OAM 11.1.2.3 One Time PIN (OTP) Fails with Error "java.lang.IllegalArgumentException: Attribute cannot be null" (Doc ID 2242669.1)

Last updated on JUNE 23, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

OAM 11.1.2.3 upgraded from OAM 11.1.2.2

With OAM configured for One-Time Password/PIN (OTP) Two-factor authentication (T-FA), when attempting to access a protected resource the user inputs their credentials for SSO login as the first step and the following error occurs in the browser window:
Oracle Access Manager Error
System error. Please re-try your action. If you continue to get this error, please contact the Administrator.

The OAM Managed Server diagnostic logs show the following error:

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. In an IE browser input the protected application URL: http://<host>:7777/HelloOTP.html
2. The browser redirects to the SSO login: https://<host>:4447/oamsso-bi/login.pl?...
3. Input the user credentials and Sign In:
User ID: testuser
Password: **********
4. The browser "spins" for a while and then the the browser redirects to: https://<host>:4447/oam/server/auth_cred_submit and the following OAM error is shown.
Oracle Access Manager Error
System error. Please re-try your action. If you continue to get this error, please contact the Administrator.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms