Certification Of Access Policy With Multiple Application Instances With The Same Endpoint Fails With Error: ORA-00001: unique constraint (<XXX>.PK_CERTD_ROLE_POLICY) violated
(Doc ID 2634012.1)
Last updated on AUGUST 02, 2021
Applies to:
Identity Manager - Version 11.1.2.3.170924 and laterInformation in this document applies to any platform.
Goal
When creating certification of a Role with an access policy that contains multiple application instances with the same endpoint,
the role certification creation fail with following error : ORA-00001: unique constraint (<XXX>.PK_CERTD_ROLE_POLICY) violated:
---------------------------------------------------------------------
[2019-10-23T14:07:19.950+02:00] [oim_server1] [ERROR] []
[oracle.iam.certification.internal.impl] [tid: OIMQuartzScheduler_Worker-6]
[userId: <UserID>l] [ecid: <ecid>]
[APP: oim#11.1.1.3.0] error while creating role certification, certification
name:TestRole[[
org.springframework.dao.DataIntegrityViolationException:
PreparedStatementCallback; SQL [INSERT INTO CERTD_ROLE_POLICY (CERT_ID,
ROLE_ID, POLICY_ID, CERTIFIED, COMMENTS, CERTIFICATION_DATE,
ISREQUIRED,ENTITY_ID,PARENT_ENTITY_ID) VALUES ( ? , ?, ?, ?, ? , ?, ?
,?, ?)]; ORA-00001: unique constraint (IDALL_OIM.PK_CERTD_ROLE_POLICY)
violated
; nested exception is java.sql.SQLIntegrityConstraintViolationException:
ORA-00001: unique constraint (<XXX>.PK_CERTD_ROLE_POLICY) violated
at
org.springframework.jdbc.support.SQLErrorCodeSQLExceptionTranslator.doTranslat
e(SQLErrorCodeSQLExceptionTranslator.java:228)
at
org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.transl
ate(AbstractFallbackSQLExceptionTranslator.java:72)
at
org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:607)
at
..
...
]]
----------------------------------------------------------------------------------------------
Steps to reproduce the issue:
(1)Define 2 application instances using 2 separate resource objects {each resource object has it dedicate process form+child form(entitlement property set to "True" for child column) and process definition} but same IT Resource
(2)Define an access policy which provision both application instances using same role.
(3)Define certificate definition for "Role", it will let you define it but when you run the schedule job it will fail with error mentioned earlier.
Please advise cause and resolution of this issue
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |
| References |