Hi all, recently I have faced one issue in one of our development node. The problem is “401 Unauthorized” when tried to login into sso integrated application and upto two days back it was working fine.
Environment details: Oracle Application Server Single Sign-On – Version: 10.1.4.3 and OAM 10.1.4.3 running in same node. OAM_OSSO are integrated.
I got 401 Unauthorized error when I tried to access the oiddas application and I have seen the below exception in ssoServer.log
Thu Jun 07 20:55:04 IST 2012 [ERROR] AJPRequestHandler-ApplicationServerThread-9 Could not get attributes for user, orcladmin
oracle.ldap.util.NoSuchUserException: User does not exist – SIMPLE NAME = orcladmin
at oracle.ldap.util.Subscriber.getUser_NICKNAME(Subscriber.java:1160)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:923)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:870)
at oracle.security.sso.server.ldap.OIDUserRepository.getUserProperties(OIDUserRepository.java:537)
at oracle.security.sso.server.auth.SSOServerAuth.authenticate(SSOServerAuth.java:508)
at oracle.security.sso.server.ui.SSOLoginServlet.processSSOPartnerRequest(SSOLoginServlet.java:1076)
at oracle.security.sso.server.ui.SSOLoginServlet.doPost(SSOLoginServlet.java:547)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:826)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:332)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:224)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:133)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
at java.lang.Thread.run(Thread.java:534)
Please find the workaround as below
Or
Or using ldapmodify command:
a. Then create ldif plain file adding.ldif like:
dn: cn=Common,cn=Products,cn=OracleContext,dc=shamrockfoods,dc=com
changetype: modify
replace: orclcommonusersearchbase
orclcommonusersearchbase: cn=users, dc=dec,dc=co,dc=in
b. Then run ldapmodify command:
ldapmodify -h hostname -p 389 -D cn=orcladmin -w <passwd> -v -f adding.ldif
c. Restart components in the infra node and test.
Hope this post helps you. Thanks…
An Oracle Identity and Access Management professional, having working on Oracle Access Manager Single Sign-On implementations, Installation/Configuration of Identity Server, Web Pass, Web Gate, Access Gate, Policy Manager, Access Server, Policy Domains, Authentication /Authorization schemes, Single Sign-On (single and multi-domain), OIM, OVD, OID, OAAM, OIF, High Availability/Failover/ SSL deployment.