Sunday, April 06, 2014

OAMSSA-06252 after patching

Once upon a time..

you had a working environment with WebLogic, Access and Identity Management (or Discoverer, or ...) and all of a sudden things start failing.

Symptoms

You notice the dreaded OAMSSA-06252 (Policy Store not Available) while starting up, and start fearing the worst. Also, it seems as-if you cannot login to OAM management console anymore; your credentials are accepted, but you get an "Access Prohibited" error from OAM. Just resending the url (server:port/oamconsole) will get the console.

WLS security Patch 10.3.6.0.7 (WLS patch ID FCX7)

Then, you remember you rolled out Security patch 10.3.6.0.7 (Doc Id 1613601.1) a.k.a. WLS patch ID FCX7 last February. It turn out you need to reread the installation guide for OFM 11.1.2.2.0, in particular the Issues chapter!
Unfortunately, just applying the workaround mentioned in paragraph 2.1.7 is not enough.You must also apply paragraph 2.1.8, but change the "grant codebase" mentioned to:
// Due to patched WLS... FvB 4-apr-2014 grant codeBase "file:/oracle/middleware/patch_wls1036/patch_jars/-" { permission java.security.AllPermission; // original: permission java.lang.RuntimePermission "oracle.*","read"; };
Hope this helps.

Update October 2014 Patch

This issue, now described in another version of the manual, still exists for FSR2. Links altered to workong versions.

No comments: