Declarative Web Security Not Working With OAM Agent For JBOSS 6.2
(Doc ID 1943132.1)
Last updated on MAY 24, 2022
Applies to:
Oracle Access Manager - Version 11.1.2.2.0 and laterInformation in this document applies to any platform.
Symptoms
Declarative Web Security not working with OAM Agent for JBOSS 6.2
Experiencing strange behavior from the agent. If I log into an agent protected app with a new browser and I have the authZ privs to view the page I get the correct response. If I then leave the browser idle for an indeterminate amount of time (measured in minutes) and then refresh I then get a 403 message. In the logs I see the following exception:
014-09-04 11:38:30,592 SEVERE [OAMAuthenticator] (http-/<IPADDRESS>:<PORT>) Failed to login and create a session id on server.: java.lang.NullPointerException
at org.jboss.web.tomcat.security.login.WebAuthentication.login(WebAuthentication.java:85) [jbossweb-service.jar:4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA date=200802142215)]
at oracle.security.am.agent.common.authenticator.OAMAuthenticator.setOAMResponses(OAMAuthenticator.java:427) [j2eeagent-11.1.2.1.0.jar:]
at oracle.security.am.agent.common.authenticator.OAMAuthenticator.validateRequestWithToken(OAMAuthenticator.java:728) [j2eeagent-11.1.2.1.0.jar:]
at oracle.security.am.agent.common.authenticator.OAMAuthenticator.processRequest(OAMAuthenticator.java:309) [j2eeagent-11.1.2.1.0.jar:]
at oracle.security.am.agent.common.authenticator.OAMAuthenticatorValve.authenticate(OAMAuthenticatorValve.java:124) [j2eeagent-11.1.2.1.0.jar:]
at oracle.security.am.agent.common.authenticator.OAMAuthenticatorValve.authenticate(OAMAuthenticatorValve.java:100) [j2eeagent-11.1.2.1.0.jar:]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:465) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.3.1.Final-redhat-3.jar:7.3.1.Final-redhat-3]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_55]
at org.jboss.web.tomcat.security.login.WebAuthentication.login(WebAuthentication.java:85) [jbossweb-service.jar:4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA date=200802142215)]
at oracle.security.am.agent.common.authenticator.OAMAuthenticator.setOAMResponses(OAMAuthenticator.java:427) [j2eeagent-11.1.2.1.0.jar:]
at oracle.security.am.agent.common.authenticator.OAMAuthenticator.validateRequestWithToken(OAMAuthenticator.java:728) [j2eeagent-11.1.2.1.0.jar:]
at oracle.security.am.agent.common.authenticator.OAMAuthenticator.processRequest(OAMAuthenticator.java:309) [j2eeagent-11.1.2.1.0.jar:]
at oracle.security.am.agent.common.authenticator.OAMAuthenticatorValve.authenticate(OAMAuthenticatorValve.java:124) [j2eeagent-11.1.2.1.0.jar:]
at oracle.security.am.agent.common.authenticator.OAMAuthenticatorValve.authenticate(OAMAuthenticatorValve.java:100) [j2eeagent-11.1.2.1.0.jar:]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:465) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.3.1.Final-redhat-3.jar:7.3.1.Final-redhat-3]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920) [jbossweb-7.3.0.Final-redhat-1.jar:7.3.0.Final-redhat-1]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_55]
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |