OAM Force Password Change Does Not Work When Adaptive Authentication Is Enabled
Last updated on MARCH 08, 2017
Applies to:Oracle Access Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
During force password change and having adaptive authentication is enabled you will observer that it does not work. The flow is:
1. User logs in using Username & password.
2. System determines whether Multi factor authentication is required, based on Post Authentication rule.
3. If user is required to have Multi factor authentication, system will redirect user to One time password page.
4. user enters the correct OTP
5. System redirect user to landing page
There are a number of LDAP 49 wrong password errors.
There are a number of 'could not get user errors'
Line 1662: at oracle.security.am.engine.authn.internal.executor.AuthenticationModuleExecutor.checkAndThrowAuthenticationException(AuthenticationModuleExecutor.java:375)
Line 1703: Caused by: oracle.security.am.engines.common.identity.provider.exceptions.IdentityProviderException: OAMSSA-20027: Could not get user : ststoraelston, idstore: IDSPROFILE-IdentityStore, with exception: oracle.igf.ids.EntityNotFoundException: Entity not found for the search filter (&(|(objectclass=inetorgperson)(objectclass=oblixPersonPwdPolicy))(uid=ststoraelston))..
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms