Failed to distribute policy to PDP OracleIDM for catch exception oracle.security.jps.service.policystore.PolicyStoreException: JPS-04028

<oracle.jps.policymgmt> <JPS-10606> <Failed to distribute policy to PDP OracleIDM for catch exception oracle.security.jps.service.policystore.PolicyStoreException: JPS-04028: Application with name "cn=OAM11gApplication,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot" does not exist..>

Workaround:

  1. Remove the following properties from the jps-config.xml file after the installation with -C option from pdp.service instance properties.
    <property name="oracle.security.jps.pdp.AuthorizationDecisionCacheEnabled" value="false"/>               <property name="oracle.security.jps.ldap.policystore.refresh.interval" value="10000"/> 
    
  2. Add the following new property to pdp.service instance properties:
    <property name="oracle.security.jps.pd.client.PollingTimerInterval" value="10"/>
    

    The value is in seconds, set the appropriate value as required by Oracle Access Management. The changes must be made only for Oracle Identity Management installs like Oracle Identity Manager or Oracle Access Manager.

    The following is an example of a pdp.service instance in the jps-config.xml file after running the configSecurityStore command.

    <serviceInstance name="pdp.service" provider="pdp.service.provider">             <description>Runtime PDP service instance</description>             <property name="oracle.security.jps.runtime.pd.client.policyDistributionMode" value="mixed"/>             <property name="oracle.security.jps.runtime.instance.name" value="OracleIDM"/>             <property name="oracle.security.jps.runtime.pd.client.sm_name" value="OracleIDM"/>             <property name="oracle.security.jps.pdp.AuthorizationDecisionCacheEnabled" value="false"/>             <property name="oracle.security.jps.policystore.refresh.enable" value="true"/>             <property name="oracle.security.jps.ldap.policystore.refresh.interval" value="10000"/>         </serviceInstance> 
    

Leave a Reply

Your email address will not be published. Required fields are marked *