OPSS - After apply a Weblogic Patch PSU 10.3.6.0.161018 getting "Access To Administration Console Is Restricted" on OAM Console and a NPE on logs
(Doc ID 2309974.1)
Last updated on MARCH 01, 2023
Applies to:
Oracle Platform Security for Java - Version 11.1.2.2.0 and laterInformation in this document applies to any platform.
Symptoms
On : 11.1.2.2.0 version, Java Platform Security
WLS Patch PSU 10.3.6.0.161018 Causes "Access To Administration Console is Restricted" Error for OAM
The -Djps.auth.debug=true -Djps.auth.debug.verbose=true debug flags, show all [SUCCEEDED] no any [FAILED] Permission
Observing the next error
<Aug 1, 2017 8:45:14 AM CDT> <Error> <oracle.oam.engine.policy> <BEA-000000> <The policy store is not available; please see the log file for more details.
oracle.security.am.common.policy.admin.store.PolicyStoreException: OAMSSA-06252: The policy store is not available; please see the log file for more details.
at oracle.security.am.common.policy.util.OESUtils.checkAndThrowException(OESUtils.java:672)
at oracle.security.am.common.policy.util.ResourceTypeHelper.getAdminScopeResourceType(ResourceTypeHelper.java:607)
at oracle.security.am.common.policy.admin.provider.oes.proxy.OESAdminProxy.getAdminScopeStore(OESAdminProxy.java:137)
at oracle.security.am.common.policy.admin.provider.oes.OESPolicyAdminProvider.getAdminScopeStore(OESPolicyAdminProvider.java:293)
at oracle.security.am.common.policy.admin.impl.AdminScopeManagerImpl.getStore(AdminScopeManagerImpl.java:302)
at oracle.security.am.common.policy.admin.impl.AdminScopeManagerImpl.loadLocalMaps(AdminScopeManagerImpl.java:191)
at oracle.security.am.common.policy.admin.impl.AdminScopeManagerImpl.<init>(AdminScopeManagerImpl.java:92)
at oracle.security.am.common.policy.admin.impl.PolicyAdminImpl.createManagers(PolicyAdminImpl.java:353)
at oracle.security.am.common.policy.admin.impl.PolicyAdminImpl.<init>(PolicyAdminImpl.java:212)
at oracle.security.am.common.policy.admin.PolicyAdminFactory.getPolicyAdmin(PolicyAdminFactory.java:366)
at oracle.security.am.admin.console.beans.AccessChecker.isAccessAllowed(AccessChecker.java:608)
..................
Caused By: java.lang.NullPointerException
at oracle.security.jps.service.policystore.PolicyStoreAccessPermission.impliesCrossStyle(PolicyStoreAccessPermission.java:1640)
at oracle.security.jps.service.policystore.PolicyStoreAccessPermission.implies(PolicyStoreAccessPermission.java:1044)
at oracle.security.jps.service.policystore.PolicyStoreAccessPermissionCollection.implies(PolicyStoreAccessPermission.java:1773)
at oracle.security.jps.service.policystore.PolicyStoreAccessPermissionCollection.implies(PolicyStoreAccessPermission.java:1764)
at oracle.security.jps.az.common.info.JpsPermissions.implies(JpsPermissions.java:191)
at oracle.security.jps.az.common.info.DenyOverridesCombiner.decide(DenyOverridesCombiner.java:105)
at oracle.security.jps.az.common.info.PermissionsWithEffect.decide(PermissionsWithEffect.java:269)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.impliesInternal(JavaPolicyProvider.java:873)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.implies_NotPrivileged(JavaPolicyProvider.java:674)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.implies(JavaPolicyProvider.java:640)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.implies(JavaPolicyProvider.java:610)
at java.security.ProtectionDomain.implies(ProtectionDomain.java:224)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:352)
at java.security.AccessController.checkPermission(AccessController.java:546)
at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:463)
at oracle.security.jps.util.JpsAuth$Diagnostic.checkPermission(JpsAuth.java:350)
oracle.security.am.common.policy.admin.store.PolicyStoreException: OAMSSA-06252: The policy store is not available; please see the log file for more details.
at oracle.security.am.common.policy.util.OESUtils.checkAndThrowException(OESUtils.java:672)
at oracle.security.am.common.policy.util.ResourceTypeHelper.getAdminScopeResourceType(ResourceTypeHelper.java:607)
at oracle.security.am.common.policy.admin.provider.oes.proxy.OESAdminProxy.getAdminScopeStore(OESAdminProxy.java:137)
at oracle.security.am.common.policy.admin.provider.oes.OESPolicyAdminProvider.getAdminScopeStore(OESPolicyAdminProvider.java:293)
at oracle.security.am.common.policy.admin.impl.AdminScopeManagerImpl.getStore(AdminScopeManagerImpl.java:302)
at oracle.security.am.common.policy.admin.impl.AdminScopeManagerImpl.loadLocalMaps(AdminScopeManagerImpl.java:191)
at oracle.security.am.common.policy.admin.impl.AdminScopeManagerImpl.<init>(AdminScopeManagerImpl.java:92)
at oracle.security.am.common.policy.admin.impl.PolicyAdminImpl.createManagers(PolicyAdminImpl.java:353)
at oracle.security.am.common.policy.admin.impl.PolicyAdminImpl.<init>(PolicyAdminImpl.java:212)
at oracle.security.am.common.policy.admin.PolicyAdminFactory.getPolicyAdmin(PolicyAdminFactory.java:366)
at oracle.security.am.admin.console.beans.AccessChecker.isAccessAllowed(AccessChecker.java:608)
..................
Caused By: java.lang.NullPointerException
at oracle.security.jps.service.policystore.PolicyStoreAccessPermission.impliesCrossStyle(PolicyStoreAccessPermission.java:1640)
at oracle.security.jps.service.policystore.PolicyStoreAccessPermission.implies(PolicyStoreAccessPermission.java:1044)
at oracle.security.jps.service.policystore.PolicyStoreAccessPermissionCollection.implies(PolicyStoreAccessPermission.java:1773)
at oracle.security.jps.service.policystore.PolicyStoreAccessPermissionCollection.implies(PolicyStoreAccessPermission.java:1764)
at oracle.security.jps.az.common.info.JpsPermissions.implies(JpsPermissions.java:191)
at oracle.security.jps.az.common.info.DenyOverridesCombiner.decide(DenyOverridesCombiner.java:105)
at oracle.security.jps.az.common.info.PermissionsWithEffect.decide(PermissionsWithEffect.java:269)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.impliesInternal(JavaPolicyProvider.java:873)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.implies_NotPrivileged(JavaPolicyProvider.java:674)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.implies(JavaPolicyProvider.java:640)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.implies(JavaPolicyProvider.java:610)
at java.security.ProtectionDomain.implies(ProtectionDomain.java:224)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:352)
at java.security.AccessController.checkPermission(AccessController.java:546)
at oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3.checkPermission(JpsAuth.java:463)
at oracle.security.jps.util.JpsAuth$Diagnostic.checkPermission(JpsAuth.java:350)
Due to this issue, users getting some problems entering credentials into the OAM Console
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |