SSO Logout Of Test Instance Fails With Error 500 (Doc ID 2121889.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Identity Federation - Version 11.1.1.7.0 and later
Information in this document applies to any platform.

Symptoms

At OIF 11.1.1.7, SSO Logout fails with Error 500 Internal Error

1. Login to Fusion configured with Federation SSO
2. Click on Logout
3. Observe the error

https://login.mywebsite.com/fed/user/sposso?doneURL=https%3A%2F%2Fsso.mywebsite.com%2Flogout%2FS2PLogout.html

GET /fed/user/sposso?doneURL=https%3A%2F%2Fsso.mywebsite.com%2Flogout%2FS2PLogout.html HTTP/1.1
Host: login.mywebsite.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Referer: https://login.mywebsite.com/oam/server/logout
Cookie: JSESSIONID=qj6BGfQyz3SA3CbEECeMcpJ6b4zXqYawWRAUAmYAmDe_MvChTzgw!1697015093; OAM_REQ_0=invalid; OAM_REQ_COUNT=VERSION_4~1; ORA_OSFS_SESSION=id-X5o3OIyvgo7ab7GPQuxkOW96RHc-; ORA_FUSION_PREFS=v1.0~zzzxxxyyy==
Connection: keep-alive

HTTP/1.1 500 Internal Server Error
Date: Mon, 19 Oct 2015 17:16:56 GMT
Server: Oracle-Application-Server-11g
Content-Length: 833
X-ORACLE-DMS-ECID: 0058bXFz2mD9TcyN06R5EF0004dq0002GS
X-Powered-By: Servlet/2.5 JSP/2.1
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en


wls_oif1-diagnostic.log:

[2015-10-19T12:16:56.907-05:00] [wls_oif1] [WARNING] [FED-18071] [oracle.security.fed.eventhandler.authn.engines.osso.OssoStartSPSSOEventHandler] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 0058bXFz2mD9TcyN06R5EF0004dq0002GS,0:3] [APP: OIF#11.1.1.2.0] Service provider Oracle Single Sign-On integration module: could not decrypt the token with current key
[2015-10-19T12:16:56.908-05:00] [wls_oif1] [ERROR] [FED-18070] [oracle.security.fed.eventhandler.authn.engines.osso.OssoStartSPSSOEventHandler] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 0058bXFz2mD9TcyN06R5EF0004dq0002GS,0:3] [APP: OIF#11.1.1.2.0] Service provider Oracle Single Sign-On integration module: could not decrypt the token with current key, and old key expired
[2015-10-19T12:16:56.909-05:00] [wls_oif1] [ERROR] [FED-12064] [oracle.security.fed.controller.ActionStateMachine] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 0058bXFz2mD9TcyN06R5EF0004dq0002GS,0:3] [APP: OIF#11.1.1.2.0] Exception: {0}[[
oracle.security.fed.event.EventException: SP OSSO Integration Module: could not decrypt the token with current key, and old key expired
at oracle.security.fed.eventhandler.authn.engines.osso.OssoStartSPSSOEventHandler.decrypt(OssoStartSPSSOEventHandler.java:210)
at oracle.security.fed.eventhandler.authn.engines.osso.OssoStartSPSSOEventHandler.perform(OssoStartSPSSOEventHandler.java:78)

Changes

You have upgraded from Fusion Release 5 to Release 9. (OIF from 11.1.1.6.0 to 11.1.1.7.0)

You have used the following WLST command to register the partner:

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms