My Oracle Support Banner

OPSS : JPS-02597: You configured a custom Authentication Provider or WLS generic LDAPAuthenticator,which the libOvd can not recognize. Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider (Doc ID 2419742.1)

Last updated on JULY 16, 2018

Applies to:

Oracle Platform Security for Java - Version 11.1.1.9.0 and later
Information in this document applies to any platform.

Symptoms

Configured AD with OBIEE and reordered providers in the console. While starting the Adminserver issue is reported.

config.xml file looks as follow:

 <sec:authentication-provider xsi:type="wls:active-directory-authenticatorType">
 <sec:name>AIS_LDAP</sec:name>
 <sec:control-flag>SUFFICIENT</sec:control-flag>
 <wls:host>xxxxxxx</wls:host>
 <wls:user-name-attribute>sAMAccountName</wls:user-name-attribute>
 <wls:principal>cn=adjoin,ou=xxx,dc=xxx,dc=xxx</wls:principal>
 <wls:user-base-dn>ou=xxx,dc=xxxr,dc=xxx</wls:user-base-dn>
 <wls:credential-encrypted>{AES}kcli5EgT/62CfYglFGYRbG2hEP2EZSYa86g9ak3qrtA=</wls:credential-encrypted>
 <wls:user-from-name-filter>(&amp;(sAMAccountName=%u)(objectclass=user))</wls:user-from-name-filter>
 <wls:group-base-dn>OU=xxxGroup,DC=xx,DC=xx</wls:group-base-dn>
 </sec:authentication-provider>
 <sec:authentication-provider xsi:type="wls:default-authenticatorType">
 <sec:control-flag>SUFFICIENT</sec:control-flag>

 

${domain.home}/config/fmwconfig/jps-config.xml looks as follow:

<serviceInstance name="idstore.ldap" provider="idstore.ldap.provider">
<description>LDAP Identity Store Service Instance</description>
<property name="idstore.config.provider" value="oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider"/>
<property name="CONNECTION_POOL_CLASS" value="oracle.security.idm.providers.stdldap.JNDIPool"/>
<property name="virtualize" value="true"/>
</serviceInstance>

 

 

Next message reported in the AdminServer.log file:

Jul 4, 2018 10:38:09 AM MYT> <Critical> <WebLogicServer> <aisvmsitapp03.airselangor.local> <AdminServer> <main> <> <> <> <1530671889616> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-02597: You configured a custom Authentication Provider or WLS generic LDAPAuthenticator, which the libOvd can not recognize. Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider that matches your LDAP server instead of a generic one.
weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-02597: You configured a custom Authentication Provider or WLS generic LDAPAuthenticator, which the libOvd can not recognize. Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider that matches your LDAP server instead of a generic one.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1402)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1022)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: oracle.security.jps.JpsRuntimeException: JPS-02597: You configured a custom Authentication Provider or WLS generic LDAPAuthenticator, which the libOvd can not recognize. Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider that matches your LDAP server instead of a generic one.
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:190)
at oracle.security.jps.internal.policystore.TenantJavaPolicyProvider.<init>(TenantJavaPolicyProvider.java:161)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:306)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:279)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at java.lang.Class.newInstance(Class.java:383)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1343)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1022)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: oracle.security.jps.JpsException: JPS-02597: You configured a custom Authentication Provider or WLS generic LDAPAuthenticator, which the libOvd can not recognize. Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider that matches your LDAP server instead of a generic one.
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPDPService(PolicyUtil.java:3180)
at oracle.security.jps.internal.policystore.PolicyUtil.getPDPService(PolicyUtil.java:3480)
at oracle.security.jps.internal.policystore.PolicyUtil.getPDPService(PolicyUtil.java:3466)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:188)
at oracle.security.jps.internal.policystore.TenantJavaPolicyProvider.<init>(TenantJavaPolicyProvider.java:161)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:306)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:279)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at java.lang.Class.newInstance(Class.java:383)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1343)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1022)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: oracle.security.jps.service.idstore.IdentityStoreException: JPS-02597: You configured a custom Authentication Provider or WLS generic LDAPAuthenticator, which the libOvd can not recognize. Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider that matches your LDAP server instead of a generic one.
at oracle.security.jps.internal.idstore.util.LibOvdUtil$IDSConfigProvider.getIgfLdapProperties(LibOvdUtil.java:625)
at oracle.security.jps.internal.idstore.util.LibOvdUtil$LibOvdDataPusherImpl.init(LibOvdUtil.java:456)
at oracle.security.jps.internal.idstore.util.LibOvdUtil$LibOvdDataPusherImpl.<init>(LibOvdUtil.java:450)
at oracle.security.jps.internal.idstore.util.LibOvdUtil.getLibOvdDataPusher(LibOvdUtil.java:131)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider$1.run(LdapIdentityStoreProvider.java:460)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider$1.run(LdapIdentityStoreProvider.java:458)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider.getLibOvdDataPusher(LdapIdentityStoreProvider.java:458)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider.access$1400(LdapIdentityStoreProvider.java:90)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider$UseLibOvd.getInstance(LdapIdentityStoreProvider.java:363)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider.getInstance(LdapIdentityStoreProvider.java:112)
at oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider.getInstance(LdapIdentityStoreProvider.java:90)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.findServiceInstance(ContextFactoryImpl.java:139)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:170)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:191)
at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:132)
at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:159)
at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:165)
at oracle.security.jps.internal.policystore.PolicyUtil$3.run(PolicyUtil.java:3152)
at oracle.security.jps.internal.policystore.PolicyUtil$3.run(PolicyUtil.java:3149)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPDPService(PolicyUtil.java:3149)
at oracle.security.jps.internal.policystore.PolicyUtil.getPDPService(PolicyUtil.java:3480)
at oracle.security.jps.internal.policystore.PolicyUtil.getPDPService(PolicyUtil.java:3466)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:188)
at oracle.security.jps.internal.policystore.TenantJavaPolicyProvider.<init>(TenantJavaPolicyProvider.java:161)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:306)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:279)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at java.lang.Class.newInstance(Class.java:383)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1343)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1022)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.