OAM 11gR2: Pre-AuthN Advanced Rule successful evaluation results in a NULL Authentication Scheme being selected: Error with "Rule result :null" (Doc ID 2019664.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

On : OAM 11.1.2.2.0 version, Performance/Scalability

Running with OAM version 11gR2 PS2 (OAM version 11.1.2.2.0) or later..


A successful Pre-AuthN Advanced Rule's evaluation can result in a NULL authentication scheme selected.

We have a resource protected by an authN policy containing a simple pre-authentication rule (like a rule with Condition set as "1==1")
When the rule evaluates to TRUE (which will be always the case here as with "1==1"), then the policy will switch to authentication scheme defined in the "* Switch Authentication Scheme to" (like for example switch to "LDAPScheme_DCC_OverOUD" ).

BUT, When running some performance tests, by accessing solely to the protected resource, we might find that - depending on the load - some of authentications fail.

When evaluating the logs, we find that even though the pre-authentication rule evaluates correctly to TRUE, but the authN scheme switch is not performed/happening, that due to a
NULL result being returned from the process method in class oracle.security.am.common.policy.runtime.provider.common.rules.internal.executor.RuleProcessor

An example is as per the below logs :

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms