Email Notification not working for OTP through Email option in Adaptive Authentication Service

Email Notification not working for OTP through Email option in Adaptive Authentication Service

After configuring Second Factor Authentication, the end user receives the following error after selecting the email to complete the Second Factor Authentication:

“System error. Please re-try your action. If you continue to get this error, please contact the Administrator.”

Email Notification not working for OTP through Email option in Adaptive Authentication Service 300x216 Email Notification not working for OTP through Email option in Adaptive Authentication Service

 

 

 

 

 

 

 

 

The Oracle Access Manager (OAM) logs show the following error ,

[2016-09-06T13:35:12.150+04:00] [oam_server1] [ERROR] [] [oracle.oam.plugin] [tid: [ACTIVE].ExecuteThread: ’0′ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: <anonymous>] [ecid: 9e382a2714d462f3:-6c0024d2:1561bc2f805:-8000-0000000000607729,0] [APP: oam_server#11.1.2.0.0] Error sending OTP[[

javax.xml.ws.WebServiceException: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Message send failed: Connection refused

        at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:880)

        at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.synchronousInvocationWithRetry(OracleDispatchImpl.java:235)

        at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.invoke(OracleDispatchImpl.java:106)

        at oracle.j2ee.ws.client.jaxws.WsClientProxyInvocationHandler.invoke(WsClientProxyInvocationHandler.java:254)

        at com.sun.proxy.$Proxy169.send(Unknown Source)

        at oracle.ucs.messaging.ws.MessagingClient.send(MessagingClient.java:299)

        at oracle.security.am.sfa.messenger.UMSMessengerBase.sendMessage(UMSMessengerBase.java:297)

        at oracle.security.am.sfa.messenger.UMSMessengerBase.send(UMSMessengerBase.java:259)

        at oracle.security.am.sfa.processor.SFAEmailProcessor.send(SFAEmailProcessor.java:194)

        at oracle.security.am.sfa.plugin.AbstractOAMSFAPlugin.process(AbstractOAMSFAPlugin.java:287)

        at oracle.security.am.engine.authn.internal.executor.PlugInExecutor.execute(PlugInExecutor.java:204)

        at oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor.execute(AuthenticationSchemeExecutor.java:113)

        at oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl.validateUser(AuthenticationEngineControllerImpl.java:269)

        at oracle.security.am.engines.enginecontroller.AuthnEngineController.authenticateUser(AuthnEngineController.java:986)

        at oracle.security.am.engines.enginecontroller.AuthnEngineController.processEvent(AuthnEngineController.java:341)

        at oracle.security.am.controller.MasterController.processEvent(MasterController.java:596)

        at oracle.security.am.controller.MasterController.processRequest(MasterController.java:788)

        at oracle.security.am.controller.MasterController.process(MasterController.java:708)

        at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLFlowManager.java:209)

        at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.java:147)

        at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.java:107)

        at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServlet.java:217)

        at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java:173)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)

        at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)

        at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)

        at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)

        at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)

        at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

        at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:138)

        at java.security.AccessController.doPrivileged(Native Method)

        at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)

        at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:464)

Issue

This issue is due to the missing attribute  UmsClientUrl in Adaptive authentication plugin.

If your environment is not clustered and SOA server is installed on the OAM server, you will not get this error. By default , UmsClientUrl is generated as http://localhost:8001/ucs/messaging/webservice . In my case , SOA was running on a different server and when I updated the hosts entry to point localhost to SOA server IP , Email notification is working fine.

Follow the below steps to update the UmsClientUrl in the adaptive Authentication Plugin.

 Resolution

  1. Navigate to <OAM-Domain>/config/fmwconfig
  1. Take the backup of oam-config.xml file

1 300x37 Email Notification not working for OTP through Email option in Adaptive Authentication Service

 

 

3. Add the attribute manually to oam-config.xml

<Setting Name=”18″ Type=”htf:map”>Setting Name=”name” Type=”xsd:string”>UmsAvailable</Setting><Setting Name=”type” Type=”xsd:string”>string</Setting>

<Setting Name=”length” Type=”xsd:integer”>50</Setting>

<Setting Name=”mandatory” Type=”xsd:boolean”>false</Setting>
<Setting Name=”instanceOverride” Type=”xsd:boolean”>false</Setting>
<Setting Name=”globalUIOverride” Type=”xsd:boolean”>false</Setting>
<Setting Name=”value” Type=”xsd:string”>true</Setting>
</Setting>
<Setting Name=”19″ Type=”htf:map”>
<Setting Name=”name” Type=”xsd:string”>UmsClientUrl</Setting>
<Setting Name=”type” Type=”xsd:string”>string</Setting>
<Setting Name=”length” Type=”xsd:integer”>100</Setting>
<Setting Name=”mandatory” Type=”xsd:boolean”>false</Setting>
<Setting Name=”instanceOverride” Type=”xsd:boolean”>false</Setting>
<Setting Name=”globalUIOverride” Type=”xsd:boolean”>false</Setting>
<Setting Name=”value” Type=”xsd:string”></Setting>
</Setting>

4.Increase the oam-config.xml version ( <Setting Name=”Version” Type=”xsd:integer”>546</Setting>) and restart oam managed server

5. Set the value for  UMSclientURL field in Adaptive authentication plugin

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>