Hi Edwin,
I've come across a strange set of circumstances that may or may not be related to the module (I think the latter but maybe there is something I need to tweak to resolve it). This a Weblogic ADF domain without RCU.
We are trying to create an identity asserter via the module. This uses a custom JAR, the file is being loaded correctly and in WLST I can see the provider (nl.rsg.security.idms.providers.identity.IdmsIdentityAsserter)
cmo.getAuthenticationProviderTypes()
array(java.lang.String,['com.bea.security.saml2.providers.SAML2IdentityAsserter', 'nl.rsg.security.idms.providers.authentication.IdmsAuthenticator', 'nl.rsg.security.idms.providers.identity.IdmsIdentityAsserter', 'oracle.security.agent.access.filter.CloudSecurityAgentAsserter', 'oracle.security.jps.wls.providers.authentication.idm.CrossTenantAuthenticator', 'oracle.security.jps.wls.providers.trust.TrustServiceIdentityAsserter', 'oracle.security.wls.oam.providers.asserter.OAMIdentityAsserter', 'oracle.security.wls.oam.providers.authenticator.OAMAuthenticator', 'weblogic.security.providers.authentication.ActiveDirectoryAuthenticator', 'weblogic.security.providers.authentication.CustomDBMSAuthenticator', 'weblogic.security.providers.authentication.DefaultAuthenticator', 'weblogic.security.providers.authentication.DefaultIdentityAsserter', 'weblogic.security.providers.authentication.IPlanetAuthenticator', 'weblogic.security.providers.authentication.LDAPAuthenticator', 'weblogic.security.providers.authentication.LDAPX509IdentityAsserter', 'weblogic.security.providers.authentication.NegotiateIdentityAsserter', 'weblogic.security.providers.authentication.NovellAuthenticator', 'weblogic.security.providers.authentication.OpenLDAPAuthenticator', 'weblogic.security.providers.authentication.OracleIdentityCloudIntegrator', 'weblogic.security.providers.authentication.OracleInternetDirectoryAuthenticator', 'weblogic.security.providers.authentication.OracleUnifiedDirectoryAuthenticator', 'weblogic.security.providers.authentication.OracleVirtualDirectoryAuthenticator', 'weblogic.security.providers.authentication.ReadOnlySQLAuthenticator', 'weblogic.security.providers.authentication.SQLAuthenticator', 'weblogic.security.providers.authentication.VirtualUserAuthenticator', 'weblogic.security.providers.saml.SAMLAuthenticator', 'weblogic.security.providers.saml.SAMLIdentityAsserterV2'])
When executing the wlst script within the module manually we see the following error
cmo.createAuthenticationProvider(name, providerclassname)
Traceback (innermost last):
File "<console>", line 1, in ?
at weblogic.management.jmx.MBeanServerInvocationHandler.newProxyInstance(MBeanServerInvocationHandler.java:645)
at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:432)
at com.sun.proxy.$Proxy60.createAuthenticationProvider(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
java.lang.RuntimeException: java.lang.RuntimeException: java.lang.ClassNotFoundException: nl.rsg.security.idms.providers.identity.IdmsIdentityAsserterMBean
If I try to create the asserter manually in the console we get a different error that mentions schema verification failure. I can get around this error by ensuring both managed servers are shutdown. In this case, creating the asserter through the console works without error.
Back in WLST, if I ignore the error above and save() -> activatate() the asserter seems to be OK. It is almost like cmo.createAuthenticationProvider is trying to do something with the mbean that can only happen once a save and activate has happened. I'll open an SR with Oracle and feedback here if they have a solution.
Thanks
Dave
Hi Edwin,
I've come across a strange set of circumstances that may or may not be related to the module (I think the latter but maybe there is something I need to tweak to resolve it). This a Weblogic ADF domain without RCU.
We are trying to create an identity asserter via the module. This uses a custom JAR, the file is being loaded correctly and in WLST I can see the provider (nl.rsg.security.idms.providers.identity.IdmsIdentityAsserter)
When executing the wlst script within the module manually we see the following error
If I try to create the asserter manually in the console we get a different error that mentions schema verification failure. I can get around this error by ensuring both managed servers are shutdown. In this case, creating the asserter through the console works without error.
Back in WLST, if I ignore the error above and save() -> activatate() the asserter seems to be OK. It is almost like cmo.createAuthenticationProvider is trying to do something with the mbean that can only happen once a save and activate has happened. I'll open an SR with Oracle and feedback here if they have a solution.
Thanks
Dave