In OAM 11.1.2.3.8 Getting System Error When Using Custom Login Page, Due to Missing Request_Id (Doc ID 2216040.1)

Last updated on DECEMBER 20, 2016

Applies to:

Oracle Access Manager - Version 11.1.2.3.161018 to 11.1.2.3.161018 [Release 11g]
Information in this document applies to any platform.

Symptoms

After applying BP08 in OAM 11gR2PS3, or Patch for Bug 22289095, getting 'System error' when using custom login page, after submitting credentials.

In the OAM diagnostic log file the following can be seen:

[TRACE:16] [] [oracle.oam.commonutil] [tid: [ACTIVE].ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:e25ffbb1d6defc2a:-1c57365:158de30a7b1:-8000-0000000000005ae4,1:31248] [APP:oam_server#11.1.2.0.0] [SRC_CLASS:oracle.security.am.common.utilities.css.XSSFilter] [SRC_METHOD:isUnsecuredToken] RETURN request_id
[TRACE:16] [][oracle.oam.binding] [tid: [ACTIVE].ExecuteThread: '5' for queue:'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:e25ffbb1d6defc2a:-1c57365:158de30a7b1:-8000-0000000000005ae4,1:31248][APP:
oam_server#11.1.2.0.0] [SRC_CLASS:oracle.security.am.pbl.protocol.plugin.oam.AMHelper] [SRC_METHOD:getAMRequestToken] Request ID Token empty. Possible replay attack. Access Denied.

 

Besides this 'Request ID Token empty' message the following errors appear indicating that OAM is not getting original resource:


[WARNING] [OAM-02074][oracle.oam.controller] [tid: [ACTIVE].ExecuteThread: '4' for queue:'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:f43c7d34bf8ade8d:5b46c67d:15905e620b3:-8000-000000000000097e,0] [APP:
oam_server#11.1.2.0.0] Error while checking if the resource null is protected or not.

[NOTIFICATION:16] [OAM-02099][oracle.oam.controller] [tid: [ACTIVE].ExecuteThread: '4' for queue:'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid:f43c7d34bf8ade8d:5b46c67d:15905e620b3:-8000-000000000000097e,0] [APP:oam_server#11.1.2.0.0] ssoFlowController: Event processing finished:IS_RESOURCE_PROTECTED with status fail.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms