Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-208

Agent returns HTTP 500 internal error on logout page if com.sun.identity.agents.config.logout.url map is empty

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 5.0.0.0, 4.1.0
    • Component/s: Web Agents
    • Environment:

      Description

      Steps to reproduce:

      1. Set:

      com.forgerock.agents.config.logout.redirect.disable=true
      com.sun.identity.agents.config.agent.logout.url[0]=http://1350.example.com/sec/logout.html
      

      2. Remove all values from com.sun.identity.agents.config.logout.url

      3. Logout at http://1350.example.com/sec/logout.html.

      4. Delete iPlanetDirectoryPro from browser.

      5. Request http://1350.example.com/sec/logout.html again.

      Expected result:
      HTTP 200 on logout.html

      Actual result:
      HTTP 500.

      Debug log shows:

      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/apache/agent.c:782] amagent_auth_handler(): begin
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/config.c:1597] am_get_agent_config(): agent configuration read from a cache
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/apache/agent.c:551] get_method_num(): method GET (GET, 0)
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/apache/agent.c:560] get_method_num(): number corresponds to GET method
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:201] setup_request_data():
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:223] setup_request_data(): client ip: 192.168.56.1
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:261] setup_request_data(): client hostname: (empty)
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:269] setup_request_data(): original request url: http://1350.example.com/sec/logout.html
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:286] setup_request_data(): no token in query parameters
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:355] setup_request_data():
      method: GET
      original url: http://1350.example.com/sec/logout.html
      proto: http
      host: 1350.example.com
      port: 80
      path: /sec/logout.html
      query:
      complete: http://1350.example.com:80/sec/logout.html
      overridden: http://1350.example.com:80/sec/logout.html
      pathinfo:
      normalized (pathinfo removed): (empty)
      overridden (pathinfo removed): (empty)
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:370] validate_url():
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:382] validate_url(): request url validation feature is not enabled
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:390] handle_notification():
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:446] validate_fqdn_access():
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:466] validate_fqdn_access(): host name 1350.example.com is valid (maps to fqdn default: 1350.example.com)
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:802] validate_token():
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/utility.c:965] get_cookie_value(;): parsing cookie header: AMAuthCookie=AQIC5wM2LY4SfcwOoTHRkC-C85yPKc3jzjq7EcRkztjH68g.*AAJTSQACMDEAAlNLABM3MTA5ODgyOTczOTc2NTg2NzYzAAJTMQAA*; i18next=en-US; amlbcookie=01
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:893] validate_token(): sso token: (empty), status: success
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:527] handle_not_enforced():
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:578] handle_not_enforced(): http://1350.example.com:80/sec/logout.html is an application logout url (not enforced)
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:1026] validate_policy(): for http://1350.example.com:80/sec/logout.html (ignoring pathinfo: no), entry status: not found
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:1949] handle_exit(): (entry status: success)
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:1980] do_cookie_set(): logout resetting iPlanetDirectoryPro
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:1601] do_cookie_set_generic(): iPlanetDirectoryPro=;Max-Age=0;Expires=Thu, 01-Jan-1970 00:00:01 GMT;Domain=example.com;Path=/
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:1980] do_cookie_set(): logout resetting qwdqwd
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:1601] do_cookie_set_generic(): qwdqwd=;Max-Age=0;Expires=Thu, 01-Jan-1970 00:00:01 GMT;Domain=example.com;Path=/
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:1673] do_header_set(): clearing cn
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/process.c:1673] do_header_set(): clearing iam-roles
      2016-10-07 10:36:14.169 +0100   DEBUG [0x7fd7afd5a840:10804][source/apache/agent.c:846] amagent_auth_handler(): exit status: invalid argument (-9)
      

        Attachments

          Activity

            People

            • Assignee:
              mareks Mareks Malnacs
              Reporter:
              andrew.dunn Andrew Dunn [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: