Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-121

Web Agent not updating headers when AM Session Attributes are changed

    XMLWordPrintable

    Details

      Description

      Changes to AM Session Attributes are not being reflected in the Web Agents headers like the J2EE Agents provide.

      User A logs into through a protected URL … we have a custom auth module that, if the user has multiple account numbers in DB, displays a selection screen with all account numbers

      Once User A selects the account number (eg. Account Number # 1) we store that in an OpenAM Session called CUSTACCT

      The user is redirected to the the protected URL and the WebAgent populates CUST ACCT in the headers, which is accessible to customer’s protected web app

      User A decides they want to look at information from Account Number #2

      They click on a link to our account chooser.jsp (same logic as custom auth module) user selects account # 2 and JSP makes rest call to update openam session

      User A returns to previous page (page is reloaded)

      User A still sees account number # 1 on the page that is reading from the headers

      Currently the webagent removes cached user data (session/policy) on a new NotificationSet from AM with state="destroyed" in it or when cache TTL (set again by AM) times out.

      This is a request to update web agent cache when a new NotificationSet that is not in state="destroyed" but also in state="vaild".

      If a Session based attribute gets changed, the agent should refresh it's cache and update the headers/cookie as seen in the J2EE agent

        Attachments

          Activity

            People

            Assignee:
            mareks Mareks Malnacs
            Reporter:
            david.bate David Bate
            Votes:
            2 Vote for this issue
            Watchers:
            7 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: