OVD and BPM Workspace Integration: Fix Login Problem

| February 16, 2014 | 14 Comments

WebLogic Version: 10.3.6
BPM Version:
SOA Version:
OVD Version:

Error Code: ORABPEL-10585

When you try to integrate OVD(Oracle Virtual Directory) to your SOA-BPM WebLogic domain and cannot login with some OVD users, not all of them, probably the problem is about your GUID settings.


I’ve manually called SOA Identity webservice for my OVD user, and got the xml response with well formatted. But for other users which could not login to BPM Workspace, the xml response format was not well formatted.

If that is the case, please make sure Auth Provider is configured to provide a valid GUID attribute, as configured on the Authentication Provider:

Assuming the Auth Provider is returning the attribute please make sure the mapping is configured on the jps-config.xml as follows:

Screen Capture:

WebLogic Secruity Provider Settings

WebLogic Secruity Provider Settings

When you have problem to login BPM Workspace and Worklistapp, contact to me. There are too many settings and tricks for this. 

Relevant ERROR Logs:




[soa_server1] [NOTIFICATION] [] [oracle.bpm.common] [tid: [ACTIVE].ExecuteThread: ’0′ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: weblogic] [ecid: c9c52540314b4338:5f338bb1:1405bc9d80e:-8000-00000000000013dc,0] [APP: OracleBPMWorkspace] [DSID: 0000K1Rp1CLDc_04jz5Eio1I0kIH000007] Operation exception.[[
javax.security.auth.login.LoginException: Operation exception.
at oracle.bpm.papi.ora.mgr.OrganizationManager.lookupParticipant(OrganizationManager.java:61)
at oracle.bpm.papi.ora.mgr.OrganizationManager.lookupParticipant(OrganizationManager.java:41)





    Share admineer resources...


Category: BPM, Middleware, OVD, SOA, WebLogic

About the Author ()

M.Fevzi Korkutata: Deep level technical consultant... Oracle ACE in Middleware & SOA expertise. His specialty is large scale and mission critical live production systems and like to work as DevOps. He knows all kind of application servers and its environments. Software product development, operation management, design, implementation, integration... etc. Korkutata working as "Application and Infrastructure Architect"... Likes to work and communicate internationally, stay connected :)

Comments (14)

Trackback URL | Comments RSS Feed

  1. Smitha says:

    I have set up AD LDS in a domain and facing ErrorLog-5 mentioned above. What is the solution for it?

    • It’s generally about SOA Identity webservice call for the login. Call the webservice manually and let me know the result. Have you enabled “virtualize=true”? By the way, you’re using AD LDS, so you may not have objectGuid property, in this case, map another existing property in your weblogic console.

      • Smitha says:

        HI Fevzi,

        Result of SOA Identity webservice call
        Operation: authenticate user


        • Smitha says:

          If you are upgrading to PS6 from a lower version, you need to change in adapters.os_xml (/fmw11g/fmw1117/Middleware/user_projects/domains/soa_domain/config/fmwconfig/ovd/default) to for any LDAP Authenticator.

        • Smitha says:

          If you are upgrading to PS6 from a lower version, you need to change in ‘param name=”mapAttribute” value=”orclguid=orclguid”‘ adapters.os_xml to ‘param name=”mapAttribute” value=”orclguid=objectGUID”‘ (/fmw11g/fmw1117/Middleware/user_projects/domains/soa_domain/config/fmwconfig/ovd/default) to for any LDAP Authenticator.

        • Smitha says:

          If you are upgrading to PS6 from a lower version, you need to change ‘param name=”mapAttribute” value=”orclguid=orclguid”‘ in adapters.os_xml to ‘param name=”mapAttribute” value=”orclguid=objectGUID”‘ (/fmw11g/fmw1117/Middleware/user_projects/domains/soa_domain/config/fmwconfig/ovd/default) for any LDAP Authenticator.

  2. Smitha says:

    I have enabled “virtualize=true”. It works on PS5 but not on PS6.

  3. John Mascarenhas says:


    I have a similar issue. What is the solution.

  4. Bhaswati Sengupta says:

    I have configured a LDAP authenticator to connect to a AD LDS. I was getting Log 5 when I was trying to log into BPM workspace using a AD user.

    I have set the value
    PROPERTY_ATTRIBUTE_MAPPING as GUID=objectGUID in em console–>Security Config–>Identity Store Configuration.

    Also in my LDAP Authenticator the GUID value has been provided as objectGUID.

    Now I am able to log into BPM using a AD user. But I am not able to do that using weblogic user. I am getting Log 5 entries again

    • Can you able to login WebLogic console with LDAP user? If yes, try to create new JPS config by using EM console.

      • Bhaswati Sengupta says:

        Yes, I am able to log in to Weblogic console using LDAP user as well as weblogic user.

        How can I create a new JPS config file. I have added parameters i. virtualize : true
        to it from em console–>Weblogic Domain –>rt click on the domain name–>Security–>Security Provider Configuration–>Identity Store Provider–>Configure.

        However I have not created a new one from em console. Please let me know how to do this.

        • Bhaswati Sengupta says:

          These errors were coming previously for a AD user when I logged in from BPm console. On adding GUID=objectGUID for PROPERTY_ATTRIBUTE_MAPPING and adding objectGUID in the open LDAP Auth provider I have created, these were removed for an AD user.

          Now i have them coming for weblogic user.

Leave a Reply

Your email address will not be published. Required fields are marked *