39 FED-10104 to FED-18084

FED-10104: A name identifier update using protocol version {0} cannot be performed on a federation created with protocol version {1}

Cause: Unable to perform a name identifier update with the current version.

Action: Try using a different protocol version.

Level: 1

Type: ERROR

Impact: Configuration

FED-10105: Attribute Service location not found in provider metadata for {0}

Cause: Attribute service location was not in the provider metadata.

Action: Verify that the provider metadata contains the attribute service location.

Level: 1

Type: ERROR

Impact: Configuration

FED-10106: AssertionID service location not found in provider metadata for {0}

Cause: AssertionID service location was not in the provider metadata.

Action: Verify that the provider metadata contains the AssertionID service location.

Level: 1

Type: ERROR

Impact: Configuration

FED-10108: Cannot create federation with opaque name identifier: invalid data store

Cause: An opaque name identifier was used without a federation data store.

Action: Use a federation data store when an opaque identifier is used or configure Oracle Identity Federation to use a non-opaque Name ID.

Level: 1

Type: ERROR

Impact: Configuration

FED-10109: The nameid user store attribute has not been set for partner {0}.

Cause: Assertion to user record via NameId is enabled but no user attribute was specified.

Action: Specify a userstore attribute to which the name identifier value should be mapped.

Level: 1

Type: ERROR

Impact: Configuration

FED-10110: Cannot find service provider metadata for Affiliation={0};affiliationID type={1}

Cause: The federation did not contain a service provider that is part of the affiliation.

Action: Import the metadata of a service provider that is a member of the affiliation.

Level: 1

Type: ERROR

Impact: Configuration

FED-10111: Cannot find provider metadata for providerID={0}; providerID type={1}

Cause: There was no metadata available for the provider with the given ID.

Action: Verify that the provider ID is correct or that the provider is included in the federation.

Level: 1

Type: ERROR

Impact: Configuration

FED-10112: No default identity provider was set for the single sign-on operation.

Cause: The default single sign-on identity provider configuration property was not set.

Action: Set the default single sign-on identity provider in the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Configuration

FED-10113: Federation termination protocol not enabled

Cause: The federation termination protocol was not enabled.

Action: Verify that the federation termination protocol is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10114: NameIDPolicy not supported: {0}

Cause: The NameIDPolicy requested is not supported or not enabled.

Action: Check that the requested name identifier format is supported and enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10115: Cannot find the AssertionConsumerServiceURL in the requester metadata.

Cause: Could not find the AssertionConsumerServiceURL in the requester's provider metadata.

Action: Verify that the AssertionConsumerServiceURL is present in the provider metadata.

Level: 1

Type: ERROR

Impact: Configuration

FED-10117: Provider is not enabled: {0}

Cause: The peer provider is not enabled in the federation.

Action: Verify that the provider is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10118: Single sign-on binding unknown: {0}

Cause: The single sign-on binding is not one of the known bindings.

Action: Verify that the single sign-on binding is one of the bindings known by Oracle Identity Federation.

Level: 1

Type: ERROR

Impact: Configuration

FED-10119: The specified binding ({0}) for single sign-on with {1} is not supported by the peer provider.

Cause: The binding specified is not one of the bindings supported by the peer provider.

Action: Verify that the binding specified is supported by the peer provider.

Level: 1

Type: ERROR

Impact: Configuration

FED-10120: Unable to find a suitable binding to send the request.

Cause: Oracle Identity Federation could not find a binding to send the request.

Action: Verify that Oracle Identity Federation and the remote providers have a common binding for the profile.

Level: 1

Type: ERROR

Impact: Configuration

FED-10121: Unable to start identity provider-initiated single sign-on: Unknown metadata version.

Cause: The service provider metadata version was not recognized.

Action: Verify that the metadata version is one of the versions supported by the identity provider.

Level: 1

Type: ERROR

Impact: Configuration

FED-10122: Unable to start identity provider-initiated single sign-on: SP {0} does not belong to affiliation {1}.

Cause: The target service provider was not part of the affiliation.

Action: Check the provider federation to verify that the target service provider is in the affiliation.

Level: 1

Type: ERROR

Impact: Configuration

FED-10123: Unknown NameIDPolicy {0}

Cause: The NameIDPolicy is not one of the known policies.

Action: Verify that the NameIDPolicy is one of the policies that is accepted by Oracle Identity Federation.

Level: 1

Type: ERROR

Impact: Configuration

FED-10124: User cannot be located for federation with provider ID {0} name identifier {1} and message: {2}

Cause: Federation does not exist between the user, Oracle Identity Federation and the given peer provider.

Action: Verify that the federation exists, or configure the server to create one.

Level: 1

Type: ERROR

Impact: Configuration

FED-10125: AssertionID responder functionality is not enabled.

Cause: The AssertionID responder functionality has been disabled in the Oracle Identity Federation configuration.

Action: Enable the AssertionID responder functionality.

Level: 1

Type: ERROR

Impact: Configuration

FED-10126: Attribute Query requester functionality is not enabled.

Cause: The Attribute Query requester functionality has been disabled in the Oracle Identity Federation configuration.

Action: Enable the AttributeQuery requester functionality.

Level: 1

Type: ERROR

Impact: Configuration

FED-10127: AssertionID requester functionality is not enabled.

Cause: The AssertionID requester functionality has been disabled in the Oracle Identity Federation configuration.

Action: Enable the AssertionID requester functionality.

Level: 1

Type: ERROR

Impact: Configuration

FED-10128: Attribute Query responder functionalities are not enabled.

Cause: The Attribute Query responder functionality has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the Attribute Query responder functionality is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10129: Authentication Query responder functionalities are not enabled.

Cause: The Authentication Query responder functionality has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the Authentication Query requester functionality is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10130: No metadata exists for protocol {0} used by provider {1}

Cause: Metadata for this provider was not found.

Action: Load metadata for the provider.

Level: 1

Type: ERROR

Impact: Configuration

FED-10131: Unknown service provider: {0}

Cause: The service provider is not in the federation.

Action: Verify the trusted provider federation configuration.

Level: 1

Type: ERROR

Impact: Configuration

FED-10132: Single sign-on functionality is not enabled

Cause: The single sign-on functionality has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the single sign-on functionality is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10133: Identity provider functionality is not enabled.

Cause: The identity provider functionality has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the identity provider functionality is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10134: Incoming authentication request uses a protocol profile which is not enabled: {0}

Cause: Protocol profile has not been enabled in the Oracle Identity Federation configuration.

Action: Verify that the profile used for the authentication request is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10135: Incoming request uses a protocol profile which is not enabled: {0}

Cause: Protocol profile has not been enabled in the Oracle Identity Federation configuration.

Action: Verify that profile used for the incoming request is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10136: Incoming assertion uses a protocol profile which is not enabled: {0}

Cause: Protocol profile has not been enabled in the Oracle Identity Federation configuration.

Action: Verify that the profile used in the assertion is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10139: Register Name Identifier protocol is disabled.

Cause: The Register Name Identifier protocol has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the Register Name IdentifierProtocol is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10140: SAML 1.0 protocol functionality is not enabled.

Cause: The SAML version 1.0 protocol has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the SAML version 1.0 protocol is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10141: SAML 1.1 protocol functionality is not enabled.

Cause: The SAML version 1.1 protocol has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the SAML version 1.1 protocol is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10142: SAML 2.0 protocol functionality is not enabled.

Cause: The SAML version 2.0 protocol has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the SAML version 2.0 protocol is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10143: Service provider functionality is not enabled

Cause: Service provider functionality has been disabled in the Oracle Identity Federation configuration

Action: Verify that service provider functionality is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10169: EventFactory was not found for {0}.

Cause: EventFactory for this class was not registered.

Action: Contact Oracle Support Services to rectify the issue.

Level: 1

Type: INCIDENT_ERROR

Impact: Configuration

FED-10178: Metadata version parameter unknown: {0}

Cause: The metadata version parameter is unknown.

Action: Check that the metadata version parameter is correct.

Level: 1

Type: ERROR

Impact: Configuration

FED-10187: Logout configuration error: webContext (={0}) and/or relativePath (={1}) for logout are incorrect.

Cause: The webContext and/or relativePath for logout were incorrectly configured.

Action: Verify that the webContext and relativePath for logout are correctly configured.

Level: 1

Type: ERROR

Impact: Configuration

FED-10188: Invalid name identifier format

Cause: The name identifier format is invalid, or custom name ID format is disabled.

Action: Verify that the name identifier format is valid, or that customizable name ID format is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10189: Attribute authority does not support any appropriate name identifier formats.

Cause: The attribute authority does not support the requested subject name identifier format.

Action: Either use a subject format other than "userid", or use a different attribute authority.

Level: 1

Type: ERROR

Impact: Configuration

FED-10191: The service provider integration module is not enabled: {0}.

Cause: The service provider integraton module is disabled in the Oracle Identity Federation configuration.

Action: Enable the appropriate service provider integration module.

Level: 1

Type: ERROR

Impact: Configuration

FED-10195: Authentication engine configuration error: WebContext={0} ; RelativePath={1}

Cause: The Web Context and/or the Relative Path properties of the authentication engine configuration were not set.

Action: Check that the authentication engine configuration defines the required web context and relative path.

Level: 1

Type: ERROR

Impact: Configuration

FED-10196: Service provider integration module configuration error: WebContext={0} ; RelativePath={1}

Cause: The Web Context and/or the Relative Path properties of the service provider integration module configuration were not set.

Action: Check that the service provider integration module configuration defines the required web context and relative path.

Level: 1

Type: ERROR

Impact: Configuration

FED-10197: The service provider anonymous user ID was not set.

Cause: The Oracle Identity Federation server needed to create a session of type anonymous but the Anonymous User ID is not set in the configuration.

Action: Set the Anonymous User ID in the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Configuration

FED-10198: The Pre/Post Custom Engine is not enabled.

Cause: The Pre/Post Custom Engine is disabled in the Oracle Identity Federation configuration.

Action: Enable the appropriate Pre/Post Custom Engine.

Level: 1

Type: ERROR

Impact: Configuration

FED-10199: Pre/Post Custom Engine configuration error: WebContext={0} ; RelativePath={1}

Cause: The Web Context and/or the Relative Path properties of the Pre/Post Custom Engine configuration were not set.

Action: Check that the Pre/Post Custom Engine configuration defines the required web context and relative path.

Level: 1

Type: ERROR

Impact: Configuration

FED-10205: OpenID 2.0 protocol functionality is not enabled.

Cause: The OpenID version 2.0 protocol has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the OpenID version 2.0 protocol is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-10206: OAuth 2.0 protocol functionality is not enabled.

Cause: The OAuth version 2.0 protocol has been disabled in the Oracle Identity Federation configuration.

Action: Verify that the OAuth version 2.0 protocol is enabled.

Level: 1

Type: ERROR

Impact: Configuration

FED-11002: Cannot retrieve the unique user federation ID from the federation record.

Cause: Could not retrieve the unique user federation ID from the federation record.

Action: Verify that the federation record is correctly formatted.

Level: 1

Type: ERROR

Impact: Data

FED-12006: Unsupported attribute value type Object {0}

Cause: Attribute value object received from the peer provider was not of a supported type.

Action: Contact Oracle Support Services to rectify the issue.

Level: 1

Type: WARNING

Impact: Other

FED-12016: Message Creation Exception: unable to create the message: {0}

Cause: Could not create the protocol message.

Action: Check the Oracle Identity Federation logs for more specific information.

Level: 1

Type: ERROR

Impact: Other

FED-12020: Translation Exception: unable to translate message: {0}.

Cause: There was a problem marshalling or unmarshalling the message.

Action: Check the Oracle Identity Federation logs for more specific information.

Level: 1

Type: ERROR

Impact: Other

FED-12037: SAML Artifact Exception: {0}

Cause: An error occurred while creating or parsing a SAML Artifact.

Action: Check the Oracle Identity Federation logs for more specific information.

Level: 1

Type: ERROR

Impact: Other

FED-12038: SAML Protocol Exception: {0}

Cause: An error occurred while creating or parsing a SAML Protocol message.

Action: Check the Oracle Identity Federation logs for more specific information.

Level: 1

Type: ERROR

Impact: Other

FED-12042: Error while generating Oracle Identity Federation provider metadata.

Cause: An error occurred while creating the Oracle Identity Federation provider metadata.

Action: Check logs and configuration, or contact Oracle Support Services to rectify the issue.

Level: 1

Type: ERROR

Impact: Other

FED-12081: Error while generating Oracle Identity Federation XRDS metadata.

Cause: An error occurred while creating the Oracle Identity Federation XRDS metadata.

Action: Check logs and configuration, or contact Oracle Support Services to rectify the issue.

Level: 1

Type: ERROR

Impact: Other

FED-12085: Identity Provider Discovery service page disabled

Cause: The IdP Discovery service page is disabled

Action: Update the configuration to enable that service if needed

Level: 1

Type: ERROR

Impact: Other

FED-12086: The credentials provided during the registration data retrieval operation could not be validated

Cause: The credentials provided by the requesting client could not be valited

Action: Ensure that the client is sending the correct credentials

Level: 1

Type: ERROR

Impact: Other

FED-13000: Cannot complete the logout process.

Cause: Oracle Identity Federation could not complete the logout process, due to a lack of profile support from the service providers.

Action: Perform the logout process using another binding or check that the various peer providers support approriate logout profiles.

Level: 1

Type: ERROR

Impact: Programmatic

FED-13008: Cannot create temporary federations.

Cause: Temporary federation store is unavailable.

Action: Check configuration of data store. Make sure the data store is up and has space available.

Level: 1

Type: INCIDENT_ERROR

Impact: Programmatic

FED-13018: Cannot create a permanent federation record with a transient data store.

Cause: Could not create a permanent federation due to the store being unavailable.

Action: Check configuration of data store. Make sure the data store is up and has space available.

Level: 1

Type: INCIDENT_ERROR

Impact: Programmatic

FED-13019: The Authentication Engine ID and Service Provider Engine ID are null.

Cause: The engine did not return an authentication engine ID or a service provider engine ID.

Action: Contact Oracle Support Services to rectify the issue.

Level: 1

Type: ERROR

Impact: Programmatic

FED-13020: Both the Authentication Engine ID and Service Provider Engine ID are set.

Cause: The engine returned both an authentication engine ID and an service provider engine ID, where only one should be set.

Action: Contact Oracle Support Services to rectify the issue.

Level: 1

Type: ERROR

Impact: Programmatic

FED-13021: Cannot retrieve session during logout flow.

Cause: The session could not be retrieved.

Action: Contact Oracle Support Services to rectify the issue.

Level: 1

Type: WARNING

Impact: Programmatic

FED-15005: Name identifier registration is already in progress.

Cause: A name identifier registration was in progress when a new registration was initiated.

Action: Wait until the name identifier registration finishes.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15006: The single sign-on Assertion has been marked as logged out: {0}.

Cause: A non-expired logout request containing the Assertion SessionIndex invalidated the single sign-on assertion.

Action: Perform single sign-on again.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15007: The single sign-on Assertion has been marked as logged out: {0}.

Cause: A non-expired logout request with no SessionIndex invalidated the single sign-on Assertion.

Action: Perform single sign-on again.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15008: A SAML 2.0 name identifier update cannot be performed on a non-SAML 2.0 federation record.

Cause: Tried to perform a SAML 2.0 name identifier update.

Action: Try a different protocol version.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15009: An error occurred while dereferencing the SAML 2.0 Artifact: {0} - {1}

Cause: A problem occurred with the SAML 2.0 Artifact.

Action: Verify the contents of the SAML 2.0 Artifact.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15010: Artifact not present

Cause: The artifact was not present in the request.

Action: Verify that the artifact is set in the request

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15011: Cannot find the authentication request associated with the assertion: {0}.

Cause: The Oracle Identity Federation server could not retrieve the saved AuthnRequest corresponding to the incoming assertion.

Action: Check that the single sign-on operation was performed using fully qualified hostname, and that the same Oracle Identity Federation server was used for the operation in load balanced mode.

Level: 1

Type: ERROR

Impact: Requests/Responses

Cause: The assertion was replayed.

Action: Verify that the assertion has not been replayed.

FED-15012: Cannot select the binding to use to send the request.

Cause: Either the profile was not supported by the remote server, or could not agree with the Oracle Identity Federation server on a common binding.

Action: Verify that the remote server and the Oracle Identity Federation server have a common binding.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15013: Cannot select the binding to use to send the response.

Cause: Either the profile was not supported by the remote server, or could not agree with the Oracle Identity Federation server on a common binding.

Action: Verify that the remote server and the Oracle Identity Federation server have a common binding.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15015: Error encountered while parsing XML element {0}, child of {1} in incoming XML message.

Cause: Could not parse an XML element from the incoming XML message.

Action: Verify that the incoming XML message is valid and correctly formatted.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15018: Error while decoding the authentication result: user ID missing.

Cause: The user ID was missing in the result returned by the authentication process.

Action: Verify that the user ID is valid.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15020: Name identifier format not supported or missing for attribute responder: {0}

Cause: The name identifier format for the attribute responder was unknown or not accepted.

Action: Verify that the name identifier format is one of the formats that is accepted by Oracle Identity Federation.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15021: Name identifier format not supported or missing for authentication responder: {0}

Cause: The name identifier format for the authentication responder was unknown or not accepted.

Action: Verify that the name identifier format is one of the formats that is accepted by Oracle Identity Federation.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15022: Error processing response message.

Cause: Was unable to process the response message.

Action: Check the Oracle Identity Federation logs for more specific information.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15024: Query received is not an Attribute Query.

Cause: Internal server error; expected an AttributeQuery message, but received a different message.

Action: Contact Oracle Support Services to rectify the issue.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15025: Query received is not an Authentication Query.

Cause: Internal server error; expected an AuthenticationQuery message, but received a different message.

Action: Contact Oracle Support Services to rectify the issue.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15026: Issuer is not set in the incoming assertion request message: the provider is unknown

Cause: The issuer attribute was not set in the assertion request message.

Action: Verify that the issuer attribute is set in the assertion request message.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15027: Issuer is not set in the incoming attribute query message: the provider is unknown

Cause: The issuer attribute was not set in the attribute query message.

Action: Verify that the issuer attribute is set in the attribute query message.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15028: Issuer is not set in the incoming authentication query message: the provider is unknown

Cause: The issuer attribute was not set in the authentication query message.

Action: Verify that the issuer attribute is set in the authentication query message.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15032: No service provider federation found for provider {0} and name identifier format {1} and name identifier value {2}

Cause: Unable to find the service provider federation corresponding to this provider and name identifier in the federation data store.

Action: Check the federation data store to verify that a user identity federation exists with the provider ID and name identifier submitted in the query.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15033: Outgoing assertion protocol profile is not supported or not enabled: {0}

Cause: The outgoing assertion protocol profile was not supported, or enabled.

Action: Verify that the assertion protocol profile is supported by Oracle Identity Federation.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15034: Profile is unknown: {0}

Cause: The profile was unknown.

Action: Verify that the profile version is correct.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15035: Provider ID is missing from the authentication request

Cause: The provider ID was missing from the authentication request.

Action: Verify that the provider ID is present in the authentication request.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15037: Request destination is invalid

Cause: The request destination was not a valid URL.

Action: Verify that the request destination is a valid URL and correspond to the URL where the request was posted.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15038: Response destination is invalid

Cause: The response destination was not a valid URL.

Action: Verify that the response destination is a valid URL and correspond to the URL where the response was posted.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15039: Response does not correspond to any requests

Cause: The Oracle Identity Federation server could not locate the request corresponding to the incoming response.

Action: Verify that the incoming response is valid and corresponds to a request, or perform the operation again.

Level: 1

Type: ERROR

Impact: Requests/Responses

Cause: The response was replayed

Action: verify that the response is not replayed

FED-15041: Cannot process the incoming request

Cause: Single sign-on is required with peer provider in order to fulfill the current request.

Action: Perform single sign-on before attempting to execute the protocol operation.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15042: The InResponseTo header does not correspond to a ManageNameID request.

Cause: The InResponseTo pointed to a message other than ManageNameID.

Action: Check with the peer provider.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15043: The received assertion does not contain an AuthenticationStatement: {0}

Cause: The assertion did not contain an authentication statement.

Action: Contact the peer provider for more details on why the assertion does not contain an authentication statement, and examine the assertion for possible information.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15044: The response does not contain any assertions: {0}

Cause: The identity provider did not include any assertions in the response.

Action: Check that the identity provider includes an assertion with the response.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15055: Invalid version format in the active identity provider federation entry: {0}

Cause: The version format was incorrect.

Action: Verify that the version parameter is in a valid format.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15061: Unknown message: {0}

Cause: A protocol message was sent on the incorrect service URL.

Action: Verify that the message sent to the service URL is of correct type.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15062: Authentication request destination is invalid

Cause: The authentication request destination was not a valid URL.

Action: Verify that the authentication responder functionalities are enabled.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15063: Authentication request is expired.

Cause: The authentication request has expired or is not yet valid.

Action: Verify the time settings between this server and the peer provider are synchronized. Alternatively the server clock drift can be increased in the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15064: Destination URL cannot be validated: {0}

Cause: Destination URL could not be validated.

Action: Verify that the URL is correct.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15065: The destination field ({0}) from the SAML 2.0 message does not match the actual request URL {1}

Cause: The message was submitted on a URL that is different from the URL that was specified by the remote provider in the destination field.

Action: Contact remote provider.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15067: Invalid response.

Cause: Protocol response was corrupt.

Action: Verify that an XML message is well-formed and correct.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15070: The response cannot be validated.

Cause: Message does not follow the configuration requirements.

Action: Check previous error messages for more information.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15071: The server is not included in the AudienceRestrictionCondition.

Cause: The value of the provider ID entry in the federations for the identity provider was incorrect.

Action: Verify that the federations entry corresponding to the assertion consumer is correct.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15072: Unknown version in factory request.

Cause: The protocol version sent back from the peer provider is not valid.

Action: Verify that the peer provider is configured to the correct protocol version.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15073: The profile is not supported.

Cause: The profile is not supported or is not enabled.

Action: Verify that the profile is supported by Oracle Identity Federation.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15074: The user authenticated at identity provider is different from the user specified in the request message.

Cause: For security reasons, the user authenticated at the identity provider must be the same user that was specified in the request.

Action: Verify that the user authenticated at the identity provider is the same user as indicated in the request.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15075: User from existing session ({0}) is different from user received in single sign-on assertion ({1}) for message: {2}.

Cause: The user from the existing session was different than the user in the assertion.

Action: Action is not allowed.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15076: Cannot validate the SubjectConfirmation's InResponseTo field with the authentication request for message {0}

Cause: The value of the InResponseTo field did not correspond to an authentication request.

Action: Contact administrator, remote server, or Oracle Support Services.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15078: Unsupported protocol.

Cause: Protocols supported are Liberty 1.x, SAML1.x/2.0 and WS-Federation.

Action: Ensure the protocol used is either Liberty 1.x or SAML1.x/2.0 or WS-Federation.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15080: The user previously performed a single sign-on operation with a protocol version ({0}) different from SAML2.0.

Cause: The federation was created with a single sign-on of different protocol version.

Action: Single sign-on can only be performed with same protocol version for the particular service provider

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15081: User tried to initiate protocol with a federation belonging to another user.

Cause: User tried to initiate protocol with a federation belonging to another user.

Action: Cannot initiate protocol as another user.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15086: Multiple users are found during attribute responder operation for name identifier: {0} and name identifier format = {1}.

Cause: Multiple users were present in the user data store which satisfies the search criteria of name identifier value.

Action: Check the data store and correct any errors.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15088: Multiple users are found during automatic account linking for name identifier: {0} name identifier format: {1} and message: {2}.

Cause: Multiple users were present in the user data store which satisfies the search criteria of name identifier value.

Action: Check the data store and correct any errors.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15089: User was not found during attribute responder operation for name identifier: {0} and name identifier format = {1}.

Cause: User was not present in the user data store which satisfies the search criteria of name identifier value.

Action: Check the data store and correct any errors.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15091: User was not found during automatic account linking for name identifier: {0} name identifier format: {1} and message: {2}.

Cause: User was not present in the user data store which satisfies the search criteria of name identifier value.

Action: Check the data store and correct any errors.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15092: RegisterNameIdentifier was not successful.

Cause: Status of RegisterNameIdentifier response was in error.

Action: Check global name identifier format of this Oracle Identity Federation server or with the uploaded peer provider metadata.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15093: A federation for this user does not exist locally: {0}.

Cause: The identity provider sent a federation name identifier, but the federation was not found locally.

Action: Enable auto account linking property for SAML20 protocol to create the federation for this user. Enable allow federation creation property to create the federation for this user.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15097: The identity provider sent an assertion with version 2.0 different from the existing single sign-on version: {0} with message: {1}.

Cause: Existing session was not of the single sign-on version 2.0.

Action: Logout the user to delete the existing session.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15099: The wtrealm parameter is empty.

Cause: A WS-Federation signin request was received with an empty wtrealm parameter.

Action: Verify that the wtrealm parameter is not empty.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15100: There is no assertion consumer URL in the requester's configuration.

Cause: There was no assertion consumer URL in the requester configuration.

Action: Enter the assertion consumer URL of the requester in the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15101: WS-Federation protocol is not enabled.

Cause: The WS-Federation protocol was not enabled in the Oracle Identity Federation configuration.

Action: Enable the WS-Federation protocol in the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15102: Default name identifier format for SAML 1.x assertion cannot be processed: {0}

Cause: The default name identifier format cannot be processed.

Action: Verify that the default name identifier format is correct in the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15103: Default name identifier format for SAML 1.1 assertion cannot be processed: {0}

Cause: The default name identifier format cannot be processed.

Action: Verify that the default name identifier format is correct in the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15104: The user previously performed a single sign-on operation with a protocol version ({0}) different from WS-Fed 1.1.

Cause: The user previously performed a single sign-on operation with a protocol version other than WS-Federation 1.1

Action: No action.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15105: The identity provider sent an assertion with WS-Fed version 1.1 different from the existing single sign-on version: {0}.

Cause: The single sign-on version in the assertion was different than the existing single sign-on version.

Action: Verify that the peer provider is configured to the correct protocol version.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15106: Multiple users were found during attribute based authentication using NameID mapping for name identifier: {0} name identifier format: {1} and message: {2}.

Cause: Multiple users were present in the user data store which satisfies the search criteria of name identifier value.

Action: Check the data store and correct any errors.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15107: Multiple users were found during attribute based authentication using Attribute mapping for name identifier: {0} name identifier format: {1} and message: {2}.

Cause: Multiple users were present in the user data store which satisfies the search criteria of attribute values.

Action: Check the data store and correct any errors.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15108: User was not found during attribute based authentication using NameID mapping for name identifier: {0} name identifier format : {1} and message : {2}.

Cause: User was not present in the user data store which satisfies the search criteria of name identifier value.

Action: Check the data store and correct any errors.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15109: User was not found during attribute based authentication using Attribute Mapping for name identifier: {0} and name identifier format : {1} and message : {2}.

Cause: User was not present in the user data store which satisfies the search criteria of attribute values.

Action: Check the data store and correct any errors.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15110: User mapping based on name identifier and attribute features are not enabled for attribute based authentication for name identifier: {0} name identifier format: {1} and message: {2}.

Cause: User mapping based on name identifier and attribute features were not enabled for attribute based authentication.

Action: Verify that user mapping based on NameID and attribute features are enabled for attribute based authentication.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15111: The message is not a request security token response: {0}.

Cause: The message received from the identity provider was not a Request Security Token Response.

Action: Contact Oracle Support Services to rectify the issue.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15112: The message contains an assertion with an empty issuer attribute: {0}.

Cause: The message contained an assertion with an empty issuer attribute.

Action: Verify that the peer provider is configured to use the correct provider ID for the issuer.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15113: The action parameter (wa={0}) is not one of the actions currently recognized by the identity provider.

Cause: The value of the action parameter was not one of the values recognized by Oracle Identity Federation.

Action: Verify that the peer provider is using the correct version of the WS-Federation protocol.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15114: Unknown WS-Federation request message: {0}

Cause: The WS-Federation Request message contained in the wreq parameter is unknown or incorrect.

Action: Contact remote provider.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15115: Error while interacting with remote providers via SOAP protocol.

Cause: An error occurred while sending or receiving a SOAP message to a remote provider.

Action: Check with the peer provider.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15116: The identity provider discovery service returned an empty string as the identity provider.

Cause: The discovery service returned the empty string as the identity provider's provider ID.

Action: The identity provider's providerID parameter should either be missing or contain a value. Check with the discovery service

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15117: The identity provider discovery service returned an empty or null refid.

Cause: The discovery service did not include the required refID parameter.

Action: Check with the discovery service

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15118: Could not find provider ID for issuer of request.

Cause: Oracle Identity Federation cannot identify the SOAP requester as it did not authenticate via HTTP Basic/SSL Client.

Action: Configure OHS so that it protects the SAML 1.x SOAP URL to require HTTP basic authentication or SSL client authentication

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15119: Incoming message does not contain a SAML 1.x Request.

Cause: The incoming SOAP Request does not contain a SAML 1.x request and Oracle Identity Federation was expecting one.

Action: Verify that the SOAP Requestor is sending a SAML 1.x Request; verify that the SOAP Requestor is not sending a non SAML 1.x message to the SAML 1.x SOAP URL

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15120: UserID was not sent from user provisioning system.

Cause: Request from user provisioning system does not contain UserID attribute.

Action: Verify that request from user provisioning system contains UserID attribute

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15121: Attribute response is malformed.

Cause: The attribute response was malformed.

Action: Verify that the attribute response is not malformed.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15122: Unknown identity provider: {0}

Cause: The identity provider is unknown.

Action: Verify that the identity provider is in the federations configuration.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15123: Invalid subject format for protocol version SAML 1.x

Cause: The subject format was invalid.

Action: Verify that the peer provider is using the correct subject format.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15124: Provider federation does not exist for userID: {0}.

Cause: Provider federation has been deleted or the userID is not valid.

Action: Check the request or retry.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15125: Single sign-on response was not signed.

Cause: The single sign-on response signature requirements were not met.

Action: Verify that a signature was present in the single sign-on response and that Oracle Identity Federation is using the correct certificate for signature validation.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15128: An internal error occurred while processing the credentials

Cause: The authentication engine did not return the required refID parameter.

Action: Check that the authentication flow correctly sent the refID parameter to the Oracle Identity Federation server

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15130: AssertionID parameter not present

Cause: The AssertionID was not present in the request.

Action: Verify that the AssertionID is set in the request

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15132: Unknown refID

Cause: Event was already processed.

Action: Check user actions.

Level: 1

Type: ERROR

Impact: Requests/Responses

Cause: Oracle Identity Federation is in High Availability mode and the event data is stored in another server.

Action: Enable session replication between WLS servers or use sticky sessions at the load balancer to force the user to come to the same Oracle Identity Federation server.

Cause: User previously accessed the Oracle Identity Federation server with a different host name than the one in the current request and cookies were not transmitted.

Action: Use the same hostname and fully qualified domain URL to access the Oracle Identity Federation server.

FED-15133: Unknown FedID: {0}

Cause: No federation record exists with specified fedID in the configured federation data store.

Action: Check federation data store configuration and verify that federation record with specified fedID exists in data store.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15134: The service provider could not map the identity provider response to a user

Cause: The Oracle Identity Federation service provider was not able to map the response from the identity provider to a user record.

Action: Check the message sent from the identity provider and error logs in the service provider.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15135: "Unknown Identity Provider; SuccinctID:{0}"

Cause: The identity provider is unknown.

Action: Verify that the identity provider is in the federations configuration.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15136: Unsolicited OpenID Response: {0}

Cause: The OpenID Response received was already processed

Action: Verify the user flow, as the response should only be presented once

Level: 1

Type: ERROR

Impact: Requests/Responses

Cause: The OpenID Response received is unsolicited and the OP could not be determined

Action: Be sure that the OP Endpoint URL is defined in the configuration for this trusted partner

Cause: The OpenID Response received is unsolicited and the OP is not trusted

Action: Contact the OP as the Oracle Identity Federation Server does not support unsolicited responses

FED-15137: Nonce missing from Response

Cause: The Response did not contain a Nonce element

Action: Contact the OP

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15138: The OP sent an authentication response with version OpenID 2.0 different from the existing SSO version: {0} for message: {1}

Cause: Existing session was not of the single sign-on version OpenID 2.0

Action: Logout the user to delete the existing session.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15139: OpenID Association Failed with ProviderID: {0}

Cause: The OpenID Association operation failed.

Action: Check the logs for more detailed error messages, and correct the problem related to the error.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15140: OpenID Signature Verification Failed with ProviderID: {0}

Cause: The Signature Verification of the OpenID Message failed

Action: Check the logs for more detailed error messages, and contact the OP

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15141: OpenID Direct Message Verification Failed with ProviderID: {0}

Cause: The OpenID Direct Verification operation failed while validating a response

Action: Check the logs for more detailed error messages, and contact the OP

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15142: OpenID XRDS processing failed with ProviderID: {0}

Cause: The XRDS document is invalid

Action: Check the logs for more detailed error messages, and contact the OP

Level: 1

Type: ERROR

Impact: Requests/Responses

Cause: The XRDS document could not be retrieved

Action: Check the logs for more detailed error messages, and contact the OP

FED-15143: OpenID ClaimedID verification failed against the OP XRDS document for message: {0}

Cause: The XRDS document downloaded from the ClaimedID location does not match the OP's information

Action: Check the logs for more detailed error messages, and contact the OP

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15144: The OpenID RP is unknown

Cause: The OpenID RP is not a known partner: either the RP was not provisioned or Oracle Identity Federation IdP is not configured to interact with Generic OpenID RPs

Action: Add the OpenID RP or the configure Oracle Identity Federation IdP to interact with Generic OpenID RPs if needed

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15145: The Federation SSO operation with the Identity Provider partner {0} failed with the following status: top status={1} secondary status={2} and message={3}

Cause: The Federation SSO operation failed to complete.

Action: Check the message sent from the identity provider and error logs in the service provider.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15146: OAuth Access Token Request operation failed with partner {0} for the Access Token URL {1}

Cause: The Access Token message exchange failed

Action: Check the logs for more detailed error messages and contact the partner

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15147: OAuth Access Token Request operation failed with partner {0} for the resource {1}

Cause: An error occurred while retrieving user data from the partner resource

Action: Check the logs for more detailed error messages and contact the partner

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15148: The OAuth Partner sent an authentication response with version OAuth 2.0 different from the existing SSO version: {0} for message: {1}

Cause: Existing session was not of the single sign-on version OAuth 2.0

Action: Logout the user to delete the existing session.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15149: The partner did not return a success response: {0}

Cause: The federation partner returned an error.

Action: Check the message and contact if necessary the partner.

Level: 1

Type: ERROR

Impact: Requests/Responses

FED-15150: The identity provider sent an assertion with version 1.1 different from the existing single sign-on version: {0} with message: {1}.

Cause: Existing session was not of the single sign-on version 1.1.

Action: Logout the user to delete the existing session.

Level: 1

Type: WARNING

Impact: Requests/Responses

FED-15151: Unsolicited OAuth Response: {0}

Cause: The OAuth Response received was already processed

Action: Verify the user flow, as the response should only be presented once

Level: 1

Type: ERROR

Impact: Requests/Responses

Cause: The OAuth Response received is unsolicited and the IdP could not be determined

Action: Be sure that the IdP Endpoint URL is defined in the configuration for this trusted partner

Cause: The OAuth Response received is unsolicited and the IdP is not trusted

Action: Contact the IdP as the Oracle Identity Federation Server does not support unsolicited responses

FED-18002: The assertion has already been processed: {0}

Cause: The assertion has been replayed.

Action: Verify that the assertion is not replayed.

Level: 1

Type: ERROR

Impact: Security

FED-18004: Attribute authority is not trusted.

Cause: The attribute authority is not marked as trusted in the federations.

Action: Configure the peer provider as a trusted provider to enable protocol exchanges.

Level: 1

Type: ERROR

Impact: Security

FED-18005: Identity provider is not trusted: {0}

Cause: The identity provider is not marked as trusted in the federations.

Action: Verify configuration of the provider in the federations settings of the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Security

FED-18006: Message cannot be validated : {0}.

Cause: Incoming message is invalid.

Action: Please check previous log entries for more specific information.

Level: 1

Type: ERROR

Impact: Security

FED-18007: Message has expired or is not yet valid.

Cause: The message validity period has expired.

Action: Verify the time settings between this server and the peer provider are synchronized. Alternatively, the server clock drift can be increased in the Oracle Identity Federation configuration.

Level: 1

Type: ERROR

Impact: Security

FED-18008: Message is not signed.

Cause: The message was not signed.

Action: Verify that the message is signed.

Level: 1

Type: ERROR

Impact: Security

FED-18010: The service provider is not part of the affiliation.

Cause: The provider is not part of the affiliation.

Action: Verify that the provider is part of the affiliation in the federations

Level: 1

Type: ERROR

Impact: Security

FED-18011: Service provider is not trusted.

Cause: Service provider is not in the federations configuration.

Action: Verify configuration of the federations

Level: 1

Type: ERROR

Impact: Security

FED-18012: Assertion cannot be validated: {0}.

Cause: Assertion could not be validated.

Action: Check the message to verify that the assertion is valid, and after check with the peer provider that sent the assertion.

Level: 1

Type: ERROR

Impact: Security

FED-18013: Assertion cannot be validated; confirmation method is missing for message: {0}.

Cause: The confirmation method was missing from the assertion.

Action: Check the message to verify that the assertion is valid, and after check with the peer provider that sent the assertion.

Level: 1

Type: ERROR

Impact: Security

FED-18014: Assertion cannot be validated; InResponseTo is missing for message: {0}.

Cause: The InResponseTo attribute was missing from the assertion.

Action: Check the message to verify that the assertion is valid, and after check with the peer provider that sent the assertion.

Level: 1

Type: ERROR

Impact: Security

FED-18015: Assertion cannot be validated; recipient is missing for message: {0}.

Cause: The recipient was missing from the assertion.

Action: Check the message to verify that the assertion is valid, and after check with the peer provider that sent the assertion.

Level: 1

Type: ERROR

Impact: Security

FED-18016: Assertion cannot be validated; validity time is missing for message {0}.

Cause: The validity time was missing from the assertion.

Action: Check the message to verify that the assertion is valid, and after check with the peer provider that sent the assertion.

Level: 1

Type: ERROR

Impact: Security

FED-18017: The AssertionConsumerServiceURL found in the authentication request message cannot be validated.

Cause: The message was not signed.

Action: Verify that the message was signed.

Level: 1

Type: ERROR

Impact: Security

Cause: URL was not one of the assertion consumer support URL found in the metadata.

Action: Verify that the URL is correct.

FED-18018: Assertion has expired or is not yet valid: {0} for message: {1}

Cause: The assertion validity period has expired.

Action: Verify the time settings between this server and the peer provider are synchronized. Alternatively, the server clock drift can be increased in the admin console.

Level: 1

Type: ERROR

Impact: Security

FED-18020: Authentication request is not signed.

Cause: Authentication request was not signed.

Action: Authentication request needs to be signed.

Level: 1

Type: ERROR

Impact: Security

FED-18027: Evaluation of the assertion's conditions failed.

Cause: Assertion conditions were not valid.

Action: Check logs for more detailed error messages.

Level: 1

Type: ERROR

Impact: Security

FED-18035: URL query signature verification failed.

Cause: The certificate from the remote provider might need to be updated.

Action: Contact remote provider for updated certificate.

Level: 1

Type: ERROR

Impact: Security

Cause: The message or signature may have been tampered with.

Action: Contact administrator to investigate transport error or possible security incident.

FED-18038: Signature verification failed.

Cause: The certificate from the remote provider might need to be updated.

Action: Contact remote provider to update certificate.

Level: 1

Type: ERROR

Impact: Security

Cause: The message or signature may have been tampered with.

Action: Contact administrator to investigate transport error or possible security incident.

FED-18040: Cannot locate temporary federations.

Cause: The temporary federation did not exist, possibly expired.

Action: No Action.

Level: 1

Type: ERROR

Impact: Security

FED-18043: Unexpected recipient: {0} for message: {1}

Cause: The recipient in the assertion did not match the configured provider.

Action: Contact remote provider to verify the provider information.

Level: 1

Type: ERROR

Impact: Security

FED-18045: Unsupported liberty version: {0}

Cause: The version of liberty was not supported.

Action: The supported versions of liberty are 1.1 and 1.2.

Level: 1

Type: ERROR

Impact: Security

FED-18046: Unknown descriptor type: {0}

Cause: Unknown descriptor type .

Action: Contact remote provider for verifying the metadata.

Level: 1

Type: ERROR

Impact: Security

FED-18051: Authentication instant was not sent from the authentication engine.

Cause: The authentication engine did not send an authentication instant.

Action: Check the authentication engine implementation.

Level: 1

Type: WARNING

Impact: Security

FED-18052: Authentication mechanism was not sent from the authentication engine.

Cause: The authentication engine did not send an authentication mechanism.

Action: Check the authentication engine implementation.

Level: 1

Type: WARNING

Impact: Security

FED-18056: Authentication error, the authentication mechanism is not enabled: {0}

Cause: The authentication mechanism used to authenticate the user is disabled.

Action: Enable the authentication mechanism.

Level: 1

Type: ERROR

Impact: Security

Cause: The Authentication Mechanism used to authenticate the user is disabled.

Action: A user tried to use a disabled authentication mechanism/engine to login.

FED-18057: Authentication error, the authentication engine is not enabled: {0}

Cause: The authentication engine used to authenticate the user is disabled.

Action: Enable the authentication engine.

Level: 1

Type: ERROR

Impact: Security

Cause: The Authentication Engine used to authenticate the user is disabled.

Action: A user tried to use a disabled authentication mechanism/engine to login.

FED-18058: Service provider engine error, the service provider engine is not enabled: {0}

Cause: The service provider engine used to integrate with the AAA server is disabled.

Action: Enable the service provider engine.

Level: 1

Type: ERROR

Impact: Security

FED-18059: User from existing session ({0}) is different from user locally authenticated ({1})

Cause: A user already authenticated in Oracle Identity Federation re-authenticated but with a different user ID.

Action: Check the user's activity and session status, and report a possible security incident to the administrator.

Level: 1

Type: ERROR

Impact: Security

FED-18060: User has already existing session with SessionID={0} and the authentication engine specified a different SessionID={1}

Cause: A user already authenticated in Oracle Identity Federation with a SessionID that is different from the one specified by the authentication engine

Action: Check the authentication engine implementation to be sure that it returns the correct SessionID.

Level: 1

Type: ERROR

Impact: Security

FED-18082: Authentication failed: requested authentication method could not be fulfilled by Identity Provider

Cause: The authentication mechanism needs to be set to fulfill the requested authentication method by Service Provider.

Action: Contact the Service provider and set the authentication mechanisms in the Oracle Identity Federation configuration for IdP.

Level: 1

Type: ERROR

Impact: Security

FED-18083: Authentication failed: unknown user attribute for Oracle Access Manager 11g authentication engine: {0}

Cause: The Oracle Identity Federation configuration specifies an unknown HTTP Header containing the UserID.

Action: Check the Oracle Identity Federation configuration for which HTTP Header used by Oracle Access Manager 11g to hold the UserID is specified.

Level: 1

Type: ERROR

Impact: Security

FED-18084: The Partner is not configured to use the Test SP Engine: {0}

Cause: The partner has not been configured to be used with the Test SP Engine.

Action: Configure the Partner.

Level: 1

Type: ERROR

Impact: Security