WNA Login Fails: Error While Getting User Attributes From OID For The Kerberos User (Doc ID 399106.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Application Server Single Sign-On - Version 10.1.2.0.2 and later
Information in this document applies to any platform.
***Checked for relevance on 02-Jun-2015***

Symptoms

Windows Native Authentication (WNA) SSO login is failing, the fallback login prompt is displayed.

The <SSO_Home>/opmn/logs/OC4J~OC4J_SECURITY~default_island~1 log reports error 'Error while getting user attributes from OID for the kerberos user: <windows_user_name>':

06/11/08 10:55:18 SSOLoginServlet.init: SSO server started
06/11/08 10:55:18 Oracle Application Server Containers for J2EE 10g (10.1.2.0.2) initialized
06/11/08 16:36:43 Error while getting user attributes from OID for the kerberos user: Nueng@AD.TEST
06/11/08 16:36:43 oracle.security.jazn.JAZNException: The system is unable to retreive the specified user(s).
06/11/08 16:36:43 at oracle.security.jazn.spi.ldap.ExtRealm.getUser(Unknown Source)
06/11/08 16:36:43 at oracle.security.jazn.oc4j.KerberosAuthenticator.getAuthentication(Unknown Source)
06/11/08 16:36:43 at com.evermind.server.http.EvermindHttpServletRequest.getUserPrincipalInternal(EvermindHttpServletRequest.java:3736)
06/11/08 16:36:43 at com.evermind.server.http.HttpApplication.authenticate(HttpApplication.java:6341)
06/11/08 16:36:43 at com.evermind.server.http.HttpApplication.getRequestDispatcher(HttpApplication.java:2872)
06/11/08 16:36:43 at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:680)
06/11/08 16:36:43 at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:224)
06/11/08 16:36:43 at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:133)
06/11/08 16:36:43 at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
06/11/08 16:36:43 at java.lang.Thread.run(Thread.java:534)
06/11/08 16:36:43 Caused by: oracle.ldap.util.NoSuchUserException: User does not exist - SIMPLE NAME = Nueng@AD.TEST
06/11/08 16:36:43 at oracle.ldap.util.Subscriber.getUser_NICKNAME(Subscriber.java:1159)
06/11/08 16:36:43 at oracle.ldap.util.Subscriber.getUser(Subscriber.java:912)
06/11/08 16:36:43 at oracle.ldap.util.Subscriber.getUser(Subscriber.java:859)
06/11/08 16:36:43 ... 10 more


.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms