Details

    • Type: Improvement
    • Status: Open
    • Resolution: Unresolved
    • Fix Version/s: None
    • Component/s: Web Agents
    • Labels:

      Description

      AM expects the agent to use this with WebSocket upgrade.

      The NotificationsWebSocketFilter servlet that AM uses, if the cookie does not match what AM expects or is null it will throw a 403 or 401 and an exception is thrown (IdRepoException / SSOException). Not every customer is going to know where to look for this (it's not documented AM side) if the agent fails websocket valiidation. In the agent validator log, this will just show a generic WebSocket error based on this result (unauthZ/forbidden). While the issue is just simple reading of a log file, it avoids going through noisy files where it can be missed on first glance.

      We can provide a quick resolution to the user for this if we show there is a mismatch.
      Considering we the "cookIeName":"x" in the response from AM. It should be possible to compare this against com.sun.identity.agents.config.cookie.name and throw an error if they do not match to make it obvious to the user.

        Attachments

          Activity

            People

            • Assignee:
              spareyc Charles Sparey
              Reporter:
              jeremy.cocks Jeremy Cocks
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: