OAM ASDK code used within a Servlet does work when embeded in a Servlet using the 11G Webgates which works both on 10G Webgates and using JDeveloper (Doc ID 2001304.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.1.6.0 to 11.1.2.1.1 [Release 11g]
Information in this document applies to any platform.
When using Oracle Access Manager SDK and using with 11G Webgates, and used within a Servlet it throws the following errors

AccessClient> <initialize> Oracle Access SDK initialization failed.
java.security.AccessControlException: access denied (oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=OAMAgent,keyName=WCPortal11_1_8_Agent_Key read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374)
at java.security.AccessController.checkPermission(AccessController.java:546)
at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:463)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:523)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:549)
at oracle.security.jps.internal.credstore.util.CsfUtil.checkPermission(CsfUtil.java:683)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.getCredential(SspCredentialStore.java:562)
at oracle.security.am.asdk.impl.Configuration$1.run(Configuration.java:239)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.am.asdk.impl.Configuration.readAgentKey(Configuration.java:236)
at oracle.security.am.asdk.AccessClient.initialize(AccessClient.java:1367)
at oracle.security.am.asdk.AccessClient.<init>(AccessClient.java:930)
at oracle.security.am.asdk.AccessClient.createDefaultInstance(AccessClient.java:351)
at oam_sdk_test.LoginServlet.doGet(LoginSe

Symptoms

 While using the ASDK code within the Servlet and 11G webgates if fails with the following exceptions

 

AccessClient> <initialize> Oracle Access SDK initialization failed.
java.security.AccessControlException: access denied (oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=OAMAgent,keyName=WCPortal11_1_8_Agent_Key read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374)
at java.security.AccessController.checkPermission(AccessController.java:546)
at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:463)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:523)
at oracle.security.jps.util.JpsAuth.checkPermission(JpsAuth.java:549)
at oracle.security.jps.internal.credstore.util.CsfUtil.checkPermission(CsfUtil.java:683)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.getCredential(SspCredentialStore.java:562)
at oracle.security.am.asdk.impl.Configuration$1.run(Configuration.java:239)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.am.asdk.impl.Configuration.readAgentKey(Configuration.java:236)
at oracle.security.am.asdk.AccessClient.initialize(AccessClient.java:1367)
at oracle.security.am.asdk.AccessClient.<init>(AccessClient.java:930)
at oracle.security.am.asdk.AccessClient.createDefaultInstance(AccessClient.java:351)
at oam_sdk_test.LoginServlet.doGet(LoginSe

Changes

 The weblogic.policy file needs to be changed to grant the necessary permission.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms