'Session token passed to the ObUserSession constructor is null or invalid' With OAM SSPI Connector for Weblogic Server 9.2 (Doc ID 735383.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

COREid Access - Version: 7.0.4.3
Information in this document applies to any platform.

Symptoms

The OAM 7.0.4.3 SSPI connector has been configured for WebLogic Server 9.2 with mandatory <<Patch 6782046>>.

Although WebLogic Server Administration Console login is initially possible, after some time using the console one or more of the following problems occur:

1. Repeated errors 'Session token passed to the ObUserSession constructor is null or invalid' in SSPI connector oblog.log
2. java.lang.RuntimeException: Session token passed to the ObUserSession constructor is null or invalid. (in WLS server log)
3. JVM crashes. Error Message: Illegal memory access. [54] Exception Rec: EXCEPTION_ACCESS_VIOLATION (c0000005) at 0x7C911F6C - memory at 0x2E302E30 could not be read.
4. Weblogic admin console error 'Access not allowed for subject...' occurs and the admin console fails in read only state.
5. 'Internal Server Error' errors.

The problem only occurs with Internet Explorer browsers. It does not occur with Firefox browser.

The operating system console where WebLogic Server was started and the WebLogic server log shows errors. For example:

####<17 avr. 2008 11:41.01.185> <Error> <Security> <UKPC012078>
<OBLIX-adminServer> <[ACTIVE] ExecuteThread: '1' for queue:
'weblogic.kernel.Default(self-tuning)'> <<WLS Kernel>> <> <>
<1208425261185> <BEA-090060> <The AccessDecision class "com.oblix.weblogic.security.providers92.authorization.OblixAuthorizationProviderImpl" returned an error: java.lang.RuntimeException: Session token passed to the ObUserSession constructor is null or invalid..>

 

####<17 avr. 2008 11:41.54.050> <Error> <HTTP> <UKPC012078>
<OBLIX-adminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1208425314050> <BEA-101020> <[weblogic.servlet.internal.WebAppServletContext@1f52b85 - appName: 'consoleapp', name: 'console', context-path: '/console'] Servlet failed with Exception
java.lang.RuntimeException: Session token passed to the ObUserSession constructor is null or invalid.
at com.oblix.weblogic.security.ObWLSUser.getUserSession(ObWLSUser.java:102)
at com.oblix.weblogic.security.ObWLSUser.getUserIdentity(ObWLSUser.java:172)
at com.oblix.weblogic.common.roles.OblixCommonRoleMapperProviderImpl.OblixgetRoles(OblixCommonRoleMapperProviderImpl.java:132)
at com.oblix.weblogic.security.providers92.roles.OblixRoleMapperProviderImpl.getRoles(OblixRoleMapperProviderImpl.java:187)
at sun.reflect.GeneratedMethodAccessor35.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:61)
at $Proxy9.getRoles(Unknown Source)
at com.bea.common.security.internal.service.RoleMappingServiceImpl.getRoles(RoleMappingServiceImpl.java:101)
at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:61)
at $Proxy10.getRoles(Unknown Source)
at weblogic.security.service.RoleManager.getRoles(RoleManager.java:205)
at weblogic.security.service.AuthorizationManager.isAccessAllowed(AuthorizationManager.java:521)
at weblogic.servlet.security.internal.WebAppSecurityWLS.hasPermission(WebAppSecurityWLS.java:311)
at weblogic.servlet.security.internal.FormSecurityModule.processLoggedInUser(FormSecurityModule.java:315)
at weblogic.servlet.security.internal.FormSecurityModule.checkUserPerm(FormSecurityModule.java:204)
at weblogic.servlet.security.internal.FormSecurityModule.checkAccess(FormSecurityModule.java:87)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:82)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1938)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1908)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1362)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)



Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms