We had a production issue in applying SAML authentication to a weblogic managed server. We have deleted and then recreated the providers but when selecting the management page for the SAMLIdentityAsserter, we had the following error:
The logs showed the following errors:
“<BEA-000000> <Detected possible orphaned
reference to deleted object “beaSAML2EndpointBindingLocation=”
” <BEA-240003> <Console encountered the following
A this stage we could not create new Web Single Sign-On Identity Provider Partners of the same name as the deleted ones as they already exist and we could not create them with a different name either due to the above errors.
This actually transpired to be an Oracle bug:
Bug 12712810 – NPE AFTER DELETING A PARTNER IN THE SAML2 PROVIDER CONFIGURATION IN THE CONSOLE
“The NPE issue reported by this bug when using the embedded LDAP”
“Closed this bug as workaround available – using RDBMS for SAML2.”
“This might be caused by the operation of deleting Identity Provider Partners.”
We did not want to use RDBMS for our security store, we wanted to keep the embedded LDAP store. So We found an alternative work around:
1.Rename embedded LDAP directory for backup point
3.Reapply SAML2 Identity Provider configuration
This worked in our case as the only information in the embedded LDAP store was related to the SAML providers we were trying to set up. If your system has other information in this store, make sure you have enough information to rebuild the LDAP store. An untested option may be to use the export and import utility.
If you have encountered this bug and have questions or another solution, please let us know.