APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

SAML authentication fails with ORA-06512: in "SYS.DBMS_CRYPTO_FFI"

Michael_ASep 15 2023 — edited Sep 18 2023

Hi all,

we tried to setup SAML authentication for our APEX 23.1.3 environment (ORDS 23.2.0, DB 19.20).

Unfortunately we receive the following error when calling a page in a simple application with SAML authentication scheme:

Error: Error processing request.
- Additional info: Contact your application administrator.
- Display location: ON_ERROR_PAGE
- Association type:
- Item name:
- Region id:
- Column alias:
- Row:
- Model instance id:
- Model record id:
- Internal error: true
- Common runtime error: false
- APEX error code: APEX.UNHANDLED_ERROR
- SQL code: -28817
- SQL error: ORA-28817: PL/SQL function returned an error.
ORA-06512: in "SYS.DBMS_CRYPTO_FFI", line 281
ORA-06512: in "SYS.DBMS_CRYPTO", line 153
ORA-06512: in "APEX_230100.WWV_FLOW_PUBLIC_KEY_UTIL", line 588
ORA-06512: in "APEX_230100.WWV_FLOW_XML_SECURITY", line 1594
ORA-06512: in "APEX_230100.WWV_FLOW_XML_SECURITY", line 1594
ORA-06512: in "APEX_230100.WWV_FLOW_AUTHENTICATION_SAML", line 566
ORA-06512: in "APEX_230100.WWV_FLOW_AUTHENTICATION_SAML", line 566
ORA-06512: in "APEX_230100.WWV_FLOW_AUTHENTICATION_NATIVE", line 1281
ORA-06512: in "APEX_230100.WWV_FLOW_PLUGIN", line 3836
ORA-06512: in "APEX_230100.WWV_FLOW_AUTHENTICATION", line 2176
- Backtrace: ORA-06512: in "SYS.DBMS_CRYPTO_FFI", line 281
ORA-06512: in "SYS.DBMS_CRYPTO", line 153
ORA-06512: in "APEX_230100.WWV_FLOW_PUBLIC_KEY_UTIL", line 588
ORA-06512: in "APEX_230100.WWV_FLOW_XML_SECURITY", line 1594
ORA-06512: in "APEX_230100.WWV_FLOW_XML_SECURITY", line 1594
ORA-06512: in "APEX_230100.WWV_FLOW_AUTHENTICATION_SAML", line 566
ORA-06512: in "APEX_230100.WWV_FLOW_AUTHENTICATION_SAML", line 566
ORA-06512: in "APEX_230100.WWV_FLOW_AUTHENTICATION_NATIVE", line 1281
ORA-06512: in "APEX_230100.WWV_FLOW_PLUGIN", line 3836
ORA-06512: in "APEX_230100.WWV_FLOW_AUTHENTICATION", line 2176
ORA-06512: in "APEX_230100.WWV_FLOW", line 2540

The Active Directory Server (ADFS) has the following setup
EncryptClaims: True
EncryptedNameIdRequired: False
SamlResponseSignature: MessageAndAssertion

Does anybody know how to solve this or how to get more details about the ORA-28817/ORA-06512 returned from DBMS_CRYPTO package? The ADFS server receives the authentication request successfully and sends a response back to APEX.

Thanks in advance!

Regards
Michael

This post has been answered by Michael_A on Oct 12 2023

Jump to Answer

Added on Sep 15 2023

#authentication, #oracle-apex, #saml

1 comment

990 views