OSB 12.2.1.3.0 logs are not showing non authenticated users on the [Security:090302]Authentication Failed exception message.
(Doc ID 2580359.1)
Last updated on JANUARY 08, 2024
Applies to:
Oracle Service Bus - Version 12.2.1.3.0 and laterInformation in this document applies to any platform.
Symptoms
On : 12.2.1.3.0 version, Oracle Service Bus
ACTUAL BEHAVIOR
---------------
When an unauthorized user is trying to log into an OSB service configured with Basic Authentication through the URL "http://{osbhost:osbport}/HelloProject/HelloProxyService?wsdl", the login information is not being reflected in the OSB server standard output file (e.g., osb_server1.out). Instead, "specified user" is being observed in the error stack:
Changes
Since 12.2.1.x was removed the username from authentication exceptions due a security vulnerability bug.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |