My Oracle Support Banner

OAAM 11g : Duplicate entries in VCRYPT_USERS in OAM-OAAM integrated setup (Doc ID 2103376.1)

Last updated on AUGUST 09, 2018

Applies to:

Oracle Adaptive Access Manager - Version and later
Information in this document applies to any platform.


Case 1 :
Customer has OAM-OAAM environment integrated using TAPScheme.
When a protected resource is accessed, new users are routed to register their challenge questions. At this time, OAAM inserts the user entry in VCRYPT_USERS table with a row for the user having an encrypted value of EXT_USER_ID column.

Case 2 :
Customer also have password management functionalities in Identity Manager, wherein they perform KBA user registration using OAAM API Bharosahelper getQuestions.

When this is done, the EXT_USER_ID being one of the parameter to send from API, will be the actual value of LOGIN_ID, so in essence. there will be 2 rows in VCRYPOT_USERS table for the same LOGIN_ID and hence the user is asked to register at both the places.

In cases where user is already registed using OAAM API, accessing resource via TAPScheme results in "ORA-00001: unique constraint (OAAM.V_USERS_UK0) violated" error.

Expectation is since user has successfully been registed via OAAM API, he should be allowed accessed when resource is accessed via TAPScheme.
And at any time, for a user there should exist only a single entry in the VCRYPOT_USERS table.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.