OAM AccessControlException Using ASDK 220.127.116.11 In Web App
Last updated on MARCH 08, 2017
Applies to:Oracle Access Manager - Version 18.104.22.168.8 and later
Information in this document applies to any platform.
Customer has succeeded in getting the Access SDK to work from an application running on the command line.
However when they try to deploy the same code as a web app, ASDK initialization is causing the exception below.
they have even tried granting "AllPermission" everywhere I could think of, including to the entire Server-0 codebase, which is the managed server where the app is deployed.
Yes they know that is very insecure but this is a DEV sandbox. However we really DO need to know how to get past this so we can use the ASDK. they presume what's happening is that this error occurs when the ASDK tries to read credentials from its own credential store, cwallet.sso. Correct?
Please let us know what to do next.
[2016-04-06T11:17:28.750-07:00] [Server-0] [ERROR] [OAMAGENT-02010] [oracle.security.am.asdk] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: bdcbaf8d60b616de:76b4361f:153ecb0c4cc:-8000-00000000000005f4,0] [APP: amclient_sdk_test_app] [DSID: 0000LFgmm53F0FWFLzmJOA1N1Kjs000003] Oracle Access SDK initialization failed. [[
java.security.AccessControlException: access denied ("oracle.security.jps.service.credstore.CredentialAccessPermission" "context=SYSTEM,mapName=OAMAgent,keyName=Webgate11gASDK_Key" "read")
The issue has the following business impact:
Due to this issue, users cannot connect to oam from custom application.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms