My Oracle Support Banner

OAM11g - After Setting The OAM Federation Assertion OAM can't find the user who is logged into the Identity Store (Doc ID 2340688.1)

Last updated on AUGUST 21, 2018

Applies to:

Oracle Access Manager - Version 11.1.2.3.170418 and later
Information in this document applies to any platform.

Symptoms

On : 11.1.2.3.170418 version, Configuration Service

After Setting up OAM Federation, Consumer URL, Post Artifact, Etc.

OAM can't find the user who is logged into the Identity Store

[2017-12-13T02:24:22.812+00:00] [WLS_OAM1] [ERROR] [FED-15065] [oracle.security.fed.eventhandler.fed.profiles.utils.CheckUtils] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 00009Al6cZEFw00Fzzw0w00000vY0001At,0:5] [APP: oam_server#11.1.2.0.0] The destination field (https://xxx1.test.xxxxx.xxx.xxx/oam/server/fed/sp/sso) from the SAML 2.0 message does not match the actual request URL https://xxx2.test.xxxxx.xxx.xxxx.xxx/oam/server/fed/sp/sso
[2017-12-13T02:24:22.814+00:00] [WLS_OAM1] [ERROR] [FED-15038] [oracle.security.fed.eventhandler.fed.profiles.utils.CheckUtils] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 00009Al6cZEFw00Fzzw0w00000vY0001At,0:5] [APP: oam_server#11.1.2.0.0] Response destination is invalid
......
[2017-12-13T02:24:22.926+00:00] [WLS_OAM1] [ERROR] [FED-15145] [oracle.security.fed.eventhandler.fed.authn.engines.oam11g.OAM11gFinishSPSSOEventHandler] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 00009Al6cZEFw00Fzzw0w00000vY0001At,0:5] [APP: oam_server#11.1.2.0.0] The Federation SSO operation with the Identity Provider partner DS META failed with the following status: top status=RESPONDER secondary status=null and message=Message could not be validated
[2017-12-13T02:24:22.927+00:00] [WLS_OAM1] [ERROR] [FED-15134] [oracle.security.fed.eventhandler.fed.authn.engines.oam11g.OAM11gFinishSPSSOEventHandler] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ] [ecid: 00009Al6cZEFw00Fzzw0w00000vY0001At,0:5] [APP: oam_server#11.1.2.0.0] The service provider could not map the identity provider response to a user

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.