My Oracle Support Banner

OSB 12.2.1.3.0 logs are not showing non authenticated users on the [Security:090302]Authentication Failed exception message. (Doc ID 2580359.1)

Last updated on SEPTEMBER 09, 2022

Applies to:

Oracle Service Bus - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Symptoms

On : 12.2.1.3.0 version, Oracle Service Bus

ACTUAL BEHAVIOR
---------------
When an unauthorized user is trying to log into an OSB service configured with Basic Authentication through the URL "http://{osbhost:osbport}/HelloProject/HelloProxyService?wsdl", the login information is not being reflected in the OSB server standard output file (e.g., osb_server1.out). Instead, "specified user" is being observed in the error stack:

Changes

 Since 12.2.1.x was removed the username from authentication exceptions due a security vulnerability bug.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.