Skip to Main Content
Forums

Application Development Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Login issues with UCM using external AD

992663Feb 21 2013 — edited Mar 5 2013
Hi,

I am facing issues while logging into UCM (11g) in a setup where the Weblogic server has an external AD Authenticator provider.

The AD Provider is configured successfully ( It is also on the top of the list, just above DefaultAuthenticator) and I am able to see the AD users and group in the Weblogic myrealm. I am also able to log into Weblogic as well as my Spaces server successfully with the users configured in external AD. But I am facing a problem while logging into UCM.

With UCM, the authentication works fine ( Because if I give wrong password, I get a password mismatch error ) but after authentication, my display page doesn't show anything. it just throws an error that says "Content Server Request Failed . csJpsErrorLoadingSecurityInfo Unable to execute service method 'hasNext'. Runtime error: java.lang.ArrayIndexOutOfBoundsException: 0 >= 0 "

For overcoming this, I had defined a new role in UCM and had a credential map. I had a role named "WCUsers" created with all read write permissions., which has the same name as my Group Name in Ad - "WCUsers". This was to map the groups from AD to UCM/Oracle Webcenter Groups. Then I mapped the groups to these roles using credential mapping
The entry in map file was "WCUSers, WCUsers" . An entry for the mapping was added in the provider.hda file . Only the content server was restarted and I still get the same errors.


Server Output logs username is "ssotester"
===================
+>userstorage/6 02.21 12:43:55.423 IdcServer-445 At enter, user storage access count is 1+
+>userstorage/6 02.21 12:43:55.423 IdcServer-445 Retrieving user data (isLoadAttributes=true, credentialData is not null) for ssotester+
+>userstorage/6 02.21 12:43:55.424 IdcServer-445 Debug dump of current call stack intradoc.data.DataException: Exception manufactured to capture current stack trace.+
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.UserStorageImplementor.retrieveUserDatabaseProfileDataImplement(UserStorageImplementor.java:101)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.UserStorage.retrieveUserDatabaseProfileDataEx(UserStorage.java:159)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.UserStorageUtils.loadUserData(UserStorageUtils.java:88)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.ServiceSecurityImplementor.loadUserData(ServiceSecurityImplementor.java:540)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.ServiceSecurityImplementor.globalSecurityCheck(ServiceSecurityImplementor.java:222)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.upload.UploadSecurityImplementor.globalSecurityCheck(UploadSecurityImplementor.java:60)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.Service.globalSecurityCheck(Service.java:2738)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.ServiceRequestImplementor.doRequest(ServiceRequestImplementor.java:678)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.Service.doRequest(Service.java:1956)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.ServiceManager.processCommand(ServiceManager.java:437)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.server.IdcServerThread.processRequest(IdcServerThread.java:265)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.idcwls.IdcServletRequestUtils.doRequest(IdcServletRequestUtils.java:1357)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.idcwls.IdcServletRequestUtils.processFilterEvent(IdcServletRequestUtils.java:1731)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at intradoc.idcwls.IdcIntegrateWrapper.processFilterEvent(IdcIntegrateWrapper.java:222)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at sun.reflect.GeneratedMethodAccessor312.invoke(Unknown Source)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at java.lang.reflect.Method.invoke(Method.java:597)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at idcservlet.common.IdcMethodHolder.invokeMethod(IdcMethodHolder.java:88)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at idcservlet.common.ClassHelperUtils.executeMethodEx(ClassHelperUtils.java:305)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at idcservlet.common.ClassHelperUtils.executeMethodWithArgs(ClassHelperUtils.java:278)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at idcservlet.ServletUtils.executeContentServerIntegrateMethodOnConfig(ServletUtils.java:1704)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at idcservlet.IdcFilter.doFilter(IdcFilter.java:457)
userstorage/6 02.21 12:43:55.424 IdcServer-445 at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
userstorage/6 02.21 12:43:55.424 IdcServer-445 ... 25 more
+>userstorage/7 02.21 12:43:55.426 IdcServer-445 Start user storage query for user ssotester.+
+>userstorage/6 02.21 12:43:55.426 IdcServer-445 Created user object for user ssotester+
+>userstorage/6 02.21 12:43:55.426 IdcServer-445 Finished user name determination, user=ssotester, expired=false, isNewUser=true, hasAttributesLoaded=false, authtype=null+
+>userstorage/6 02.21 12:43:55.430 IdcServer-445 Loaded record from database for ssotester+
+>userstorage/6 02.21 12:43:55.430 IdcServer-445 Retrieving attributes (type=EXTERNAL) for ssotester+
+>userstorage/6 02.21 12:43:55.430 IdcServer-445 User not found in default/preferred provider+
+>userstorage/6 02.21 12:43:55.431 IdcServer-445 Adding JpsUserProvider+
+>userstorage/6 02.21 12:43:55.431 IdcServer-445 Returning 1 results+
+>userstorage/7 02.21 12:43:55.431 IdcServer-445 Checking UserProvider JpsUserProvider+
+>jps/6 02.21 12:43:55.431 IdcServer-445 authenticateUser: false+
+>jps/6 02.21 12:43:55.431 IdcServer-445 User is new to this provider.+
+>jps/6 02.21 12:43:55.431 IdcServer-445 Begin search for user+
+>jps/6 02.21 12:43:55.431 IdcServer-445 IdStore: oracle.security.idm.providers.ad.ADIdentityStore@1324c95a+
+>jps/6 02.21 12:43:55.431 IdcServer-445 Search Filter: (samaccountname=ssotester)+
+>jps/6 02.21 12:43:55.433 IdcServer-445 Search Response: oracle.security.idm.providers.stdldap.LDSearchResponse@1339d77f+
+>jps/6 02.21 12:43:55.435 IdcServer-445 Loading extended info for ssotester+
+>jps/6 02.21 12:43:55.442 IdcServer-445 Mapping attributes using map: 'BUSINESS_EMAIL:dEmail;DISPLAY_NAME:dFullName;EMPLOYEE_TYPE:dUserType'+
+>jps/6 02.21 12:43:55.442 IdcServer-445 Looking for : 'BUSINESS_EMAIL'+
+>jps/6 02.21 12:43:55.442 IdcServer-445 Looking for : 'DISPLAY_NAME'+
+>jps/6 02.21 12:43:55.442 IdcServer-445 Getting values+
+>jps/6 02.21 12:43:55.443 IdcServer-445 Found value: 'ssotester'+
+>jps/6 02.21 12:43:55.443 IdcServer-445 setting: 'dFullName' = 'ssotester'+
+>jps/6 02.21 12:43:55.443 IdcServer-445 Looking for : 'EMPLOYEE_TYPE'+
+>jps/6 02.21 12:43:55.443 IdcServer-445 Loading Attributes for user ssotester+
+>jps/6 02.21 12:43:55.443 IdcServer-445 Loading security information for ssotester+
+>jps/6 02.21 12:43:55.445 IdcServer-445 UseFullGroupName false+
+>jps/6 02.21 12:43:55.445 IdcServer-445 UseGroupFilter false+
+>jps/6 02.21 12:43:55.445 IdcServer-445 Checking RoleManager.+
+>userstorage/6 02.21 12:43:55.445 IdcServer-445 At exit, user storage access count is 0+
+>services/3 02.21 12:43:55.445 IdcServer-445 !csUserEventMessage,ssotester,172.21.17.45:16200!$ intradoc.common.ServiceException: csJpsErrorLoadingSecurityInfo+
services/3 02.21 12:43:55.445 IdcServer-445 at idc.provider.jps.JpsUserProvider.loadSecurityInfo(JpsUserProvider.java:628)
services/3 02.21 12:43:55.445 IdcServer-445 at idc.provider.jps.JpsUserProvider.checkCredentials(JpsUserProvider.java:233)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.UserStorageImplementor.checkExternalProvidersForUser(UserStorageImplementor.java:669)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.UserStorageImplementor.retrieveUserDatabaseProfileDataImplement(UserStorageImplementor.java:304)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.UserStorage.retrieveUserDatabaseProfileDataEx(UserStorage.java:159)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.UserStorageUtils.loadUserData(UserStorageUtils.java:88)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.ServiceSecurityImplementor.loadUserData(ServiceSecurityImplementor.java:540)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.ServiceSecurityImplementor.globalSecurityCheck(ServiceSecurityImplementor.java:222)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.upload.UploadSecurityImplementor.globalSecurityCheck(UploadSecurityImplementor.java:60)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.Service.globalSecurityCheck(Service.java:2738)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.ServiceRequestImplementor.doRequest(ServiceRequestImplementor.java:678)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.Service.doRequest(Service.java:1956)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.ServiceManager.processCommand(ServiceManager.java:437)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.IdcServerThread.processRequest(IdcServerThread.java:265)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.idcwls.IdcServletRequestUtils.doRequest(IdcServletRequestUtils.java:1357)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.idcwls.IdcServletRequestUtils.processFilterEvent(IdcServletRequestUtils.java:1731)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.idcwls.IdcIntegrateWrapper.processFilterEvent(IdcIntegrateWrapper.java:222)
services/3 02.21 12:43:55.445 IdcServer-445 at sun.reflect.GeneratedMethodAccessor312.invoke(Unknown Source)
services/3 02.21 12:43:55.445 IdcServer-445 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
services/3 02.21 12:43:55.445 IdcServer-445 at java.lang.reflect.Method.invoke(Method.java:597)
services/3 02.21 12:43:55.445 IdcServer-445 at idcservlet.common.IdcMethodHolder.invokeMethod(IdcMethodHolder.java:88)
services/3 02.21 12:43:55.445 IdcServer-445 at idcservlet.common.ClassHelperUtils.executeMethodEx(ClassHelperUtils.java:305)
services/3 02.21 12:43:55.445 IdcServer-445 at idcservlet.common.ClassHelperUtils.executeMethodWithArgs(ClassHelperUtils.java:278)
services/3 02.21 12:43:55.445 IdcServer-445 at idcservlet.ServletUtils.executeContentServerIntegrateMethodOnConfig(ServletUtils.java:1704)
services/3 02.21 12:43:55.445 IdcServer-445 at idcservlet.IdcFilter.doFilter(IdcFilter.java:457)
services/3 02.21 12:43:55.445 IdcServer-445 at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
services/3 02.21 12:43:55.445 IdcServer-445 ... 25 more
services/3 02.21 12:43:55.445 IdcServer-445 Caused by: intradoc.common.ServiceException: !csUnableToExecMethod,hasNext
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.common.ClassHelper.invoke(ClassHelper.java:168)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.common.ClassHelper.invoke(ClassHelper.java:135)
services/3 02.21 12:43:55.445 IdcServer-445 at idc.provider.jps.JpsUserProvider.loadSecurityInfo(JpsUserProvider.java:509)
services/3 02.21 12:43:55.445 IdcServer-445 at idc.provider.jps.JpsUserProvider.checkCredentials(JpsUserProvider.java:233)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.server.UserStorageImplementor.checkExternalProvidersForUser(UserStorageImplementor.java:670)
services/3 02.21 12:43:55.445 IdcServer-445 ... 48 more
services/3 02.21 12:43:55.445 IdcServer-445 Caused by: java.lang.ArrayIndexOutOfBoundsException: 0 >= 0
services/3 02.21 12:43:55.445 IdcServer-445 at java.util.Vector.elementAt(Vector.java:427)
services/3 02.21 12:43:55.445 IdcServer-445 at javax.naming.NameImpl.get(NameImpl.java:534)
services/3 02.21 12:43:55.445 IdcServer-445 at javax.naming.CompositeName.get(CompositeName.java:364)
services/3 02.21 12:43:55.445 IdcServer-445 at oracle.security.idm.providers.stdldap.util.InverseRelationSearchResponse.fetchNextIdentity(InverseRelationSearchResponse.java:372)
services/3 02.21 12:43:55.445 IdcServer-445 at oracle.security.idm.providers.stdldap.util.InverseRelationSearchResponse.hasNext(InverseRelationSearchResponse.java:207)
services/3 02.21 12:43:55.445 IdcServer-445 at oracle.security.idm.providers.stdldap.util.GrantedRolesSearchResponse.hasNext(GrantedRolesSearchResponse.java:58)
services/3 02.21 12:43:55.445 IdcServer-445 at oracle.security.idm.providers.stdldap.LDSearchResponse.hasNext(LDSearchResponse.java:79)
services/3 02.21 12:43:55.445 IdcServer-445 at oracle.security.idm.providers.ad.ADGrantedRoleResponse.hasNext(ADGrantedRoleResponse.java:129)
services/3 02.21 12:43:55.445 IdcServer-445 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
services/3 02.21 12:43:55.445 IdcServer-445 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
services/3 02.21 12:43:55.445 IdcServer-445 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
services/3 02.21 12:43:55.445 IdcServer-445 at java.lang.reflect.Method.invoke(Method.java:597)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.common.ClassHelper.invokeRawEx(ClassHelper.java:195)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.common.ClassHelper.invokeRaw(ClassHelper.java:175)
services/3 02.21 12:43:55.445 IdcServer-445 at intradoc.common.ClassHelper.invoke(ClassHelper.java:157)
services/3 02.21 12:43:55.445 IdcServer-445 ... 52 more


UCM Server logs

+=================+
Servlet protocol layer ready to receive requests.
Ready and waiting for connection on port 4444, PID 2537 (idc42)
Content Management System Server. Version 11gR1-11.1.1.6.0-idcprod1-111219T111403

Copyright (C) 1996-2011, Oracle and/or its affiliates. All rights reserved.
+>services/3 02.20 21:29:45.754 IdcServer-64 !csUserEventMessage,ssotester,172.21.17.45:16200!$ intradoc.common.ServiceException: csJpsErrorLoadingSecurityInfo+
services/3 02.20 21:29:45.754 IdcServer-64 at idc.provider.jps.JpsUserProvider.loadSecurityInfo(JpsUserProvider.java:628)
services/3 02.20 21:29:45.754 IdcServer-64 at idc.provider.jps.JpsUserProvider.checkCredentials(JpsUserProvider.java:233)
services/3 02.20 21:29:45.754 IdcServer-64 at intradoc.server.UserStorageImplementor.checkExternalProvidersForUser(UserStorageImplementor.java:66
+.+
+.+
+.+
services/3 02.20 21:29:45.754 IdcServer-64 ... 25 more
services/3 02.20 21:29:45.754 IdcServer-64 Caused by: intradoc.common.ServiceException: !csUnableToExecMethod,hasNext
services/3 02.20 21:29:45.754 IdcServer-64 at intradoc.common.ClassHelper.invoke(ClassHelper.java:168)
services/3 02.20 21:29:45.754 IdcServer-64 at intradoc.common.ClassHelper.invoke(ClassHelper.java:135)
services/3 02.20 21:29:45.754 IdcServer-64 at idc.provider.jps.JpsUserProvider.loadSecurityInfo(JpsUserProvider.java:509)
services/3 02.20 21:29:45.754 IdcServer-64 at idc.provider.jps.JpsUserProvider.checkCredentials(JpsUserProvider.java:233)
services/3 02.20 21:29:45.754 IdcServer-64 at intradoc.server.UserStorageImplementor.checkExternalProvidersForUser(UserStorageImplementor.java:670)
services/3 02.20 21:29:45.754 IdcServer-64 ... 48 more
services/3 02.20 21:29:45.754 IdcServer-64 Caused by: java.lang.ArrayIndexOutOfBoundsException: 0 >= 0
services/3 02.20 21:29:45.754 IdcServer-64 at java.util.Vector.elementAt(Vector.java:427)


Has anyone encountered these issues in their setup.

Any help in solving this is highly appreciated.


Regards
Anand
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Apr 2 2013
Added on Feb 21 2013
#11g, #security, #ucm, #webcenter, #webcenter-content
3 comments
686 views