Oracle Identity Manager (OIM) 11g by default comes with 4 challenge questions and user must set three challenge questions during first time login . These challenge questions are used to authenticate user in forgot password use case.

  • You can also integrate OIM with OAAM to delegate challenge questions to OAAM
  • For more on OIM challenge questions click here and here

In this post I am going to cover how to add additional challenge questions in OIM

 

High Level Steps to Add additional challenge questions in OIM are

1. Add Challenge Questions in Lookup Definition Lookup.WebClient.Questions via OIM Design Console. More on Design Console in OIM 11g here and Design Console version 9/10 here

2. Configure Localisation by adding questions in $ORACLE_HOME/server/customResources – customResources.properties and customResources_en.properties (If you have additional languages configured then add questions in customResources_[lang].properties )

For example if you add question with code key “What is your favourite website?” and Decode “What is your favourite website?” then you must update file customResources.properties and customResources_en.properties with entry like below (replace any space in code key with -)

global.Lookup.WebClient.Questions.What-is-your-favourite-website?=What is your favourite website?

Note: If you have OIM installed on multiple machines for high availability then update these files on all OIM machines.

3. Test newly added challenge question by creating a new user and login using new user in OIM. Ensure that user can see new challenge questions

 

 

If you see login page hangs after authentication for new user and if you see errors like below in OIM log file then ensure that there is no typo in customResources_en.properties file

_____

[2012-10-17T10:21:49.052+01:00] [WLS_OIM1] [NOTIFICATION] [IAM-3050013] [oracle.iam.identity.usermgmt.impl] [tid: [ACTIVE].ExecuteThread: ’19’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: atul2012] [ecid: 004n3rDo43j7u105Nzk3ye00008w000^yV,0:1] [APP: oim#11.1.1.3.0] [URI: /admin/faces/pages/pwdmgmt.jspx] Searching for users with the specified criteria.

[2012-10-17T10:21:49.647+01:00] [WLS_OIM2] [WARNING] [] [oracle.iam.ChangePasswordtaskflow.logging] [tid: [ACTIVE].ExecuteThread: ‘4’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: atul2012] [ecid: 004n3rDqEB87u105Nzk3ye00008w000^yX,0:1] [APP: oim#11.1.1.3.0] [URI: /admin/faces/pages/pwdmgmt.jspx] User atul2012‘s challenge questions not set

[2012-10-17T10:21:49.676+01:00] [WLS_OIM1] [ERROR] [] [XELLERATE.ACCOUNTMANAGEMENT] [tid: [ACTIVE].ExecuteThread: ‘4’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: atul2012] [ecid: 004n3rDqEB87u105Nzk3ye00008w000^yX,0:1] [APP: oim#11.1.1.3.0] [URI: /admin/faces/pages/pwdmgmt.jspx] Class/Method: tcUserOperationsBean/getChallengeValuesForSelfData encounter some problems: no questions found for ‘407’.

[2012-10-17T10:21:49.683+01:00] [WLS_OIM1] [WARNING] [] [oracle.iam.ChangePasswordtaskflow.logging] [tid: [ACTIVE].ExecuteThread: ‘4’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: atul2012] [ecid: 004n3rDqEB87u105Nzk3ye00008w000^yX,0:1] [APP: oim#11.1.1.3.0] [URI: /admin/faces/pages/pwdmgmt.jspx] Could not get challenges for logged in User

[2012-10-17T10:21:49.766+01:00] [WLS_OIM1] [NOTIFICATION] [] [oracle.iam.passwordmgmt.impl] [tid: [ACTIVE].ExecuteThread: ‘4’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: atul2012] [ecid: 004n3rDqEB87u105Nzk3ye00008w000^yX,0:1] [APP: oim#11.1.1.3.0] [URI: /admin/faces/pages/pwdmgmt.jspx] Cannot find resource for bundle  oracle.iam.platform.utils.OIMCustomResourceBundle@17bfca48, global.Lookup.WebClient.Questions.What-is-the-name-of-your-pet? global.Lookup.WebClient.Questions.What-is-the-name-of-your-pet?

 

[2012-10-17T10:21:50.804+01:00] [WLS_OIM1] [NOTIFICATION] [J2EE JSP-00008] [oracle.j2ee.jsp] [tid: [ACTIVE].ExecuteThread: ‘4’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: atul2012] [ecid: 004n3rDqEB87u105Nzk3ye00008w000^yX,0:1] [APP: oim#11.1.1.3.0] [URI: /admin/faces/pages/pwdmgmt.jspx] unable to dispatch JSP page: The following exception occurred:.[[

javax.faces.FacesException: javax.faces.FacesException: oracle.adf.controller.ControllerException: ADFC-10001: cannot instantiate class ‘oracle.iam.ChangePasswordtaskflow.backing.taskflows.ChangePasswordView’

        at com.sun.faces.application.ApplicationImpl.createComponent(ApplicationImpl.java:261)

        at javax.faces.webapp.UIComponentELTag.createComponent(UIComponentELTag.java:222)

        at javax.faces.webapp.UIComponentClassicTagBase.createChild(UIComponentClassicTagBase.java:513)

        at javax.faces.webapp.UIComponentClassicTagBase.findComp

 

 

Caused by: javax.faces.FacesException: oracle.adf.controller.ControllerException: ADFC-10001: cannot instantiate class ‘oracle.iam.ChangePasswordtaskflow.backing.taskflows.ChangePasswordView’

        at oracle.adfinternal.controller.util.Utils.createAndLogFacesException(Utils.java:192)

        at oracle.adfinternal.controller.beans.ManagedBeanFactory.newInstance(ManagedBeanFactory.java:192)

        at oracle.adfinternal.controller.beans.ManagedBeanFactory.instantiateBean(ManagedBeanFactory.java:873)

 

 

Caused by: java.util.MissingResourceException: Can’t find resource for bundle java.util.PropertyResourceBundle, key global.Lookup.WebClient.Questions.What-was-your-favorite-cartoon-charater-as-a-child?

        at java.util.ResourceBundle.getObject(ResourceBundle.java:374)

 

 

[2012-10-17T10:21:50.814+01:00] [WLS_OIM1] [WARNING] [] [oracle.adfinternal.view.faces.lifecycle.LifecycleImpl] [tid: [ACTIVE].ExecuteThread: ‘4’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: atul2012] [ecid: 004n3rDqEB87u105Nzk3ye00008w000^yX,0:1] [APP: oim#11.1.1.3.0] [URI: /admin/faces/pages/pwdmgmt.jspx] ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RENDER_RESPONSE 6[[

javax.faces.FacesException: javax.servlet.ServletException: OracleJSP error:

javax.faces.FacesException: javax.faces.FacesException: oracle.adf.controller.ControllerException: ADFC-10001: cannot instantiate class ‘oracle.iam.ChangePasswordtaskflow.backing.taskflows.ChangePasswordView’

        at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:415)

______

Ensure that there are no typos in customResources_en.properties file and also entry matches with one in lookup definition.