Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-1087

RedirectCheckResultHandler does not work on wildfly/jboss JASPA 5

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.0.0.0
    • Fix Version/s: 5.0.0.0
    • Component/s: J2EE Agents
    • Labels:
    • Environment:
      Ubuntu 14.04 / jdk1.8.0_91 / wildfly-10.1.0.Final / JASPA:
      JBoss Server, Version: 5.0.0-SNAPSHOT, Build Date: 20170915

      Description

      RedirectCheckResultHandler does not work on wildfly/jboss JASPA 5.

      Steps to reproduce

      1.) Set Agent Profile / Global / General / Redirect Attempt Limit = 2
      2.) Hit the agent protected page, you will be redirected to AM login, but do NOT log in
      3.) Hit the same page again and one more time (3 times the same page [included step 2])

      Expected

      After hitting the page 3rd. time you will get 403

      Observed

      See AM login page after reached the redirection limit

      I can see in the wildfly log that AmFilter is checking redirection, but without result
      AmFilter: now processing: Redirect Check Result Handler

      compare to the tomcat where this works as expected I can see on 2nd. attempt:

      >2017-09-19 09:44:45:291 AM BST: http-nio-8080-exec-6/5/main
      AmFilter: now processing: Redirect Check Result Handler
      >2017-09-19 09:44:45:325 AM BST: http-nio-8080-exec-6/5/main
      WARNING: RedirectCheckResultHandler: redirect number 1 for http%3A%2F%2Friso-ubuntu16.test.forgerock.com%3A8080%2Ffrqa%2FsunwCDSSORedirectURI resulted in same redirect
      

      and on 3rd. attempt

      >2017-09-19 09:44:52:838 AM BST: http-nio-8080-exec-7/5/main
      AmFilter: now processing: Redirect Check Result Handler
      >2017-09-19 09:44:52:872 AM BST: http-nio-8080-exec-7/5/main
      WARNING: RedirectCheckResultHandler: redirect attempt limit reached for http%3A%2F%2Friso-ubuntu16.test.forgerock.com%3A8080%2Ffrqa%2FsunwCDSSORedirectURI, access denied
      

      Whole logs are in attachment.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              tony.bamford Tony Bamford
              Reporter:
              richard.hruza Richard Hruza
              QA Assignee:
              Richard Hruza Richard Hruza
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: