Seeing Backward Slash On DN Names After Upgrading OAM To 11.1.2.3 (Doc ID 2125395.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Identity Federation - Version 11.1.2.3.0 and later
Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Access Manager Server 11.1.2.3.0

Customer is seeing backward slash on DN names after upgrading OAM to 11.1.2.3.

Customer has upgraded OAM instance from 11.1.2.2 to 11.1.2.3 and starting seeing backward slashes on the distinguished name.

Here are before and after:


DN before upgrade - CN=some name\, Some Name A,OU=Some team,DC=xwy,ou=xwz,dc=corp,dc=com
DN after upgrade - CN=some name\\\, Some Name A\,OU=Some team\,DC=xwy\,ou=xwz\,dc=corp\,dc=com

It is affecting custom code based on DN which is failing because of extra "/". Also the same error is observed via OIF logs:

<Apr 7, 2016 3:50:01 PM MDT> <Error> <oracle.security.fed.eventhandler.profiles.idp.sso.v20.AuthnRequestEventHandler> <FED-15003> <No value in user record for NameIDPolicy requested: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress>
<Apr 7, 2016 3:54:43 PM MDT> <Emergency> <oracle.dfw.incident> <BEA-000000> <incident 5210 created with problem key "FED-10174 [wls_oif2][oracle.security.fed.model.config.Configuration]">
<Apr 7, 2016 3:54:43 PM MDT> <Emergency> <oracle.security.fed.model.config.Configuration> <FED-10174> <Property was not found: httpheaderattrcollector.>
<Apr 7, 2016 3:54:43 PM MDT> <Error> <oracle.security.fed.model.user.ldap.LDAPUserJVT> <FED-12031> <NamingException: error while interacting with an LDAP server or JNDI module
javax.naming.InvalidNameException: CN=some name\\\, Some Name A\,OU=Some team\,DC=xwy\,ou=xwz\,dc=corp\,dc=com: [LDAP: error code 34 - Provided value cannot be parsed as a valid distinguished name.]; remaining name 'CN=some name\\\, Some Name A\,OU=Some team\,DC=xwy\,ou=xwz\,dc=corp\,dc=com'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3005)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1829)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1752)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:394)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:376)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267)
at oracle.security.fed.model.user.ldap.LDAPUserJVT.getAttributes(Unknown Source)
at oracle.security.fed.eventhandler.profiles.idp.sso.v20.AuthnRequestEventHandler.perform(Unknown Source)
at oracle.security.fed.controller.ActionStateMachine.processEvent(Unknown Source)
at oracle.security.fed.controller.EventControllerImpl.processEvent(Unknown Source)
at oracle.security.fed.controller.ApplicationController.publishEvent(Unknown Source)
at oracle.security.fed.controller.web.action.RequestHandlerContext.publishEvent(Unknown Source)
at oracle.security.fed.controller.web.action.RequestHandlerContext.publishEvent(Unknown Source)
at oracle.security.fed.http.handlers.EventReferenceRequestHandler.perform(Unknown Source)
at oracle.security.fed.controller.ApplicationController.processServletRequest(Unknown Source)
at oracle.security.fed.controller.web.servlet.FederationServlet.doGet(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)



Changes

 Upgrade OAM instance from 11.1.2.2 to 11.1.2.3

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms