Solution for OAM Error code OAM-02073 status fail is Excluded false

This entry is part 19 of 20 in the series Oracle Access Manager
When you have performed all the configuration required to protect your web application with Oracle Access Manager, the next thing you do is test if the set up works.
In this post, we will see a common problem most of us encounter on trying to test the setup for the first time. On accessing a protection resource of your web application, OAM WebGate intercepts the request and forwards it to the OAM server to determine if the resource needs an authenticated access. If yes, the OAM server redirects the user to login page. Here you enter the login credentials, click on Login and you get a blue Oracle System Error Page.
At this stage, you go to OAM Server logs folder and check diagnostic logs which provide you information about why you would have got the error. Here I will mention the error that I got on submitting the credentials in one of the environments:
oracle.security.am.proxy.oam.requesthandler.OAMProxyException: Event Response status is STATUS_FAIL for GET_AUTHN_SCHEME event. Error code OAM-02073 status fail isExcluded false
        at oracle.security.am.proxy.oam.requesthandler.NGProvider.checkProtected
(NGProvider.java:4542)
        at oracle.security.am.proxy.oam.requesthandler.NGProvider.getIsRescProtectedResponse (NGProvider.java:1401)
        at oracle.security.am.proxy.oam.requesthandler.NGProvider.getResponse
(NGProvider.java:369)
        at oracle.security.am.proxy.oam.requesthandler.RequestHandler.handleRequest
(RequestHandler.java:366)
        at oracle.security.am.proxy.oam.requesthandler.RequestHandler.handleMessage
(RequestHandler.java:170)
        at oracle.security.am.proxy.oam.requesthandler.ControllerMessageBean.getResponseMessage (ControllerMessageBean.java:122)
        at oracle.security.am.proxy.oam.requesthandler.ControllerMessageBean_eo7ylc_MDOImpl.
__WL_invoke (Unknown Source)
        at weblogic.ejb.container.internal.MDOMethodInvoker.invoke(MDOMethodInvoker.java:35)
        at oracle.security.am.proxy.oam.requesthandler.ControllerMessageBean_eo7ylc_MDOImpl.
getResponse Message (Unknown Source)
        at oracle.security.am.proxy.oam.mina.ObClientToProxyHandler.messageReceived (ObClientToProxyHandler.java:223)
        at org.apache.mina.common.DefaultIoFilterChain$TailFilter.messageReceived
(DefaultIoFilterChain.java:743)
        at org.apache.mina.common.DefaultIoFilterChain.callNextMessageReceived
(DefaultIoFilterChain.java:405)
        at org.apache.mina.common.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:40)
        at org.apache.mina.common.DefaultIoFilterChain$EntryImpl$1.messageReceived (DefaultIoFilterChain.java:823)
        at org.apache.mina.common.IoFilterEvent.fire(IoFilterEvent.java:54)
        at org.apache.mina.common.IoEvent.run(IoEvent.java:62)
        at oracle.security.am.proxy.oam.mina.CommonJWorkImpl.run(CommonJWorkImpl.java:41)
        at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:184)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

OAM stores the web server host and port information in Host Identifiers configuration. You will get the above error message when the information provided in host identifiers is not correct. The host identifier entry need not be the same as the one you enter in the browser to access protected resource especially when you have multiple network interfaces on the web server machine. To get the exact host name that the OAM server expects, you can enable the OAM logs in Trace mode. It will give you the host name as well as the port number for which the error is logged. In order to fix this problem, you need to provide the correct host name and port number combination entry in Host Identifier for  the configured OAM Agent.

If you get this error from a non-browser based application such as a Java client application, you will need to make sure that you have correct entries in host identifier and resource string that you pass to oracle.security.am.asdk.ResourceRequest() object.

If you want to learn more in Oracle Access Manager, then register for our free Minicourse by clicking on below image.

OAM FREE Mini Course by Oracle ACE Atul Kumar

Series Navigation<< How to configure a single sign-on system that assigns different authentication levels to different partner applications with OAMFREE Training : Learn Oracle Access Manager (OAM) for Single Sign-On (SSO) >>

About the Author Ganesh Kamble

Ganesh Kamble works as Oracle Fusion Middleware Consultant and is an Oracle Certified Specialist in Access Management. Having started his career in product development at Oracle, Ganesh got excellent exposure to the middleware technologies during his work in integration of Tier-1 banking product Oracle Banking Platform with Oracle Fusion Middleware products. He was honored with Outstanding Contribution award by Oracle. His key areas of interest are Oracle Identity and Access Management, Oracle Service Oriented Architecture and Java with passion for blogging on various encounters with Oracle products. He can be reached at http://twitter.com/ganeshk_8

follow me on:

Leave a Comment:

Not found