Oracle Access Manager Operation Error: Form based authentication

Hi all,

I was trying to protect a web application using OAM form based authentication.

When I access the protected resource, I was shown the login page and upon entering the correct login details, it displays the page as shown below.

The error is :

Oracle Access Manager Operation Error

The credentials (userid=alex.nash Resource=/dummy.cgi RequesterIP=192.168.5.235 HostTarget=http://localhost Operation=POST rh=http://localhost:7777 ru=/form_example/test.jsp) used for the login are missing a required password.

Contact your website administrator to remedy this problem.

When I try the same application protected with Basic Over LDAP auth scheme, it was working fine. Hence I looked up the Form Based auth scheme for plugin params of validate password.

It seems to be a typo of quotes for password plugin as shown below.

Correct: obCredentialPassword=”password”

Wrong: obCredentialPassword=”password”

Hence, please be careful with quotes in plugin specification.

About the Author Mahendra

I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com

Leave a Comment:

9 comments

Atul says July 2, 2010

Thanks Mahendra,
I had same issue today where some one configured ObCredentialPassword=”j_password” where as it should be ObCredentialPassword=”password”

Shilu says August 25, 2010

Mahendra am not able to find any difference between the correct and wrong, am I missing something in your post?

Correct: obCredentialPassword=”password”

Wrong: obCredentialPassword=”password”

Cheers,
Shilu

Mahendra says August 25, 2010

Shilu,

When you copy the entire obCredentialPassword=”password” text from web pages, it would get copies wrongly as double single quotes instead of double quotes. We may not notice this clearly sometimes and hence would end up in doing the mistake. Always, ensure to use double quotes.

Couple of weeks ago, we searched for a jsp code to fetch headers from IE browser and when we copied that java code to Eclipse jsp file it copied wrongly for double quotes and we had to modify it explicitly.

HTH

Lan23 says September 7, 2010

Thanks Mahendra for your info,

But i saw the another issue as below:

The credentials (userid=admin Resource=/access/oblix RequesterIP=10.0.60.18 HostTarget=http://10.0.60.18:88 Operation=GET) used in the login correspond to more than one user profile in the Identity System. The correspondence must be unique.

Contact your website administrator to remedy this problem.

Do you have some knowledge about this?
I just use OAM at first.

Thanks for your help
Lan

Lan23 says September 7, 2010

Basic over LDAP was configured:

credential_mapping obMappingBase=”dc=mycom”,obMappingFilter=”(&(&(objectclass=person)(cn=%userid%))(|(!(obuseraccountcontrol=*))(obuseraccountcontrol=ACTIVATED)))”
validate_password obCredentialPassword=”password”

Thanks so much.

Mahendra says September 7, 2010

Hi Lan,

This issue could be due to the redundancy of users in user directory.
What is the LDAP you are using for OAM?
Search for the user in OAM Identity Console and count the users.

Ensure to have only 1 user of cn=admin and try again.

Lan says September 8, 2010

Thanks for your reply.

I used Sun for LDAP.

I resolved my issue.
This caused by existing 3 LDAP profiles in System configuration.

I removed and retained only 1. It works now.

Lan

Joe says September 10, 2010

Hi Mahendra,

During form based authentication against OID, how can we propagate an error message like incorrect password, account lockout or password does not comply with pwd policy etc to the custom login form? I wasn’t able to locate such errors/exceptions in oam access server logs in debug mode as well. Please advise.

Regards
Joe

Hi Mahendra says February 10, 2011

i am doing form based authentication on iis server.i have created a authentication schema and i am adding this one to protected form so the problem is at the time of login page the authentication fail it shows the following details.please advise

The page cannot be displayed
There is a problem with the page you are trying to reach and it cannot be displayed.

——————————————————————————–

Please try the following:

Open the ad2003.lowenthal.vm home page, and then look for links to the information you want.
Click the Refresh button, or try again later.

Click Search to look for information on the Internet.
You can also see a list of related sites.

HTTP 500 – Internal server error
Internet Explorer
Regards
praveen

Add Your Reply