Tuesday, October 15, 2013

Difference on Getting Error Code from OAM ECC and DCC

In case of OAM authentication failures, the OAM server will send the error codes back to the client. It's up to the client to decide what actual error message needs to be displayed on different types of authentication failures. For the list of the standard error codes, you can refer to here. To getting the error code on the client side, they are different based on whether it's ECC or DCC authentication. I have not found this difference documented in anywhere yet. So I am putting it in this blog post.

DCC (Detached Credential Collector) is introduced in OAM 11gR2. ECC is embedded credential collector. My previous post has described its concept and advantages, so I will not repeat it here.

For ECC, the link above also shows a code snippet to get the error code parameter "p_error_code". The error code is returned back as one of the request parameters on the browser URL. So it can be accessed by calling request.getParameter("p_error_code").

 <%@page import="mytest.error.ExampleErrorMsg"%>  
  //initializing the messageBundle first  
  String defaultResourceBundle = "mytest.error.ExampleErrorMsg";  
  java.util.Locale myLocale = request.getLocale();  
  ResourceBundle msgBundle=  
  ResourceBundle.getBundle(defaultResourceBundle,myLocale);  
 String errCode = request.getParameter("p_error_code");  
 String secondaryErrMessage = request.getParameter("p_sec_error_msg");  
  <%  
     if(errCode != null && errCode.length() > 0) {  
      try {  
        simpleMessage = msgBundle.getString(errCode);  
      } catch(Exception e) {  
        //get the default authn failed message  
        simpleMessage = msgBundle.getString("OAM-8");  
      }  
  %>  
  <div class="message-row">   
    <p class="loginFailed"> <%=simpleMessage%> </p>   
  </div>  


For DCC, it's not returned on the request parameter but on the request header. Actually there is no request parameter returned at all for DCC, as the returned url is "http://host:port/oam/server/auth_cred_submit" with no actual parameters, in case of authentication failure. To get the error code from the request header, simply by:

 String errCode = request.getHeader("p_error_code");  

1 comment:

PriKe said...

Thank you for this... :-)