc2f3:1427e27b68c:-8000-00000000000000fe> <1385096158225> <BEA-000000> <Setting up the identity ANONYMOUS for Name Callback>

 

However, the log does show that  OAM IAP can read the headers and retrieve username from OAM_REMOTE_USER

<Debug> <SecurityAtn> <> <server01_01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <aa48c6ef8c1bbb26:-9dce951:141716027a0:-7fef-00000000
0000011c> <1380587442059> <BEA-000000> <Header Name=OAM_REMOTE_USER Value=Anonymous>

 

Changes

FMW was upgraded from 11.1.1.5 to 11.1.1.7 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms