Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-1371

Backport Java agent 5 cookie based CDSSO PDP to allow this to work in situations where sticky load balancing is not allowed

    XMLWordPrintable

    Details

    • Improvement
    • Status: Closed
    • Resolution: Fixed
    • 4.2.0.0
    • Web Agents

      Description

      Post 4.1.0-25 Post data Preservation changes mean that the agent is interfering less with the post data. A consequence of that is that the mapping between URL and original saml request id is stored in a local file cache on one agent.
      This means that in a load balanced agent scenario, a load balancer cookie has to be set and observed by whatever is in front of the agent. Without this, the value cannot be retrieved leading to a 404 (file not found) error.

      The proposal is to provide an option to augment the file-based cache with a http-only encrypted cookie that can be used instead.

      This is similar to something used in java agent 5, and would use existing encryption libraries for encryption and decryption.

        Attachments

          Issue Links

            Activity

              People

              mareks Mareks Malnacs
              alex.levin@forgerock.com Alex Levin
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: