My Oracle Support Banner

OAAM 11g : Duplicate entries in VCRYPT_USERS in OAM-OAAM integrated setup (Doc ID 2103376.1)

Last updated on OCTOBER 06, 2019

Applies to:

Oracle Adaptive Access Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

Case 1 :

Customer has OAM-OAAM environment integrated using TAPScheme.
When a protected resource is accessed, new users are routed to register their challenge questions. At this time, OAAM inserts the user entry in VCRYPT_USERS table with a row for the user having an encrypted value of EXT_USER_ID column.

Case 2 :

Customer also have password management functionalities in Identity Manager, wherein they perform KBA user registration using OAAM API Bharosahelper.getQuestions.

When this is done, the EXT_USER_ID being one of the parameter to send from API, will be the actual value of LOGIN_ID, so in essence. There will be 2 rows in VCRYPT_USERS table for the same LOGIN_ID and hence the user is asked to register at both the places.

In cases where user is already registered using OAAM API, accessing resource via TAPScheme results in "ORA-00001: unique constraint (<PREFIX>.V_USERS_UK0) violated" error.

Expectation is since user has successfully been registered via OAAM API, user should be allowed accessed when resource is accessed via TAPScheme.

And at any time, for a user there should exist only a single entry in the VCRYPOT_USERS table.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.