Changes To "Allow Access" Role In Authorization Rule Do Not Work. (Doc ID 798287.1)

Last updated on OCTOBER 07, 2009

Applies to:

COREid Access - Version: 10.1.4.0.1 to 10.1.4.2
This problem can occur on any platform.

Symptoms

You may observe the following scenario when you make changes to "Allow Access" role in Policy Domain :

  1. Go to Policy Manager
  2. Select any Policy Domain
  3. Click on Authorization Rules tab
  4. Click on any rule.
  5. Click on Allow Access
  6. In Role add "Any One"
  7. Save it.

After step 7, you continue to see "No one is allowed access".  The update for "Any One" role is not reflected on user interface (UI).

If you check the backend LDAP, you will see that instead of updating existing node for that Authorization Rule, new nodes are being created. Oracle Internet Directory ( OID ) logs shows the following:

BEGIN
2009/03/31:08:44:54 * ServerWorker (REG):12
ConnID:48630 * mesgID:6 * OpID:5 * OpName:search
ConnIP:172.30.110.26 ConnDN: cn=orcladmin
gsldValidteEntry * MissingEdn eid=356692,scp=1,nRows=0,basedn=obname=20090329t22474424223,obname=20090329t22471195520,obapp=psc,o=oblix,dc=company,dc=com,fltr=(|(objectclass=oblixpolicycondition)(objectclass=oblixcustomauthzcondition))
END

Changes

Use Oracle Internet Directory as backend LDAP.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms