Skip to Main Content
Forums

Security Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

ProvisioningService - provision - Access denied exception

Pallavi ChaudhariMay 27 2013 — edited Jun 14 2013
Hi,

I am using ProvisioningService API method - provision(userId, accountObj) to provision disconnected ApplicationInstance to user. (using OIM standalone java client ) I am getting exception that logged in user 'xelsysadm' does not have permission to provision application instance.

I have added role 'Application Instance Authorizer' to 'xelsysadm' user on organization to which application instance is published.

Here is exception thrown:

oracle.iam.platform.authopss.exception.AccessDeniedException: An error occurred in oracle.iam.provisioning.impl.ProvisioningServiceImpl/checkAuthZAccessForAppInstance when logged in user XELSYSADM performs action provisionApplicationInstance for beneficiary user null for target entity ID Card and the case of error is oracle.iam.platform.authopss.exception.AccessDeniedException: oracle.iam.platform.authopss.exception.AccessDeniedException: oracle.iam.platform.utils.SuperRuntimeException: oracle.iam.provisioning.exception.GenericProvisioningException: com.thortech.xl.orb.dataaccess.tcDataAccessException.
at oracle.iam.provisioning.impl.ProvisioningServiceImpl.checkAuthZAccessForAppInstance(ProvisioningServiceImpl.java:961)
at oracle.iam.provisioning.impl.ProvisioningServiceImpl.access$100(ProvisioningServiceImpl.java:59)
at oracle.iam.provisioning.impl.ProvisioningServiceImpl$4.process(ProvisioningServiceImpl.java:467)
at oracle.iam.provisioning.impl.ProvisioningServiceImpl$4.process(ProvisioningServiceImpl.java:461)
at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:13)
at oracle.iam.platform.tx.OIMTransactionCallback.doInTransaction(OIMTransactionCallback.java:6)
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:128)
at oracle.iam.platform.tx.OIMTransactionManager.oimExecute(OIMTransactionManager.java:46)
at oracle.iam.provisioning.impl.ProvisioningServiceImpl.provision(ProvisioningServiceImpl.java:461)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy918.provision(Unknown Source)
at oracle.iam.provisioning.api.ProvisioningServiceEJB.provisionx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy917.provisionx(Unknown Source)
at oracle.iam.provisioning.api.ProvisioningService_p7m7x_ProvisioningServiceRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at oracle.iam.provisioning.api.ProvisioningService_p7m7x_ProvisioningServiceRemoteImpl.provisionx(Unknown Source)
at oracle.iam.provisioning.api.ProvisioningService_p7m7x_ProvisioningServiceRemoteImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: oracle.iam.platform.authopss.exception.AccessDeniedException: oracle.iam.platform.authopss.exception.AccessDeniedException: oracle.iam.platform.authopss.exception.AccessDeniedException: oracle.iam.platform.utils.SuperRuntimeException: oracle.iam.provisioning.exception.GenericProvisioningException: com.thortech.xl.orb.dataaccess.tcDataAccessException
at oracle.iam.platform.authopss.impl.AuthorizationServiceImpl.hasAccessRelationship(AuthorizationServiceImpl.java:232)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy291.hasAccessRelationship(Unknown Source)
at oracle.iam.provisioning.util.CommonUtil.hasAccessRelationship(CommonUtil.java:769)
at oracle.iam.provisioning.util.CommonUtil.hasAccessRelationshipForAppInstance(CommonUtil.java:707)
at oracle.iam.provisioning.impl.ProvisioningServiceImpl.checkAuthZAccessForAppInstance(ProvisioningServiceImpl.java:954)
... 54 more
Caused by: oracle.iam.platform.authopss.exception.AccessDeniedException: oracle.iam.platform.authopss.exception.AccessDeniedException: oracle.iam.platform.utils.SuperRuntimeException: oracle.iam.provisioning.exception.GenericProvisioningException: com.thortech.xl.orb.dataaccess.tcDataAccessException
at oracle.iam.platform.authopss.impl.AuthorizationServiceImpl.callPEPAPI(AuthorizationServiceImpl.java:108)
at oracle.iam.platform.authopss.impl.AuthorizationServiceImpl.hasAccessRelationship(AuthorizationServiceImpl.java:191)
... 68 more
Caused by: oracle.iam.platform.authopss.exception.AccessDeniedException: oracle.iam.platform.utils.SuperRuntimeException: oracle.iam.provisioning.exception.GenericProvisioningException: com.thortech.xl.orb.dataaccess.tcDataAccessException
at oracle.iam.platform.authopss.util.AuthorizationServiceUtil.getSecurityTargetEntityMap(AuthorizationServiceUtil.java:402)
at oracle.iam.platform.authopss.impl.AuthorizationServiceImpl.callPEPAPI(AuthorizationServiceImpl.java:97)
... 69 more
Caused by: oracle.iam.platform.utils.SuperRuntimeException: oracle.iam.provisioning.exception.GenericProvisioningException: com.thortech.xl.orb.dataaccess.tcDataAccessException
at oracle.iam.provisioning.impl.ProvisioningManagerProviderImpl.isAppInstanceGrantedToUser(ProvisioningManagerProviderImpl.java:89)
at oracle.iam.platform.authopss.util.AuthorizationServiceUtil.isEntityAssignedToUser(AuthorizationServiceUtil.java:228)
at oracle.iam.platform.authopss.plugin.impl.AttributeResolverImpl.resolveResourceAttributes(AttributeResolverImpl.java:71)
at oracle.iam.platform.authopss.util.AuthorizationServiceUtil.getSecurityTargetEntityMap(AuthorizationServiceUtil.java:396)
... 70 more
Caused by: oracle.iam.provisioning.exception.GenericProvisioningException: com.thortech.xl.orb.dataaccess.tcDataAccessException
at oracle.iam.provisioning.spi.DOBProvisioningUtil.isApplicationInstanceProvisionedToUser(DOBProvisioningUtil.java:1623)
at oracle.iam.provisioning.impl.ProvisioningManagerProviderImpl.isAppInstanceGrantedToUser(ProvisioningManagerProviderImpl.java:82)
... 73 more
Caused by: com.thortech.xl.orb.dataaccess.tcDataAccessException
at com.thortech.xl.dataaccess.tcDataAccessExceptionUtil.createException(tcDataAccessExceptionUtil.java:81)
at com.thortech.xl.dataaccess.tcDataBase.createException(tcDataBase.java:3209)
at com.thortech.xl.dataaccess.tcDataBase.readPartialPreparedStatement(tcDataBase.java:1411)
at com.thortech.xl.dataaccess.tcDataBase.readPreparedStatement(tcDataBase.java:1190)
at com.thortech.xl.dataobj.PreparedStatementUtil.execute(PreparedStatementUtil.java:63)
at oracle.iam.provisioning.spi.DOBProvisioningUtil.isApplicationInstanceProvisionedToUser(DOBProvisioningUtil.java:1617)
... 74 more
Caused by: java.sql.SQLSyntaxErrorException: ORA-01722: invalid number

at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:462)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:405)
at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:931)
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:481)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:205)
at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:548)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:217)
at oracle.jdbc.driver.T4CPreparedStatement.executeForDescribe(T4CPreparedStatement.java:947)
at oracle.jdbc.driver.OracleStatement.executeMaybeDescribe(OracleStatement.java:1283)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1441)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3769)
at oracle.jdbc.driver.OraclePreparedStatement.executeQuery(OraclePreparedStatement.java:3823)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeQuery(OraclePreparedStatementWrapper.java:1671)
at weblogic.jdbc.wrapper.PreparedStatement.executeQuery(PreparedStatement.java:135)
at com.thortech.xl.dataaccess.tcDataBase.readPartialPreparedStatement(tcDataBase.java:1368)
... 77 more


Anyone has faced this issue?

Thanks,
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jul 12 2013
Added on May 27 2013
#identity-management, #identity-manager
4 comments
1,102 views