Environment:
- OAM 11.1.2.3BP07
- OUD 11.1.2.3
- RHEL6/OEL6
<Aug 29, 2016 10:03:59 PM EDT> <Warning> <oracle.idaas.oauth.resourceserver> <BEA-000000> <Resource is not found :: Resource Name "/ms_oauth/resources/userprofile/me/testuser1" >
<Aug 29, 2016 10:03:59 PM EDT> <Error> <oracle.security.idaas.rest.provider.cruds.ids.IDSUtil> <BEA-000000> <Failed to get an user from principal for UID : testuser1
oracle.security.idaas.rest.provider.cruds.ResourceNameNotFoundException: Failed to get an user from principal for UID : testuser1
at oracle.security.idaas.rest.provider.cruds.ids.IDSUtil.getUserFromUID(IDSUtil.java:748)
at oracle.security.idaas.rest.provider.cruds.ids.IDSUtil.getAuthPrincipal(IDSUtil.java:234)
at oracle.security.idaas.rest.provider.cruds.ids.IDSPersonService.readPerson(IDSPersonService.java:282)
at oracle.security.idaas.oauth.resourceserver.jaxrs.userprofile.UserProviderFacade.getUser(UserProviderFacade.java:115)
at oracle.security.idaas.oauth.resourceserver.jaxrs.userprofile.Me.getMyProfile(Me.java:133)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
................
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: oracle.igf.ids.EntityNotFoundException: Entity not found for the search filter (&(objectclass=top)(CN=testuser1)).
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1709)
at oracle.igf.ids.UserManager.searchUser(UserManager.java:169)
at oracle.security.idaas.rest.provider.cruds.ids.IDSUtil.getUserFromUID(IDSUtil.java:744)
at oracle.security.idaas.rest.provider.cruds.ids.IDSUtil.getAuthPrincipal(IDSUtil.java:234)
at oracle.security.idaas.rest.provider.cruds.ids.IDSPersonService.readPerson(IDSPersonService.java:282)
at oracle.security.idaas.oauth.resourceserver.jaxrs.userprofile.UserProviderFacade.getUser(UserProviderFacade.java:115)
at oracle.security.idaas.oauth.resourceserver.jaxrs.userprofile.Me.getMyProfile(Me.java:133)
........................................
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:263)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: oracle.igf.ids.arisid.ArisIdNoSuchSubjectException: Entity not found for the search filter (&(objectclass=top)(CN=testuser1)).
at com.oracle.ovd.arisid.OvdIdsStackProvider.doFind(OvdIdsStackProvider.java:1287)
at com.oracle.ovd.arisid.ArisIdStackProvider.doFind(ArisIdStackProvider.java:175)
at org.openliberty.arisid.Interaction.doFind(Interaction.java:1022)
at oracle.igf.ids.arisid.ArisIdServiceManager.findEntity(ArisIdServiceManager.java:1616)
at oracle.igf.ids.UserManager.searchUser(UserManager.java:169)
at oracle.security.idaas.rest.provider.cruds.ids.IDSUtil.getUserFromUID(IDSUtil.java:744)
Cause:
This might be due to the incorrect search filter configuration in IDS profile that is enabled in OAuth Service provider configuration. It is configured to CN as RDN attribute in my scanrio. Make sure the steps mentioned in the solution and correct the configuration.
Solution:
Make sure the following two services in OAuth default domain are pointed to correct IDS profile(In my case, it is OUDIDSProfile) where your user data is stored.
- OAuthDomain -> Resources Servers -> UserProfileServices -> Identity Store name -> OUDIDSProfile
- OAuthDomain -> Service Profiles -> User Store -> OUDIDSProfile
Also verify the Attribute configurations in IDS Profile settings are configured properly reflecting the correct ldap attributes.
- Navigate to Configuration -> UserIdentityStores -> IDS Profiles -> OUDIDSProfile -> Entities. Correct your RDN/login attribute settings as shown below.
After making required corrections according to your LDAPStore IDSProfile settings, It should be able to search the user now from your directory store.
Thank you for visiting.