Seeing Backward Slash On DN Names After Upgrading Oracle Access Manager (OAM) To 11g R2PS3 (OAM 11.1.2.3) (Doc ID 2125395.1)

Last updated on AUGUST 04, 2022

Applies to:

Symptoms

Oracle Access Manager 11g R2PS3 (OAM 11.1.2.3)

Customer is seeing backward slash on DN names after upgrading OAM to 11.1.2.3.

Customer has upgraded OAM instance from 11.1.2.2 to 11.1.2.3 and starting seeing backward slashes on the distinguished name.

Here are before and after:

DN before upgrade - CN=<USER_ID>\, <USER_NAME>,OU=<ORG_UNIT>,DC=<COMPANY>,dc=com
DN after upgrade - CN=<USER_ID>\\\, <USER_NAME>\,OU=<ORG_UNIT>\,DC=<COMPANY>\,dc=com

It is affecting custom code based on DN which is failing because of extra "/". Also the same error is observed via OIF logs:

<Apr 7, 2016 3:50:01 PM MDT> <Error> <oracle.security.fed.eventhandler.profiles.idp.sso.v20.AuthnRequestEventHandler> <FED-15003> <No value in user record for NameIDPolicy requested: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress>
<Apr 7, 2016 3:54:43 PM MDT> <Emergency> <oracle.dfw.incident> <BEA-000000> <incident 5210 created with problem key "FED-10174 [<OIF_SERVER_NAME>][oracle.security.fed.model.config.Configuration]">
<Apr 7, 2016 3:54:43 PM MDT> <Emergency> <oracle.security.fed.model.config.Configuration> <FED-10174> <Property was not found: httpheaderattrcollector.>
<Apr 7, 2016 3:54:43 PM MDT> <Error> <oracle.security.fed.model.user.ldap.LDAPUserJVT> <FED-12031> <NamingException: error while interacting with an LDAP server or JNDI module
javax.naming.InvalidNameException: CN=some name\\\, Some Name A\,OU=Some team\,DC=xwy\,ou=xwz\,dc=corp\,dc=com: [LDAP: error code 34 - Provided value cannot be parsed as a valid distinguished name.]; remaining name 'CN=<USER_ID>\\\, <USER_NAME>\,OU=<ORG_UNIT>\,DC=<COMPANY>\,dc=com'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3005)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1829)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1752)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:394)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:376)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267)
at oracle.security.fed.model.user.ldap.LDAPUserJVT.getAttributes(Unknown Source)
at oracle.security.fed.eventhandler.profiles.idp.sso.v20.AuthnRequestEventHandler.perform(Unknown Source)
at oracle.security.fed.controller.ActionStateMachine.processEvent(Unknown Source)
at oracle.security.fed.controller.EventControllerImpl.processEvent(Unknown Source)
at oracle.security.fed.controller.ApplicationController.publishEvent(Unknown Source)
at oracle.security.fed.controller.web.action.RequestHandlerContext.publishEvent(Unknown Source)
at oracle.security.fed.controller.web.action.RequestHandlerContext.publishEvent(Unknown Source)
at oracle.security.fed.http.handlers.EventReferenceRequestHandler.perform(Unknown Source)
at oracle.security.fed.controller.ApplicationController.processServletRequest(Unknown Source)
at oracle.security.fed.controller.web.servlet.FederationServlet.doGet(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)

Changes

 Upgrade OAM instance from 11.1.2.2 to 11.1.2.3

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.