Wednesday, January 8, 2014

BAM-00404: Authentication failed. User is marked inactive.

Customer said unable to login to BAM


 ####<Jan 8, 2014 12:47:27 AM CST> <Notice> <Diagnostics> <host> <bam_server1> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (sel
f-tuning)'> <<WLS Kernel>> <> <350d4dae856e0ef9:2ce414fe:14355f34b38:-8000-000000000000bd06> <1389163647160> <BEA-320068> <Watch 'UncheckedException' with severity 'Notice' on server 'bam_server1' has triggered at Jan 8, 2014 12:47:27 AM CST. Notification details:
WatchRuleType: Log
WatchRule: (SEVERITY = 'Error') AND ((MSGID = 'WL-101020') OR (MSGID = 'WL-101017') OR (MSGID = 'WL-000802') OR (MSGID = 'BEA-101020') OR (MSGID = 'BEA-101017') OR (MSGID = 'BEA
-000802'))
WatchData: DATE = Jan 8, 2014 12:47:27 AM CST SERVER = bam_server1 MESSAGE = [ServletContext@345087967[app:oracle-bam module:OracleBAM path:/OracleBAM spec-version:2.5 version:1
1.1.1]] Servlet failed with Exception oracle.bam.common.security.authentication.AuthenticationException: BAM-00404: Authentication failed. User is marked inactive.
        at oracle.bam.adc.security.authentication.Authenticator.synchronizeUser(Authenticator.java:1147)
        at oracle.bam.adc.security.authentication.Authenticator.setUserContext(Authenticator.java:806)
        at oracle.bam.adc.kernel.server.DataStoreServer.setUserContext(DataStoreServer.java:476)
        at oracle.bam.adc.ejb.BamAdcServerBean.interceptor(BamAdcServerBean.java:261)
        at sun.reflect.GeneratedMethodAccessor544.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
        at com.oracle.pitchfork.intercept.JeeInterceptorInterceptor.invoke(JeeInterceptorInterceptor.java:68)

solution:
======
There was a note which my colleague found , it fixed the issue.

 1. Run the following script to reset the user login table.This needs to be done on BAM schema.

Do a check,

SQL> select GUID from Dev_ORABAM."SysIterUser";

GUID
--------------------------------------------------------------------------------
E4112BD05D4611E19F345DE83E5A62E5

UPDATE "SysIterUser" SET "SysIterUser"."GUID" = NULL,
"SysIterUser"."Inactive" = NULL;

After,
SQL> select GUID from DKENDO_ORABAM."SysIterUser";

GUID
--------------------------------------------------------------------------------


2. Reorder authentication providers and make the LDAP provider on the top of the list in WebLogic Server Console.

The second step was not needed in our case.

No comments:

Post a Comment