OAM 11gR2: Pre-AuthN Advanced Rule successful evaluation results in a NULL Authentication Scheme being selected: Error with "Rule result :null"
Last updated on SEPTEMBER 21, 2016
Applies to:Oracle Access Manager - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
On : OAM 22.214.171.124.0 version, Performance/Scalability
Running with OAM version 11gR2 PS2 (OAM version 126.96.36.199.0) or later..
A successful Pre-AuthN Advanced Rule's evaluation can result in a NULL authentication scheme selected.
We have a resource protected by an authN policy containing a simple pre-authentication rule (like a rule with Condition set as "1==1")
When the rule evaluates to TRUE (which will be always the case here as with "1==1"), then the policy will switch to authentication scheme defined in the "* Switch Authentication Scheme to" (like for example switch to "LDAPScheme_DCC_OverOUD" ).
BUT, When running some performance tests, by accessing solely to the protected resource, we might find that - depending on the load - some of authentications fail.
When evaluating the logs, we find that even though the pre-authentication rule evaluates correctly to TRUE, but the authN scheme switch is not performed/happening, that due to a
NULL result being returned from the process method in class oracle.security.am.common.policy.runtime.provider.common.rules.internal.executor.RuleProcessor
An example is as per the below logs :
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms