My Oracle Support Banner

LDAP Users And Groups Not Showing In Webcenter Admin Page (Doc ID 1938227.1)

Last updated on APRIL 02, 2024

Applies to:

Oracle WebCenter Portal - Version 11.1.1.7.1 to 11.1.1.9.8 [Release 11g]
Information in this document applies to any platform.

Symptoms

Custom WebCenter Portal Framework application.

An ldap provider was configured with a connection to an AD LDS instance in WebLogic Server. For this the settings needed to change (groupofuniquenames needed to be groups). It is working in WebLogic Server and the users and groups can be seen in the overview.
When deploying a site which has an identity provider set using ldap the admin page does not show the users or groups but gives the following error:

ADF_FACES-60098:Faces levensduur ontvangt niet-afgehandelde uitzonderingen in fase RENDER_RESPONSE 6.
javax.el.ELException: java.lang.RuntimeException: oracle.security.jps.service.idstore.IdentityStoreException: Requested Object Class (groupofuniquenames)not found in cache.
at javax.el.BeanELResolver.getValue(BeanELResolver.java:266)

It looks like it is still searching in ldap for 'groupofuniquenames' where in fact it must search for 'groups'.   After modifying the jps-config.xml and setting the 'group.object.classes' to 'group' the error still remains.

When wls:active-directory-authenticatorType is used instead of wls:open-ldap-authenticatorType it seems to work.

AD LDS is more like open ldap then active directory; where AD has sAMAccountName as login id, LDS has userPrincipalName.

The main issue is that if 'group' is configured to be the objectClass of ldap groups, WebCenter Portal is still searching for 'groupofuniquenames' (which is openldap default).  The same goes for the objectClass 'person' for users where WebCenter Portal is still looking for 'inetorgperson' .

The problem comes when I want to access the user store in the WebCenter Portal Framework application.  It fails because configuration is reverted back to default and ignoring object class settings (it searches for 'groupofuniquenames' instead of the configured value 'group').

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.