Identity ********** of type user not found

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Identity ********** of type user not found

Fabio Falcone

I'm using OpenAM 12 with a custom authentication module which authenticates users against an external service (a servlet) therefore users are not in OpenDJ. Therefore I removed "OpenDJ" from the Data Stores list and set "User Profile=Ignored". Then I set up a policy allowing all authenticated users accessing the resource. When I perform a test I'm successfully authenticated (a user session is created) but the agent denies the access (403 Forbidden) and the agent debug log says:

 

<Exception>

Identity john_smith of type user not found.

Identity john_smith of type user not found.

</Exception>

 

Do you have a clue to solve this?


_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: Identity ********** of type user not found

Bernhard Thalmayr
'User Profile' setting is related to  authentication not authorization.

The error/warning may even happen when a user data store is present
(it's searching for a specific type). I doubt this is the root cause oth
failing authorization.

You need to check OpenAM Authorization debug log why the policy request
does not allow the user to access the protected resource.

It could also be that the Agent can not bootstrap correctly, then it
will also deny by default.

-Bernhard

Am 08/04/16 um 15:46 schrieb Fabio Falcone:

> I'm using OpenAM 12 with a custom authentication module which
> authenticates users against an external service (a servlet) therefore
> users are not in OpenDJ. Therefore I removed "OpenDJ" from the Data
> Stores list and set "User Profile=Ignored". Then I set up a policy
> allowing all authenticated users accessing the resource. When I perform
> a test I'm successfully authenticated (a user session is created) but
> the agent denies the access (403 Forbidden) and the agent debug log says:
>
>  
>
> <Exception>
>
> Identity john_smith of type user not found.
>
> Identity john_smith of type user not found.
>
> </Exception>
>
>  
>
> Do you have a clue to solve this?
>
>
>
> _______________________________________________
> Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
> OpenAM mailing list
> [hidden email]
> https://lists.forgerock.org/mailman/listinfo/openam
>


--
Painstaking Minds
IT-Consulting Bernhard Thalmayr
Herxheimer Str. 5, 83620 Vagen (Munich area), Germany
Tel: +49 (0)8062 7769174
Mobile: +49 (0)176 55060699

[hidden email] - Solution Architect
http://www.xing.com/profile/Bernhard_Thalmayr
http://de.linkedin.com/in/bernhardthalmayr

This e-mail may contain confidential and/or privileged information.If
you are not the intended recipient (or have received this email in
error) please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam