OAM 11g R2PS2 (11.1.2.2.0 RTM): ECC- Custom Login JSP Page Not Working In Context Type: External, Custom Login + Request Cache Type Of FORM Produces javax.crypto.IllegalBlockSizeException

(Doc ID 1666318.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 to 11.1.2.2.1 [Release 11g]
Information in this document applies to any platform.

Symptoms

On : OAM 11.1.2.2.0 version, Authentication Engine

We want to configure ECC with custom login page.
serverRequestCacheTyoe is set to FORM.
authN scheme:
Challenge Method: FORM
Challenge Redirect URL: /oam/server/
Challenge URL: http://loginhost:loginport/frmauth/login.jsp
Context Type: external

With the above configuration, when we access some protected page, we get below error:

In browser, we see error:

"System Error. Please retry your action. If you continue to get this error, please contact System Administrator."

In the OAM server logs, we can see:

[2014-03-24T23:01:55.186-06:00] [oam_server1] [TRACE] [] [oracle.oam.proxy.oam] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 00
4xMT0FpPC3r2c2Tjj8FO00017j0000Pg,0:2] [APP: oam_server#11.1.2.0.0] [URI: /oam/server/auth_cred_submit] [SRC_CLASS: CookieDecryptor] [SRC_METHOD: doAESEncryption] Exception in decryption[[
javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
       at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:750)
       at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
       at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313)
       at javax.crypto.Cipher.doFinal(Cipher.java:2087)
       at oracle.security.am.common.nap.util.decryptor.CookieDecryptor.doAESDecryption(CookieDecryptor.java:266)
       at oracle.security.am.engines.sso.token.request.AbstractSSORequestTokenHandler.parseEncryptedToken(AbstractSSORequestTokenHandler.java:258)
       at oracle.security.am.engines.sso.token.request.AbstractSSORequestTokenHandler.parseToken(AbstractSSORequestTokenHandler.java:194)
       at oracle.security.am.engines.sso.token.request.SSORequestTokenIssuerModuleImpl.validate(SSORequestTokenIssuerModuleImpl.java:221)
       at oracle.security.am.engines.tpe.TokenValidatorImpl.validate(TokenValidatorImpl.java:68)
       at oracle.security.am.engines.sso.adapter.TPEAdapter.validateRequestToken(TPEAdapter.java:198)
       at oracle.security.am.pbl.protocol.plugin.oam.AMHelper.mapToRequest(AMHelper.java:574)
       at oracle.security.am.pbl.protocol.plugin.oam.AMHelper.getAMRequestToken(AMHelper.java:314)
       at oracle.security.am.pbl.protocol.plugin.credcollect.CredentialSubmitRequestHandler.handleCredentialSubmitRequest(CredentialSubmitRequestHandler.java:142)
       at oracle.security.am.pbl.protocol.plugin.credcollect.CredentialSubmitRequestHandler.process(CredentialSubmitRequestHandler.java:95)
       at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.java:138)
       at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.java:107)
       at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServlet.java:198)
       at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java:157)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)

...

 

OR also:

[2014-04-10T14:38:18.503+02:00] [oam_server1] [TRACE] [] [oracle.oam.proxy.oam] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:  37d88a7060c515f0:-44b3111b:1453c50d036:-8000-000000000003fe9b,0] [APP:
  oam_server#11.1.2.0.0] [DSID: 0000KLBdLWk8Hv9pNcK6ye1JGeGC00000A] [SRC_CLASS: CookieDecryptor] [SRC_METHOD: doAESEncryption] Exception in decryption[[
  javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
         at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
         at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
         at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
         at javax.crypto.Cipher.doFinal(DashoA13*..)
   ....


 



Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms