Leave a Comment:
19 comments
Hi Atul,
I installed Oracle Identity Manager 11g(11.1.1.3) with weblogic server(10.3.3) and database11g(11.2.0.1) successfully with out any errors or warnings.
I am able to run the OIM Server and I can find the security questions for UserName: xelsysadm, but I am unable to move further due to following exception
#### SessionContainer:valueUnbound: Session timed out Event name is: Xellerate.Session
<Class/Method: tcLogonAction/execute encounter some problem
s: {1}
Thor.API.Exceptions.tcColumnNotFoundException
at Thor.API.tcMetaDataSet.getBooleanValue(tcMetaDataSet.java:661)
at com.thortech.xl.webclient.actions.tcLogonAction.login(tcLogonAction.java:163)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:269)
at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(tcLookupDispatchAction.java:133)
at com.thortech.xl.webclient.actions.tcActionBase.execute(tcActionBase.java:894)
at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:305)
at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:191)
at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:526)
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
at jsp_servlet.__tjspindex._jspService(__tjspindex.java:157)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.ServletStubImpl.onAddToMapException(ServletStubImpl.java:416)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:326)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at com.thortech.xl.webclient.security.CSRFFilter.doFilter(CSRFFilter.java:61)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.iam.platform.auth.web.PwdMgmtNavigationFilter.doFilter(PwdMgmtNavigationFilter.java:115)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.iam.platform.auth.web.OIMAuthContextFilter.doFilter(OIMAuthContextFilter.java:100)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Can’t load ESAPI properties from classpath, trying FileIO
The LOG-LEVEL property in the ESAPI properties file is not defined.
Eventhough I am able to Login to Design console with UserName: xelsysadm.
Could you please suggest me how to solve this issue.
Thanks
Suresh
[…] For Part IV Install IDAM 11.1.1.3 click here […]
ReplyHi Suresh,
Even I was facing the same problem till yesterday but now you I can able to login to OIM 11g web console
The problem was with OIM11g URL
The old OIM 9.1 url which is http://:/xlWebApp still works only till you enter the challenge questionnaire but once you enter the answers and hit on submit it just goes blank..
Some how I have found the new url for OIM 11g which is
http://:/oim/faces/pages/Admin.jspx
This is working fine for me
Note – to get the complete functionalities of OIM such as tasks and other approval related stuffs you need to start the SOA server as well
Fyi – you need to start 1) weblogic domain server 2) OIM Node manager 3) SOA node manager
Hope it helps you
Thanks
Satish
Hi Atul,
I worked as a DBA for a While and by curiosity Joined as Infrastructure/Middleware eng. Now I am implementing IDM suite by following Oracle’s EDG. Some how I am unable to validate OIM Verification by typing url http://oimhost1:port/oim/self it throws me 404 error!. can you please shed some light on this issue.
Reply@ Krishna,
Did you configure OIM as mentioned in part VI of this series ?
Did you start OIM managed server ?
If yes then
Check OIM managed server log file on weblogic under $DOMAIN_HOME/servers/[oim_server1]/logs
[…] For Part IV Install IDAM 11.1.1.3 click he […]
ReplyAtul,
We are running on AIX 6.1 64 bit machine, but installed 32-bit JDK.
For installing OAM, OID, OHS, WLS 11gR1, can we use the default 32-bit JDK/JRE (installed on the machine) or do we have to use only 64-bit jdk/jre?
Thanks
Ramasamy
@ Ramasamy,
Any reason for not installing 64 bit JDK ? Its not late yet so my recommendation would be to configure using 64 bit JDK.
From JDK point of view you could install 32 bit JDK on 64 bit OS but with some Oracle Fusion Middleware Products you can’t use 32 bit software on 64 bit machine (if OAM, OID, OHS falls under that I am not sure)
In my opinion , go for 64 bit JDK
ReplyAtul,
For integrating Oracle EBS R12 with OAM 11gR1 for SSO (using AccessGate 1.1), I have installed the following:
1. Repository DB 11.2.0.2
2. Ran RCU 11.1.1.4
3. Installed WLS 10.3.3
4. Installed OID 11.1.1.2 – OH=Oracle_IDM1 under FMWHOME
5. Installed OID PS2 (11.1.1.3)
6. Installed OAM 11.1.1.3 using IMAM Suite – OH=Oracle_OAM1 under FMWHOME
Is it correct that I have to install OAM in a separate OH or use the OID OH? When I use the separate OH for OAM, I am having by running the opatch command in OAM OH?
Thanks
Ramasamy
Atul,
Also, I noticed that in OAM OH, lot of directories are missing such as lib, jlib, rdms, etc.
I installed OID 11.1.1.2 using IM media and OAM using IMAM Suite media…
Thanks for your help.
– Ramasamy
Reply@ Ramasamy
Q: I noticed that in OAM OH, lot of directories are missing such as lib, jlib, rdms, etc.
A: Yes these may not be required. OIM and OID are two different software and hence different file and hence required to be installed in different Oracle Homes (OH)
Reply@ Ramasamy,
Q: Is it correct that I have to install OAM in a separate OH or use the OID OH? When I use the separate OH for OAM, I am having by running the opatch command in OAM OH?
A: Yes, OAM and OID must be installed in different Oracle Homes (OH). opatch can be run from any directory as long as opatch version is corrent but when you apply patch for OAM component then set ORACLE_HOME to OAM OH and if you are patching OID component then set ORACLE_HOME to OID OH
ReplyHI Atul,
Thank you for your excellent step by step installation guide.
I installed OIM11g r5 on Linux and started all the “oim_server1” server and the ./startManagedWebLogic.sh “soa_server1” “http://idmlab.com:7001″. However when I click on the TASK under Self Service to view the pending approvals. I am getting the following error message:
An error occurred while searching tasks from the SOA Server.
When I configured the schema using RCU I selected SOA Infrastructure, BAM and User Messaging Service.
I configured the setSOADomainEnv.sh file and increased the below parameters as follows:
DEFAULT_MEM_ARGS=”-Xms1024m -Xmx2048m”
PORT_MEM_ARGS=”-Xms1536m -Xmx3072m”
increased the ulimit in linux
and updated the jdbc connection pool in weblogic admin console.
I restarted all the servers several times but not sure why I am still getting the above error message. Please let me know if I am missing anything or why I am unable to view pending approvals in OIM.
For weblogic user in OIM I gave same permissions as xelsysadm. My oim_server1 logs showing the following errors I gave same permissions
——-
[2011-10-14T16:30:43.879-04:00] [oim_server1] [NOTIFICATION] [] [oracle.jps.policymgmt] [tid: Thread-101] [userId: oiminternal] [ecid: 0000JC35UPGBT8WzLwrI8A1Ea5U5000001,1:18983] [APP: oim#11.1.1.3.0] Ignore PDP “OIMMicroSM_idmlab.com_file__home_oracle_Oracle_Middleware_Oracle_IDM1_modules_oracle_oes_11_1_1” in this distribution because no policies need to be distributed to it.
[2011-10-14T16:32:21.155-04:00] [oim_server1] [NOTIFICATION] [IAM-0060016] [oracle.iam.platform.auth.impl] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 4f9b09c8e6b106ab:34db70c3:1330315e0de:-8000-00000000000003d9,0] [APP: oim#11.1.1.3.0] The IP address from which browser is triggered is 192.168.112.1
[2011-10-14T16:32:21.157-04:00] [oim_server1] [ERROR] [] [] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 4f9b09c8e6b106ab:34db70c3:1330315e0de:-8000-00000000000003d9,0] [APP: oim#11.1.1.3.0] Failed to communicate with any of configured Access Server, ensure that it is up and running.
[2011-10-14T16:32:21.193-04:00] [oim_server1] [NOTIFICATION] [] [oracle.iam.consoles.faces.mvc.canonic] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 4f9b09c8e6b106ab:34db70c3:1330315e0de:-8000-00000000000003d9,0] [APP: oim#11.1.1.3.0] Canonic Model – selectSecondaryNavigation – source = oracle.iam.consoles.faces.navigation.canonic.SubNavigationPanel@5d83ca9e
[2011-10-14T16:32:21.193-04:00] [oim_server1] [NOTIFICATION] [] [oracle.iam.consoles.faces.mvc.canonic] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 4f9b09c8e6b106ab:34db70c3:1330315e0de:-8000-00000000000003d9,0] [APP: oim#11.1.1.3.0] Canonic Model – selectSecondaryNavigation – subPanel Id = APPROVALS_FORM
[2011-10-14T16:32:21.193-04:00] [oim_server1] [NOTIFICATION] [] [oracle.iam.consoles.faces.mvc.canonic] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 4f9b09c8e6b106ab:34db70c3:1330315e0de:-8000-00000000000003d9,0] [APP: oim#11.1.1.3.0] Canonic Model – selectSecondaryNavigation – Panel [APPROVALS_FORM] not yet prepared. Preparing now …
[2011-10-14T16:32:21.326-04:00] [oim_server1] [ERROR] [IAM-2060012] [oracle.iam.tasklist.agentry.task] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 4f9b09c8e6b106ab:34db70c3:1330315e0de:-8000-00000000000003d9,0] [APP: oim#11.1.1.3.0] Error occurred while connecting to BPEL
[2011-10-14T16:32:21.326-04:00] [oim_server1] [ERROR] [] [oracle.iam.tasklist.agentry.task] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 4f9b09c8e6b106ab:34db70c3:1330315e0de:-8000-00000000000003d9,0] [APP: oim#11.1.1.3.0] Insufficient privileges to authenticate on behalf of another user.[[
User weblogic cannot authenticate on behalf of user xelsysadm without admin privileges.
Only users with admin privileges can authenticate on behalf of another user.
]]
[2011-10-14T16:32:21.327-04:00] [oim_server1] [WARNING] [] [oracle.iam.consoles.faces.mvc.common] [tid: [ACTIVE].ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: xelsysadm] [ecid: 4f9b09c8e6b106ab:34db70c3:1330315e0de:-8000-00000000000003d9,0] [APP: oim#11.1.1.3.0] oracle.iam.platform.canonic.base.NoteException: An error occurred while searching tasks from the SOA Server.
[2011-10-14T16:32:49.516-04:00] [oim_server1] [NOTIFICATION] [IAM-1020004] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-2] [userId: oiminternal] [ecid: 0000JC35UPGBT8WzLwrI8A1Ea5U5000001,1:18944] [APP: oim#11.1.1.3.0] Job Listener, Job to be executed Description null FullName DEFAULT.Issue Audit Messages Task Name Issue Audit Messages Task
[2011-10-14T16:32:49.519-04:00] [oim_server1] [NOTIFICATION] [IAM-1020014] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-2] [userId: oiminternal] [ecid: 0000JC35UPGBT8WzLwrI8A1Ea5U5000001,1:18944] [APP: oim#11.1.1.3.0] Method details Method details: executeJob
[2011-10-14T16:32:49.519-04:00] [oim_server1] [NOTIFICATION] [IAM-1020014] [oracle.iam.scheduler.vo] [tid: OIMQuartzScheduler_Worker-2] [userId: oiminternal] [ecid: 0000JC35UPGBT8WzLwrI8A1Ea5U5000001,1:18944] [APP: oim#11.1.1.3.0] Method details executeJob Issue Audit Messages Task
[2011-10-14T16:32:49.573-04:00] [oim_server1] [NOTIFICATION] [IAM-1020005] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-2] [userId: oiminternal] [ecid: 0000JC35UPGBT8WzLwrI8A1Ea5U5000001,1:18944] [APP: oim#11.1.1.3.0] Job Listener, Job was executed QuartzJobListener.jobWasExecuted Description null FullName DEFAULT.Issue Audit Messages Task Name Issue Audit Messages Task
————-
——–
soa_server1 logs shows:
—
#### <>
####
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
Please advise.
ReplySOA Server Logs
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
####
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
####
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
#### <>
####
#### <>
####
In windows environment this is working but I have to start the soa_server1 as an administrator (not with any other user). In linux I don’t know why this is not working.
Reply@ Viraf,
Do you mean SOA server is not working on Linux ?
How did you start SOA server on linux ? Did it start successfully ?
Check logs under $DOMAIN_HOME/servers/soa_server1/logs
ReplyAtul, thank you for your reply.
I am starting soa server from the base_domain/bin directory.
./startManagedWebLogic.sh soa_server1 http://mydomain.com:7001
Please see the logs above. I am unable to post the soa logs here.
After the soa_server status shows in the running mode. Sometimes the soa-Inra is coming up and resource adapters like SOA DefaultToDoTaskFlow, SOA composer tasks adapters are not coming up. Now the resource adapters are coming but not the soa-infra.
Don’t know whats going on right now.
Thanks,
Viraf
@ Viraf,
Check log files under $DOMAIN_HOME/servers/soa_server1/logs to find root cause of issue