OAM 11g: Authentication Failure Run-Time Events "Failure Error Code" and "User DN" Are Not Audited
(Doc ID 2316981.1)
Last updated on MARCH 25, 2019
Applies to:Oracle Access Manager - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
The following documentation states that auditing can be configured for the Authentication Failure run-time events:
- Remote IP
- User Name
- User DN
- Resource ID
- Authentication Scheme ID
- Failure Error Code
- Retry count
- Authentication Policy ID
- Partner ID
Fusion Middleware Administrator's Guide for Oracle Access Management
8.3.2 Access Manager Run-time Events You Can Audit
Enabling Filter Preset to All for OAM auditing does not log the User DN or Failure Error Code.
In the OAM Managed Server audit.log below the User Name (uid=<VALUE>) is logged, but not the User DN (cn=tes<VALUE>,cn=Users,dc=example,dc=com).
Also, authentication to the resource /cgi-bin/printenv failed ("Authentication" false), but the Failure Error Code (unclear whether this should be 49 or OAMSSA-20023) due to invalid credentials is not logged.
OAM VERSIONS KNOWN TO BE AFFECTED: OAM 220.127.116.11.x - 18.104.22.168.x
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document