OPSS - IGF: [IGF-00021] [oracle.igf.ovd] Cannot get LDAP Identity Store properties from OPSS ,JPS-02597 Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider that matches your LDAP server
(Doc ID 2807293.1)
Last updated on DECEMBER 22, 2023
Applies to:
Oracle Platform Security for Java - Version 12.2.1.3.210420 and laterInformation in this document applies to any platform.
Symptoms
On : 12.2.1.3.210420 version, Java Platform Security
In the server logs seeing the JPS-02597 or IGF-00021 appears in server logs in the OIG product
[ERROR] [JPS-02597] [oracle.jps.idmgmt] [APP: oracle.iam.console.identity.self-service.ear] [partition-name: DOMAIN] You configured a custom Authentication Provider or WLS generic LDAPAuthenticator, which the libOvd can not recognize. Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider that matches your LDAP server instead of a generic one.
[WARNING] [IGF-00021] [oracle.igf.ovd] [APP: oracle.iam.console.identity.self-service.ear] [partition-name: DOMAIN] Cannot get LDAP Identity Store properties from OPSS
[TRACE] [IGF-00021] [oracle.igf.ovd] Cannot get LDAP Identity Store properties from OPSS[[
org.openliberty.arisid.IGFException: Cannot get LDAP Identity Store properties from OPSS
at com.oracle.ovd.arisid.IdentityStoreConfig.getProperties(IdentityStoreConfig.java:181)
at com.oracle.ovd.arisid.OvdIdsStackProvider.<init>(OvdIdsStackProvider.java:334)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at java.lang.Class.newInstance(Class.java:442)
at oracle.igf.ids.IdentityDirectory.getStackProvider(IdentityDirectory.java:444)
at oracle.igf.ids.IdentityDirectory.<init>(IdentityDirectory.java:227)
....
Caused by: oracle.security.jps.service.idstore.IdentityStoreException: JPS-02597: You configured a custom Authentication Provider or WLS generic LDAPAuthenticator, which the libOvd can not recognize. Supply the idstore.type property in jps-config.xml file, or use a specific WLS LDAP Authentication provider that matches your LDAP server instead of a generic one.
at oracle.security.jps.internal.idstore.util.LibOvdUtil$IDSConfigProvider.getIgfLdapProperties(LibOvdUtil.java:1052)
at oracle.security.jps.internal.idstore.util.LibOvdUtil.getIgfLdapProperties(LibOvdUtil.java:217)
at oracle.security.jps.internal.idstore.util.LibOvdUtil.getIdStoreLdapPropertiesInternal(LibOvdUtil.java:281)
Here are the details in the jps-config.xml
<serviceProvider type="IDENTITY_STORE" name="idstore.oim.provider" class="oracle.security.jps.internal.idstore.generic.GenericIdentityStoreProvider">
<description>OIM-based IdStore Provider</description>
</serviceProvider>
<serviceInstance name="idstore.oim" provider="idstore.oim.provider" location=" ">
<description>OIM Identity Store Service Instance</description>
<property name="idstore.type" value="CUSTOM"/>
<property name="ADF_IM_FACTORY_CLASS" value="oracle.iam.userrole.providers.oimdb.OIMDBIdentityStoreFactory"/>
<property name="DATASOURCE_NAME" value="jdbc/soaOIMLookupDB"/>
</serviceInstance>
<jpsContext name="default">
<serviceInstanceRef ref="credstore.db"/>
<serviceInstanceRef ref="keystore.db"/>
<serviceInstanceRef ref="policystore.db"/>
<serviceInstanceRef ref="audit.db"/>
<serviceInstanceRef ref="trust"/>
<serviceInstanceRef ref="pdp.service"/>
<serviceInstanceRef ref="attribute"/>
<serviceInstanceRef ref="idstore.oim"/>
</jpsContext>
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |