OC4J_SECURITY Fails To Start After Running Deconfig.pl Tool On New Single Sign-On Node

(Doc ID 435483.1)

Last updated on JULY 01, 2016

Applies to:

Oracle Application Server Single Sign-On - Version and later
Information in this document applies to any platform.


The tool deconfig.pl is ran against a Single Sign-On (SSO) node in a cluster configuration.
OC4J_SECURITY is then failed to start on remaining Single Sign-On node(s). In this case the output from the command opmnctl status would show the status of OC4J_SECURITY process as not alive, for example:

Processes in Instance: immr.hao-au.au.oracle.com
ias-component      | process-type       |     pid | status
DSA                | DSA                |     N/A | Down
LogLoader          | logloaderd         |     N/A | Down
dcm-daemon         | dcm-daemon         |     N/A | Down
OC4J               | OC4J_SECURITY      |    7123 | Down
HTTP_Server        | HTTP_Server        |    7107 | Alive

and the log file $ORACLE_HOME/opmn/logs/OC4J~OC4J_SECURITY~default_island~1 would contain an error stack trace and the final error message: "SSO: FAILED TO START SSO SERVER!".

Note that depending on how much data is removed/modified by deconfig.pl, OC4J_SECURITY can fail at different stage and yield different error stack trace. See 'Master Note For How OC4J_SECURITY Startup Works and Common Issues' <Note 1072201.1> for different error stack traces during an OC4J_SECURITY process startup phase.

There are cases where OC4J_SECURITY can get started successfully after an un-intentional execution of deconfig.pl , but gives error during its operations. <Note 416609.1> describes such a situation. In these cases, this Note can also be used to do a full restore of SSO configuration data.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms