Support Tip: OAuth userinfo endpoint exception if the userDN has more than than 128 chars

COEST

0 Likes

over 2 years ago

Summary

<amLogEntry seq="6577" d="2020-08-03T15:23:14Z" lg="Application" lv="DEBUG" th="82" ><msg>Method: JNDILogEventListener.accept Thread: https-jsse-nio-10.3.205.112-8443-exec-1 Exception while attempting to get a user store object!</msg></amLogEntry>

Environment

Access Manager 4.5.2
Access Manager 4.5.3
Access Manager 4.5.4
Access Manager 5.0
Access Manager 5.0.1
IDP server acting as OAuth authorization server
OAuth application client using the Authorization Code Flow

Situation

Example user DN: DUS Dir Generated System Information Automations - Duisburg,ou=Ruhrgebiet,ou=Nordrhein-Westfalen,ou=Germany,ou=Users,o=NetIQ

This userDN gets corrupted / concatenated with the GIUD of the userTarget object dn: cn=klaus.gast,ou=DUS Dir Genenrated System Information Automations - Duisburg,ou=Ruhrgebiet,ou=Nordrhein-Westfalen,ou=Germany,ou=Users,o=NetIQ005e30f398d5ea11ae16000c29501ebc Acting as: cn=klaus.gast,ou=DUS Dir Gen System Information Automations - Duisburg,ou=Ruhrgebiet,ou=Nordrhein-Westfalen,ou=Germany,ou=Users,o=NetIQ005e30f398d5ea11ae16000c29501ebc leading into a JAVA Exception while running an LDAP search for this DN

Resolution

This issue has been addressed to engineering and will be fixed with Access Manager 5.0 SP2

Access support article here: https://portal.microfocus.com/s/article/KM000001868?language=en_US

Tags:

NetIQ Access Manager

access manager

Labels:

Support Tip

Comment List

Recommended

Menu

Access Manager Tips & Information

Support Tip: OAuth userinfo endpoint exception if the userDN has more than than 128 chars

Tags:

Labels:

Resources