SSO Login as ORCLADMIN User Gives Error 'Authentication Failed' (Doc ID 779088.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Application Server Single Sign-On - Version 10.1.4.0.1 and later
Information in this document applies to any platform.
***Checked for relevance on 05-FEB-2016***

Symptoms

When logging into /oiddas (DAS provisioning console) as orcladmin user the error 'Authentication Failed' occurs and the login page is redisplayed.

Login as other non-administrative users is successful.

The $ORACLE_HOME/sso/log/ssoServer.log shows ERROR 'User does not exist - SIMPLE NAME = orcladmin'.

Example ssoServer.log entry:

Tue Jan 27 21:10:29 IST 2009 [ERROR] AJPRequestHandler-ApplicationServerThread-6 Could not get attributes for user, orcladmin
oracle.ldap.util.NoSuchUserException: User does not exist - SIMPLE NAME = orcladmin
at oracle.ldap.util.Subscriber.getUser_NICKNAME(Subscriber.java:1159)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:922)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:869)
at oracle.security.sso.server.ldap.OIDUserRepository.getUserProperties(OIDUserRepository.java:529)
at oracle.security.sso.server.auth.SSOServerAuth.authenticate(SSOServerAuth.java:488)
at oracle.security.sso.server.ui.SSOLoginServlet.processSSOPartnerRequest(SSOLoginServlet.java:1012)
at oracle.security.sso.server.ui.SSOLoginServlet.doPost(SSOLoginServlet.java:485)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:826)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:332)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:224)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:133)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
at java.lang.Thread.run(Thread.java:534)
.....



The orcladmin user entry exists in OID: ldapsearch with filter "cn=orcladmin" returns the entry in the expected cn=users,<DIT> location.

$ORACLE_HOME/bin/ldapsearch -h <OIDhost> -p <OIDport> -D "cn=orcladmin" -w <superuser pwd> -b "" -s sub "cn=orcladmin" dn
cn=orcladmin,cn=users,dc=uk,dc=oracle,dc=com
 

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms