My Oracle Support Banner

OAAM 11g : Duplicate entries in VCRYPT_USERS in OAM-OAAM integrated setup (Doc ID 2103376.1)

Last updated on FEBRUARY 03, 2019

Applies to:

Oracle Adaptive Access Manager - Version and later
Information in this document applies to any platform.


Case 1 :
Customer has OAM-OAAM environment integrated using TAPScheme.
When a protected resource is accessed, new users are routed to register their challenge questions. At this time, OAAM inserts the user entry in VCRYPT_USERS table with a row for the user having an encrypted value of EXT_USER_ID column.

Case 2 :
Customer also have password management functionalities in Identity Manager, wherein they perform KBA user registration using OAAM API Bharosahelper getQuestions.

When this is done, the EXT_USER_ID being one of the parameter to send from API, will be the actual value of LOGIN_ID, so in essence. there will be 2 rows in VCRYPOT_USERS table for the same LOGIN_ID and hence the user is asked to register at both the places.

In cases where user is already registed using OAAM API, accessing resource via TAPScheme results in "ORA-00001: unique constraint (OAAM.V_USERS_UK0) violated" error.

Expectation is since user has successfully been registed via OAAM API, he should be allowed accessed when resource is accessed via TAPScheme.
And at any time, for a user there should exist only a single entry in the VCRYPOT_USERS table.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.