Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-2070

AM_AGENT_REST_LOGIN does not work with AM 6

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.2.0.0, 4.1.0-30
    • Fix Version/s: 4.2.0.0
    • Component/s: None
    • Labels:
    • Target Version/s:
    • Support Ticket IDs:

      Description

      Running AM_AGENT_REST_LOGIN=5 does not work with AM 6 and it fails with the following exception

      2018-10-22 13:30:22.788 +0800 DEBUG [0x7f39a6ffd700:14411][source/net_ops.c:323] send_restlogin_request(): sending 351 bytes to http://openam.internal.example.com:8080/openam/json/authenticate?realm=%2F&authIndexType=module&authIndexValue=Application
      2018-10-22 13:30:22.794 +0800 DEBUG [0x7f39a6ffd700:14411][source/net_ops.c:343] send_restlogin_request(): response status code: 403

      what is odd is that running an external rest call to test the connection works

      curl -s -k --request POST --header "X-OpenAM-Username: $user" --header "Accept-API-Version: resource=2.0, protocol=1.0" --header "X-OpenAM-Password: $password" --header "Content-Type: application/json" "$openam/openam/json/realms/root/authenticate?authIndexType=module&authIndexValue=Application"

      It is suspected that AM 6 now needs an additional header which the Agent 4.x does not cater

      Access Management 6 includes a new CSRF filter that applies to all REST endpoints under the json/ root. It requires that all requests other than GET, HEAD, and OPTIONS have, at least, one of the following headers:
      X-Requested-With
      Accept-API-Version
      

       

        Attachments

          Activity

            People

            • Assignee:
              mareks Mareks Malnacs
              Reporter:
              sam.phua Sam Phua
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: