Oracle Access Manager operation error : Authorization issue

I was performing OSSO integration with Oracle Access Manager.

I have created OSSO policies in Policy Manager with Authorization Rule to allow All. I have assigned the Form based authentication for login.

When I hit the portal login link, a form page is displayed and upon entering correct login details, it is throwing the below error:

Oracle Access Manager Operation Error

Access to the URL /pls/orasso/orasso.wwsso_app_admin.ls_login has been denied for user cn=orcladmin,cn=users,dc=mydomain,dc=com

I was trying to login as orcladmin user and the user is present in OID. The ObSSOCookie is also getting created successfully.

I have noticed that the authorization rule is not assigned in the Authorizations Expression tab of Default Rules in the policy domain.

Also, it is good to ensure that the header variable name defined in the authorization actions is the same as defined in OblixSSOAuth.java file.

When I assigned the Allow all authorization rule and access the portal, it worked like a charm!

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment: