WebLogic Server Assertion Error In Managed Server Environment After OAM Session Timeout
Last updated on MARCH 08, 2017
Applies to:COREid Access - Version: 18.104.22.168 to 10.1.4.3.0 - Release: 22.214.171.124 to
Information in this document applies to any platform.
Weblogic Server 9.2 is configured with the Oracle Access Manager (OAM) SSPI Connector for authentication/authorization.
Error ASSERTION FAILED occurs when accessing the WebLogic Administration console in an existing authenticated session after AccessGate user/idle session timeout.
Although the user is redirected to the WebLogic console login page after session timeout and relogin seems successful, subsequent access to console pages fails with the ASSERTION FAILED error e.g.
The source of this error is com.bea.portlet.adapter.scopedcontent.ActionLookupFailedException: weblogic.utils.AssertionError: ****** ASSERTION FAILED ****** at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.exceuteAction
Caused by: weblogic.utils.AssertionError: ****** ASSERTION FAILED ****** at weblogic.server.ServerLifeCycleRuntime.getStateRemote (ServerLifeCycleRuntime.java:370)
The problem also reproduces with WLST.
The problem does not occur with a single WebLogic admin server installation. It only reproduces in a managed server environment i.e. where administration of multiple WebLogic servers in a cluster is handled via a single administration console.
The problem reproduces even with only a single Managed Server running on the Administration node itself.
Steps to reproduce
1) Set up a Cluster environment in BEA Weblogic
2) Integrate it with OAM SSPI connector for Weblogic 9.2
3) Set the Weblogic AccessGate Session Timeout to a small duration e.g. 5 minutes. Re-run configureAccessGate tool and restart Weblogic Server after making such configuration changes
4) Ensure the Weblogic Administration Server and at least one of the Managed Servers are running
5) Access the Weblogic Console and login
6) Leave the browser session remain idle for longer than the AccessGate Session Timeout period
7) After the timeout click on any link. Either:
a) error HTTP-403 Forbidden is displayed
or b) the user is redirected to the WLS console login page if this is configured in the NetPointProvidersConfig.properties ObAuthorization.OnDenyRedirectToUrl property.
If a) try to reload the console, the error will persist. The browser session must be closed/restarted.
If b) although the login page is displayed, valid credentials are submitted and login seems to be successful, if any link in Weblogic Console is clicked the ASSERTION ERROR is displayed
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms