Skip to Main Content
Forums

Security Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Duplication in Oracle Internet Directory(OID)

2636492Jan 21 2015 — edited Jan 23 2015

Hi,

Whenever a user tries to login through SSO, he/she gets an error "An incorrect username of password was specified".

When i check ODSM(Oracle Directory Services Manager), i see that there are duplicate entries for the user. Once the duplicate entry is deleted, user is able to login again succesfully.

I can see below error in the OAM(Oracle Access Manager) log file.

=========================

at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)

        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)

        at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)

        at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)

        at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)

        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)

        at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)

Caused by: oracle.security.am.engines.common.identity.provider.exceptions.IdentityProviderException: OAMSSA-20023: Authentication Failure for user : user.user@company.com, for idstore EBSPRD01_STORE with exception oracle.igf.ids.EntityNotUniqueException: Entity not unique for the search filter (&(objectclass=inetorgperson)(uid=user.user@company.com)). with primary error message {3}

        at oracle.security.am.engines.common.identity.provider.impl.ids.IDSUserProviderImpl.authenticateUserByName(IDSUserProviderImpl.java:715)

        at oracle.security.am.engines.common.identity.provider.impl.IdentityProviderImpl.authenticateUserByName(IdentityProviderImpl.java:1217)

        at oracle.security.am.engines.common.identity.provider.impl.OracleUserIdentityProvider.authenticateUserByName(OracleUserIdentityProvider.java:477)

        at oracle.security.am.engine.authn.internal.executor.AuthenticationModuleExecutor.execute(AuthenticationModuleExecutor.java:226)

        ... 38 more

Caused by: oracle.igf.ids.EntityNotUniqueException: Entity not unique for the search filter (&(objectclass=inetorgperson)(uid=user.user@company.com)).

        at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1609)

        at oracle.igf.ids.UserManager.authenticateUser(UserManager.java:471)

        at oracle.security.am.engines.common.identity.provider.impl.ids.IDSUserProviderImpl.authenticateUserByName(IDSUserProviderImpl.java:694)

        ... 41 more

Caused by: oracle.igf.ids.arisid.ArisIdSubjectNotUniqueException: Entity not unique for the search filter (&(objectclass=inetorgperson)(uid=user.user@company.com)).

        at com.oracle.ovd.arisid.OvdIdsStackProvider.doFind(OvdIdsStackProvider.java:1221)

        at com.oracle.ovd.arisid.ArisIdStackProvider.doFind(ArisIdStackProvider.java:175)

        at org.openliberty.arisid.Interaction.doFind(Interaction.java:1022)

        at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1551)

        ... 43 more

=========================


Architecture : OID(Oracle Internet Directory) synchronised with Microsoft AD(Active Directory) using DIP service.


Can someone please help me? what can be the cause of the issue here?

Thanks,

Darshan
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Feb 20 2015
Added on Jan 21 2015
#identity-management, #identity-manager
5 comments
761 views