7 Oracle Adaptive Access Manager

This chapter describes issues associated with Oracle Adaptive Access Manager. It includes the following topics:

• General Issues and Workarounds

• Multi-Language Support Issues and Limitations

• Documentation Errata

7.1 General Issues and Workarounds

This section describes general issues and workarounds.

The following topics are included:

• Section 7.1.1, "Search for Device by Last Used On and with Registered Set as True Filters Returns No Results"

• Section 7.1.2, "ADF Exceptions When Starting the Admin and OAAM Admin Servers"

• Section 7.1.3, "OAAM Admin Log Contains Stack Trace of Canceling a Temporary Allow"

• Section 7.1.4, "Warnings and Error When Logging Out of the OAAM Admin Console"

• Section 7.1.5, ""Last Used On" Column Does Not Sort in Fingerprint Details Page"

• Section 7.1.6, "Altering the Schedule Parameters Does Not Affect Next Recurrence"

7.1.1 Search for Device by Last Used On and with Registered Set as True Filters Returns No Results

If you go to the OAAM Admin Console Sessions page, User Details, and Device tab, and search for a device by Last Used On date range, no results are returned if Registered is set as True.

7.1.2 ADF Exceptions When Starting the Admin and OAAM Admin Servers

After installing the Identity and Access Management Suite, ADF exceptions may appear in the OAAM output log when you start the Administration and OAAM Admin Servers. These exceptions do not impact functionality.

7.1.3 OAAM Admin Log Contains Stack Trace of Canceling a Temporary Allow

When you cancel a Temporary Allow, stack traces similar to the following example may appear in the OAAM Admin server log:

[2014-03-11T17:05:56.816-07:00] [oaam_admin_server1] [NOTIFICATION] []
[oracle.oaam] [tid: [ACTIVE].ExecuteThread: '4' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: csrm1] [ecid:
0000KInb1oEF0FGpIwH7if1J5wtY0001bm,0] [APP: oaam_admin#11.1.2.0.0] [DSID:
0000KIn_KpSF0FGpIwH7if1J5wtY0001_i] removeOverride().
vtUser=localUserId={10001}
extUserId={6_df4102a6a41ad6fed09942c3b1cf05a5a45796ab92436adf9bb6ee0c99965a1a}
 
@ loginId={usercsr} groupId={1} isValid={true} createTime={Fri Mar 07
16:17:38 @ PST 2014} updateTime={Tue Mar 11 17:05:41 PDT 2014} firstLoginTime={Fri Mar 07 16:17:38 PST 2014} notes={null} cache={G:84|O:2=2,1=2|F:10001=10003,10002=10003,10006=10007,10007=10007} , runtime=1, action=Block[[java.lang.Throwable 
at com.bharosa.vcrypt.dataaccess.util.VCryptCacheUtil.removeOverride(VCryptCacheUtil.java:204) 
at com.bharosa.vcrypt.tracker.rules.util.RulesUtil.removeFromUserCache(RulesUtil.
java:692)
at com.bharosa.vcrypt.tracker.rules.util.RulesUtil.deleteOverride(RulesUtil.java:728) at com.bharosa.vcrypt.tracker.rules.util.RulesUtil.clearOverrides(RulesUtil.java: 405) 
at com.bharosa.vcrypt.tracker.rules.util.RulesUtil.clearOverrides(RulesUtil.java: 394) 
at com.bharosa.vcrypt.customercare.CaseActions.clearTempAllow(CaseActions.java:31
5)
at oracle.oaam.server.admin.cases.impl.CustomerCareManagerImpl.actOnCase(Customer CareManagerImpl.java:4015)
at oracle.oaam.server.admin.cases.impl.CustomerCareManagerImpl.performCaseAction(CustomerCareManagerImpl.java:3851)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.oaam.server.admin.impl.AdminInterceptorProxy.invoke(AdminInterceptorProxy.java:74)
at $Proxy131.performCaseAction(Unknown Source)
at oracle.oaam.model.customercare.uview.CaseActionVOImpl.doCaseAction(CaseActionVOImpl.java:344)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

The stack trace does not impact functionality.

7.1.4 Warnings and Error When Logging Out of the OAAM Admin Console

When you try to log out of the OAAM Administration Console, you might encounter warnings and an error similar to the following example in the Oracle Adaptive Access Manager server log:

[2014-02-21T15:50:28.689-08:00] [oaam_admin_server1] [WARNING]
[ADF_FACES-00007] [oracle.adf.view.rich.render.RichRenderer] [tid:
[ACTIVE].ExecuteThread: '11' for queue: 'weblogic.kernel.Default
(self-tuning)'] [userId: ruleAdmin1] [ecid:
0000KHMqrkmF0FGpIwH7if1J1y0Q00006I,0] [APP: oaam_admin#11.1.2.0.0] [DSID:
0000KHMpfB5F0FGpIwH7if1J1y0Q000068] Attempt to synchronized unknown key:
viewportSize.
[2014-02-21T15:50:28.726-08:00] [oaam_admin_server1] [WARNING] []
[oracle.adf.share.ADFContext] [tid: [ACTIVE].ExecuteThread: '17' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: ruleAdmin1] [ecid:
0000KHMqrlqF0FGpIwH7if1J1y0Q00006J,0] [APP: oaam_admin#11.1.2.0.0] [DSID:
0000KHMpfB5F0FGpIwH7if1J1y0Q000068] Automatically initializing a
DefaultContext for getCurrent.[[
Caller should ensure that a DefaultContext is proper for this use.
Memory leaks and/or unexpected behaviour may occur if the automatic
initialization is performed improperly.
This message may be avoided by performing initADFContext before using
getCurrent().
For more information please enable logging for oracle.adf.share.ADFContext at
FINEST level.
]]
[2014-02-21T15:50:28.728-08:00] [oaam_admin_server1] [WARNING] []
[oracle.adf.share.http.ServletADFContext] [tid: [ACTIVE].ExecuteThread: '17'
for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ruleAdmin1]
[ecid: 0000KHMqrlqF0FGpIwH7if1J1y0Q00006J,0] [APP: oaam_admin#11.1.2.0.0]
[DSID: 0000KHMpfB5F0FGpIwH7if1J1y0Q000068] Found
oracle.adf.share.DefaultContext sticking to oldContext, while the current
application is oaam_admin(11.1.2.0.0)
[2014-02-21T15:50:28.741-08:00] [oaam_admin_server1] [WARNING] []
[oracle.adf.share.http.ServletADFContext] [tid: [ACTIVE].ExecuteThread: '17'
for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: ruleAdmin1]
[ecid: 0000KHMqrlqF0FGpIwH7if1J1y0Q00006J,0] [APP: oaam_admin#11.1.2.0.0]
[DSID: 0000KHMpfB5F0FGpIwH7if1J1y0Q000068] Found
oracle.adf.share.DefaultContext sticking to oldContext, while the current
application is oaam_admin(11.1.2.0.0)
[2014-02-21T15:50:28.743-08:00] [oaam_admin_server1] [ERROR] []
[oracle.adf.share.ADFContext] [tid: [ACTIVE].ExecuteThread: '17' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: <WLS Kernel>] [ecid:
0000KHMqrlqF0FGpIwH7if1J1y0Q00006J,0] ADF detected an ADFContext leak.[[
Please see the documentation for more information about handling ADFContext
leaks.
For more information about the leaking ADFContext please enable logging for
oracle.adf.share.ADFContext at FINEST level. 

The OAAM Server log is located in the following directory:

WL_HOME/user_projects/domains/domainName/servers/serverName/logs/serverName-diagnostic.log

You can ignore the warnings and error. They do not impact any functionality.

7.1.5 "Last Used On" Column Does Not Sort in Fingerprint Details Page

Due to a bug, you cannot sort on the "Last Used On" column for the tabs in the Fingerprint Detail.

7.1.6 Altering the Schedule Parameters Does Not Affect Next Recurrence

Altering the schedule parameters of a Scheduled Task does not have any effect for the next recurrence if the start date/time is not changed.

7.2 Multi-Language Support Issues and Limitations

This section describes multi-language support issues and limitations. It includes the following topics:

• Section 7.2.1, "OAAM Admin Console Is Non-Responsive When an Unsupported Language is Set in the Browser"

• Section 7.2.2, "Save Search in Properties Page Fails with Some Thai Characters"

7.2.1 OAAM Admin Console Is Non-Responsive When an Unsupported Language is Set in the Browser

When an unsupported language is set in the browser, the OAAM Admin Console may become non-responsive and the Navigation Tree menu and toolbar may not be displayed.

7.2.2 Save Search in Properties Page Fails with Some Thai Characters

When you try to save a search in a properties page with a name containing Thai characters that are in \u0E31 or \u0e35 format, an error similar to the following example may appear in the server log file:

<Error> <oracle.adfinternal.view.faces.config.rich.RegistrationConfigurator>
<BEA-000000> <ADF_FACES-60096:Server Exception during PPR, #1
oracle.jbo.JboException: JBO-29114 ADFContext is not setup to process
messages for this exception. Use the exception stack trace and error code to
investigate the root cause of this exception. Root cause error code is
JBO-29000. Error message parameters are
{0=oracle.xml.parser.v2.XMLDOMException, 1=invalid character \u0e35 in name}
at oracle.jbo.server.Serializer.passivate(Serializer.java:270)
at oracle.jbo.server.DBSerializer.passivateRootAM(DBSerializer.java:293)
at oracle.jbo.server.DBSerializer.passivateRootAM(DBSerializer.java:268) 

7.3 Documentation Errata

This section contains documentation errata for Oracle Fusion Middleware Administering Oracle Adaptive Access Manager.

7.3.1 Table and Column Combinations Needed to Derive Email/SMS Challenges for Specified Time

To derive email/SMS challenges for a specified time, use the VT_SESSION_ACTION_MAP table and action and action_list columns.

In VT_SESSION_ACTION_MAP table, the actions and actions list are stored in the following action and action_list columns:

DB name	Data type	Description
MAP_ID	NOT NULL NUMBER(16)	Map ID
CREATE_TIME	TIMESTAMP(6)	Date/time of the creation of the object
RUNTIME_TYPE	NOT NULL NUMBER(6)	Type of runtime
ACTION	VARCHAR2(256)	Actions for this runtime and session
ACTION_LIST	VARCHAR2(256)	List of action.

To obtain the actions for a given time range, use create_time.

To obtain actions for the challenge runtime, filter by runtime_type = number_for challenge_runtime.