After Configuring BI Publisher For LDAP Integration, BI Publisher Login Fails With Log File (xdo.log) Error: LDAP: error code 50 - Insufficient Access Rights
(Doc ID 789737.1)
Last updated on APRIL 05, 2024
Applies to:
Oracle Internet Directory - Version 10.1.4 and laterBI Publisher (formerly XML Publisher) - Version 10.1.3.4.2 and later
Information in this document applies to any platform.
Symptoms
Setup BI Publisher to enabled LDAP functionality by integratioin with Oracle Internet Directory (OID).
Followed all steps from BI Publisher document:
http://download.oracle.com/docs/cd/E12844_01/doc/bip.1013/e12188.pdf
However, when logging into BI Publisher, the following error message in BI publisher xdo.log file:
[030309_095721333][][STATEMENT] Logger.init(): *** DEBUG MODE IS ON. ***
[030309_095721334][][STATEMENT] Logger.init(): LogDir=/opt/oracle/product/bi_publisher/jdk/xmldebug
[030309_095721334][][STATEMENT] getLDAPPrincipla called with username:admin1: realUsername with:
[030309_095721357][][STATEMENT] Inside getLDAPPrincipal: case where realUsername is NULL
[030309_095721373][][EXCEPTION] Role retrieved: 0, retrieval size: 0
[030309_095721374][][EXCEPTION] javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'cn=OracleDefaultDomain,cn=OracleDBSecurity,cn=Products,cn=OracleContext,dc=mycompany,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2993)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1808)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
at oracle.apps.xdo.security.LdapValidator.getRoles(LdapValidator.java:563)
at oracle.apps.xdo.security.LdapValidator.getRoles(LdapValidator.java:401)
at oracle.apps.xdo.security.LdapValidator.getRoles(LdapValidator.java:386)
at oracle.apps.xdo.security.LdapValidator.getRoles(LdapValidator.java:356)
at oracle.apps.xdo.servlet.security.SecurityManagerImpl.getLDAPPrincipal(SecurityManagerImpl.java:780)
at oracle.apps.xdo.servlet.security.SecurityManagerImpl.getPrincipal(SecurityManagerImpl.java:330)
at _login._jspService(_login.java:239)
at com.orionserver.http.OrionHttpJspPage.service(OrionHttpJspPage.java:59)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:453)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:591)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:515)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
at oracle.apps.xdo.servlet.security.SecurityFilter.doFilter(SecurityFilter.java:181)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
at com.evermind.server.http.HttpRequestHandler.doP
[030309_095721334][][STATEMENT] Logger.init(): LogDir=/opt/oracle/product/bi_publisher/jdk/xmldebug
[030309_095721334][][STATEMENT] getLDAPPrincipla called with username:admin1: realUsername with:
[030309_095721357][][STATEMENT] Inside getLDAPPrincipal: case where realUsername is NULL
[030309_095721373][][EXCEPTION] Role retrieved: 0, retrieval size: 0
[030309_095721374][][EXCEPTION] javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'cn=OracleDefaultDomain,cn=OracleDBSecurity,cn=Products,cn=OracleContext,dc=mycompany,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2993)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1808)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
at oracle.apps.xdo.security.LdapValidator.getRoles(LdapValidator.java:563)
at oracle.apps.xdo.security.LdapValidator.getRoles(LdapValidator.java:401)
at oracle.apps.xdo.security.LdapValidator.getRoles(LdapValidator.java:386)
at oracle.apps.xdo.security.LdapValidator.getRoles(LdapValidator.java:356)
at oracle.apps.xdo.servlet.security.SecurityManagerImpl.getLDAPPrincipal(SecurityManagerImpl.java:780)
at oracle.apps.xdo.servlet.security.SecurityManagerImpl.getPrincipal(SecurityManagerImpl.java:330)
at _login._jspService(_login.java:239)
at com.orionserver.http.OrionHttpJspPage.service(OrionHttpJspPage.java:59)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:453)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:591)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:515)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
at oracle.apps.xdo.servlet.security.SecurityFilter.doFilter(SecurityFilter.java:181)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
at com.evermind.server.http.HttpRequestHandler.doP
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |