Declarative Web Security Not Working With OAM Agent For JBOSS 6.2 (Doc ID 1943132.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

Declarative Web Security not working with OAM Agent for JBOSS 6.2

Experiencing strange behavior from the agent.  If I log into an agent protected app with a new browser and I have the authZ privs to view the page I get the correct response.  If I then leave the browser idle for an indeterminate amount of time (measured in minutes) and then refresh I then get a 403 message.  In the logs I see the following exception:


014-09-04 11:38:30,592 SEVERE [OAMAuthenticator] (http-/172.28.126.117:8080-1) Failed to login and create a session id on server.: java.lang.NullPointerException
       at org.jboss.web.tomcat.security.login.WebAuthentication.login(WebAuthentication.java:85) [jbossweb-service.jar:4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA date=200802142215)]
       at oracle.security.am.agent.common.authenticator.OAMAuthenticator.setOAMResponses(OAMAuthenticator.java:427) [j2eeagent-11.1.2.1.0.jar:]
       at oracle.security.am.agent.common.authenticator.OAMAuthenticator.validateRequestWithToken(OAMAuthenticator.java:728) [j2eeagent-11.1.2.1.0.jar:]
       at oracle.security.am.agent.common.authenticator.OAMAuthenticator.processRequest(OAMAuthenticator.java:309) [j2eeagent-11.1.2.1.0.jar:]
       at oracle.security.am.agent.common.authenticator.OAMAuthenticatorValve.authenticate(OAMAuthenticatorValve.java:124) [j2eeagent-11.1.2.1.0.jar:]
       at oracle.security.am.agent.common.authenticator.OAMAuthenticatorValve.authenticate(OAMAuthenticatorValve.java:100) [j2eeagent-11.1.2.1.0.jar:]
       at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:465) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
       at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.3.1.Final-redhat-3.jar:7.3.1.Final-redhat-3]
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
       at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_55]

  

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms