LDAP OFSAA Users Do Not Authenticate Correctly if Multiple LDAP Directories Are Used in OFSAA 220.127.116.11
(Doc ID 2199836.1)
Last updated on AUGUST 25, 2020
Applies to:Oracle Financial Services Analytical Applications Infrastructure - Version 18.104.22.168.0 to 22.214.171.124.0 [Release 7]
Information in this document applies to any platform.
Oracle Financial Services Analytical Applications (OFSAA)
Oracle Financial Services Analytical Applications Infrastructure (OFSAAI)
On OFSAAI 126.96.36.199.0, after applying <Patch 21106965> "ADD ABILITY TO CONFIGURE OFSAA WITH MULTIPLE LDAP DIRECTORIES" and setting up with two different LDAP directories, the LDAP users from the second added directory does not appear to be properly validating their OFSAA logins if incorrect server is selected.
It seems users recognized by LDAP can login only with AD password, but all other users setup in XXXX_USR_PROFILE can login with any password, and date is not even checked for expiry etc. Have a merger between for two different LDAP directories. With a original LDAP user ID, if selected, it validates, but if choosing user from second LDAP directory, it allows login with any password.
Expect LDAP users from both LDAP directories to properly validate with correct password when logging into OFSAA.
The issue can be reproduced at will with the following steps:
1. Login with wrong password for second LDAP user. Find successful login.
2. Login with wrong password for second LDAP user. Find invalid username/password error.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document