Tuesday, December 20, 2016

Access SDK: OAMAGENT-02071

Error: 

Dec 20, 2016 3:52:17 PM oracle.security.am.asdk.ResourceRequest isProtected
SEVERE: Unknown exception.
Access Exception: OAMAGENT-02071

Solution:

  • Comment out from AuthenticationScheme authnScheme = new AuthenticationScheme(rrq); and see if code is getting executed without any issue. 
  • Verify OAM log if issue is unable to find protected or not
  • Then if it is the issue then most probability its regarding host Identifier issue. 
  • Either add Preferred host from ObAccessClient.xml into  ms_resource = "//HostIdentifierName/Welcome.html"
  • Add URL you are trying to use into Host Identifier in OAM Console. 
  • This issue mainly occurs because of Host Identifier problem, if you are not going through webgate then OAM can't identify which Policies it needs to apply. In that case it depends on Host Identifier. 

Helpful Resource: https://community.oracle.com/thread/2557826?db=5

Community Solution: 



If initialization is successful there has to be issue with "ResourceRequest" object creation
whats is resource uri used in creating "ResourceRequest" object ?
Format of the resource should be //<host name variation> OR <preferred host from ObAccessClient.xml>/protected uri

For example : If "preferred host" from ObAccessClient.xml is RREG10G_HostId , then resource to be specified while creating "ResourceRequest" object is
//RREG10G_HostId/protected/test.html

Access Client: No Entry found for Primary server

Error

oracle.security.jps.internal.config.xml.XmlConfigurationFactory handleLocation
WARNING: JPS-01537

oracle.security.am.asdk.AccessClient createClient
SEVERE: Internal error.
java.lang.Exception: No Entry found for Primary server.
at oracle.security.am.common.aaaclient.ObAAAServiceClient.initialize(ObAAAServiceClient.java:1197)
at oracle.security.am.common.aaaclient.ObAAAServiceClient.<init>(ObAAAServiceClient.java:888)
at oracle.security.am.asdk.AccessClient.createClient(AccessClient.java:1546)
at oracle.security.am.asdk.AccessClient.initializeHelper(AccessClient.java:1230)
at oracle.security.am.asdk.AccessClient.initialize(AccessClient.java:1369)
at oracle.security.am.asdk.AccessClient.<init>(AccessClient.java:928)
at oracle.security.am.asdk.AccessClient.createDefaultInstance(AccessClient.java:349)
at OAMAccessSDKTest.main(OAMAccessSDKTest.java:16)
Dec 20, 2016 3:13:16 PM oracle.security.am.asdk.AccessClient initialize
SEVERE: Oracle Access SDK initialization failed.
oracle.security.am.asdk.AccessException: OAMAGENT-02072: Failed to perform create access client operation.
at oracle.security.am.asdk.AccessClient.createClient(AccessClient.java:1565)
at oracle.security.am.asdk.AccessClient.initializeHelper(AccessClient.java:1230)
at oracle.security.am.asdk.AccessClient.initialize(AccessClient.java:1369)
at oracle.security.am.asdk.AccessClient.<init>(AccessClient.java:928)
at oracle.security.am.asdk.AccessClient.createDefaultInstance(AccessClient.java:349)
at OAMAccessSDKTest.main(OAMAccessSDKTest.java:16)
Exception in thread "main" java.lang.NullPointerException
at OAMAccessSDKTest.main(OAMAccessSDKTest.java:65)
Access Exception: OAMAGENT-02010


Solution:

Update ObAccessClient.xml to have only one primary server. in Primary Server list. 

<ValList xmlns="http://www.oblix.com" ListName="primary_server_list">
    <ValListMember Value="OAMHostName:5575"/>
  </ValList>

Wednesday, October 19, 2016

Webgate Issue -- Apache webserver won't start

WebServer not able to pickup Webgate Files

Error: 

httpd: Syntax error on line 355 of /path/httpd.conf: Syntax error on line 5 of /etc/httpd/conf/webgate.conf: Cannot load /WebgatePath/apache/lib/webgatessl_apache24.so into server: libclntsh.so.11.1: cannot open shared object file: No such file or directory

Solution 1:

Set Library path in console before starting webserver

LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/local/MWHOME/webgate11g/webgate/apache/lib/


export LD_LIBRARY_PATH

If this doesn't work: 

Solution 2:

Copy following library files to /usr/lib or /usr/lib64 based on operating system version, even all files are not mandatory: 

libclntsh.so.11.1
libnnz11.so
libxmlengine.so
webgate_apache24.so
webgate.so
webgatessl_apache24.so

webgatessl.so

Other Posts