OUD Kerberos Pass Through Authentication (PTA) and "/tmp/jaasxxxxxx.conf" File
(Doc ID 2807109.1)
Last updated on AUGUST 30, 2023
Applies to:
Oracle Unified Directory - Version 12.2.1.4.0 and laterInformation in this document applies to any platform.
Symptoms
OUD Kerberos PTA configuration creates a jaas config file in /tmp. If this file gets removed from /tmp by OS housekeeping jobs then authentication starts to fail.
errors.log.20210522035959Z:
[2021-05-21T20:39:31.430-07:00] [OUD] [ERROR] [OUD-196716] [CORE] [host: <HOSTNAME>] [nwaddr: <IP Address>] [tid: <TID>] [userId: <USERID>] [ecid: <ECID>] Worker Thread 2 encountered an uncaught exception while processing operation BindOperation(connID=<CONNID>, opID=0, protocol="LDAPS 3, dn=<DN>,ou=<OU>,dc=<SUFFIX_DN>, authType=Simple): java.io.IOException: /tmp/jaas8571433703703505902.conf (No such file or directory) (ConfigFile.java:137 ConfigFile.java:102 NativeConstructorAccessorImpl.java:-2 NativeConstructorAccessorImpl.java:62 DelegatingConstructorAccessorImpl.java:45 Constructor.java:423 Class.java:442 Configuration.java:255 Configuration.java:247 AccessController.java:-2 Configuration.java:246 LoginContext.java:245 LoginContext.java:243 AccessController.java:-2 LoginContext.java:243 LoginContext.java:417 KerberosAuthProviderWorkflowElement.java:434 KerberosAuthProviderWorkflowElement.java:402 KerberosAuthProviderWorkflowElement.java:150 UnionPartition.java:436 UnionPartition.java:388 ...); caused by /tmp/jaas8571433703703505902.conf (No such file or directory) (ConfigFile.java:666 ConfigFile.java:262 ConfigFile.java:135 ConfigFile.java:102 NativeConstructorAccessorImpl.java:-2 NativeConstructorAccessorImpl.java:62 DelegatingConstructorAccessorImpl.java:45 Constructor.java:423 Class.java:442 Configuration.java:255 Configuration.java:247 AccessController.java:-2 Configuration.java:246 LoginContext.java:245 LoginContext.java:243 AccessController.java:-2 LoginContext.java:243 LoginContext.java:417 KerberosAuthProviderWorkflowElement.java:434 KerberosAuthProviderWorkflowElement.java:402 KerberosAuthProviderWorkflowElement.java:150 ...)
This seems to happen because most linux systems clear files in /tmp daily or weekly and PTA puts a critical file in there.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |