Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-3530

naming.url is case sensitive

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.5.0.0, 5.6.2.1, 5.6.3, 5.7.0
    • Fix Version/s: 5.6.3.1, 5.7.0
    • Component/s: Web Agents
    • Labels:
    • Environment:

      Description

      Naming.url is case sensitive in the domain portion when it shouldn't be as per:
      https://tools.ietf.org/html/rfc4343

      Reproduce: set naming URL x.localtest.me to x.LOCALTEST.ME
      Bootstrap Agent --> it fails.

      bash-4.2# cat /dev/null > debug.log 
      bash-4.2# httpd -k graceful && tail -f debug.log 
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/apache/agent.c:802) amagent_auth_handler(): begin
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/utility.c:1406) am_timer(): getaddrinfo took 0 seconds
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/net.c:71) connection status: 115
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/net.c:115) net_connect(): connected to openam.LOCALTEST.me:8080 (IPv4)
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/sdk_base.c:180) http request to openam.LOCALTEST.me:8080
      GET /openam/json/realms/root/serverinfo/* HTTP/1.1
      Host: openam.LOCALTEST.me:8080
      User-Agent: OpenAM Web Agent/5.6.3-RC3
      Accept: application/json
      Connection: Close
      Content-Type: application/json; charset=UTF-8
      Accept-API-Version: resource=1.1
      X-ForgeRock-TransactionId: 0b6ad681-df4b-b4cf-4a70-2e15eb148171/1
      
      
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/sdk_base.c:222) http response 200 from openam.LOCALTEST.me:8080
      X-Frame-Options: SAMEORIGIN
      Cache-Control: no-cache
      Content-API-Version: resource=1.1
      ETag: "-1619752382"
      X-Content-Type-Options: nosniff
      Content-Type: application/json;charset=UTF-8
      Content-Length: 528
      Date: Mon, 08 Jun 2020 16:26:50 GMT
      Connection: close
      {"_id":"*","_rev":"-1619752382","domains":["localtest.me"],"protectedUserAttributes":[],"cookieName":"iPlanetDirectoryPro","secureCookie":false,"forgotPassword":"false","forgotUsername":"false","kbaEnabled":"false","selfRegistration":"false","lang":"en-US","successfulUserRegistrationDestination":"default","socialImplementations":[],"referralsEnabled":"false","zeroPageLogin":{"enabled":false,"refererWhitelist":[],"allowedWithoutReferer":true},"realm":"/","xuiUserSessionValidationEnabled":true,"fileBasedConfiguration":false}
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/utility.c:1406) am_timer(): getaddrinfo took 0 seconds
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/net.c:71) connection status: 115
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/net.c:115) net_connect(): connected to openam.LOCALTEST.me:8080 (IPv4)
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/sdk_base.c:180) http request to openam.LOCALTEST.me:8080
      POST /openam/json/realms/root/authenticate?authIndexType=Module&authIndexValue=Application HTTP/1.1
      Host: openam.LOCALTEST.me:8080
      User-Agent: OpenAM Web Agent/5.6.3-RC3
      Content-Type: application/json; charset=UTF-8
      X-OpenAM-Username: wpa-agent
      X-OpenAM-Password: ********
      Accept-API-Version: resource=2.0, protocol=1.0
      Connection: Close
      X-ForgeRock-TransactionId: 0b6ad681-df4b-b4cf-4a70-2e15eb148171/2
      Content-length: 0
      
      
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/sdk_base.c:222) http response 200 from openam.LOCALTEST.me:8080
      X-Frame-Options: SAMEORIGIN
      Set-Cookie: amlbcookie=01; Domain=localtest.me; Path=/
      Set-Cookie: iPlanetDirectoryPro=Uy8nwaAJBFq9thl5yVrSVYRJF1k.*AAJTSQACMDEAAlNLABw5Z1VLS2dHTTlmSGpUOW16NHNKTjYzSHo1R0E9AAR0eXBlAANDVFMAAlMxAAA.*; Domain=localtest.me; Path=/
      Cache-Control: no-cache, no-store, must-revalidate
      Content-API-Version: resource=2.1
      Expires: 0
      Pragma: no-cache
      Content-Type: application/json
      Content-Length: 167
      Date: Mon, 08 Jun 2020 16:26:50 GMT
      Connection: close
      {"tokenId":"Uy8nwaAJBFq9thl5yVrSVYRJF1k.*AAJTSQACMDEAAlNLABw5Z1VLS2dHTTlmSGpUOW16NHNKTjYzSHo1R0E9AAR0eXBlAANDVFMAAlMxAAA.*","successUrl":"/openam/console","realm":"/"}
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/utility.c:1406) am_timer(): getaddrinfo took 0 seconds
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/net.c:71) connection status: 115
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/net.c:115) net_connect(): connected to openam.LOCALTEST.me:8080 (IPv4)
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/sdk_base.c:180) http request to openam.LOCALTEST.me:8080
      GET /openam/json/realms/root/serverinfo/version HTTP/1.1
      Host: openam.LOCALTEST.me:8080
      User-Agent: OpenAM Web Agent/5.6.3-RC3
      Accept: application/json
      Connection: Close
      Content-Type: application/json; charset=UTF-8
      X-ForgeRock-TransactionId: 0b6ad681-df4b-b4cf-4a70-2e15eb148171/3
      
      
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/sdk_base.c:222) http response 403 from openam.LOCALTEST.me:8080
      X-Frame-Options: SAMEORIGIN
      Cache-Control: no-cache
      X-Content-Type-Options: nosniff
      Content-Type: application/json;charset=UTF-8
      Content-Length: 69
      Date: Mon, 08 Jun 2020 16:26:50 GMT
      Connection: close
      {"code":403,"reason":"Forbidden","message":"No session for request."}
      2020-06-08 16:26:50 GMT ERROR   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: agent login to http://openam.LOCALTEST.me:8080/openam fails
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/utility.c:1406) am_timer(): getaddrinfo took 0 seconds
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/net.c:71) connection status: 115
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/net.c:115) net_connect(): connected to openam.LOCALTEST.me:8080 (IPv4)
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/sdk_base.c:180) http request to openam.LOCALTEST.me:8080
      POST /openam/json/realms/root/sessions?_action=logout HTTP/1.1
      Host: openam.LOCALTEST.me:8080
      Cookie: iPlanetDirectoryPro=Uy8nwaAJBFq9thl5yVrSVYRJF1k.*AAJTSQACMDEAAlNLABw5Z1VLS2dHTTlmSGpUOW16NHNKTjYzSHo1R0E9AAR0eXBlAANDVFMAAlMxAAA.*
      User-Agent: OpenAM Web Agent/5.6.3-RC3
      Accept: application/json
      Connection: Close
      Content-Type: application/json; charset=UTF-8
      Accept-API-Version: resource=2.0, protocol=1.0
      X-ForgeRock-TransactionId: 0b6ad681-df4b-b4cf-4a70-2e15eb148171/4
      Content-length: 0
      
      
      2020-06-08 16:26:50 GMT DEBUG   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: (source/sdk_base.c:222) http response 200 from openam.LOCALTEST.me:8080
      X-Frame-Options: SAMEORIGIN
      Cache-Control: no-cache
      Content-API-Version: resource=2.1
      Set-Cookie: iPlanetDirectoryPro=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Domain=localtest.me
      Set-Cookie: amlbcookie=LOGOUT; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Domain=localtest.me
      X-Content-Type-Options: nosniff
      Content-Type: application/json;charset=UTF-8
      Content-Length: 36
      Date: Mon, 08 Jun 2020 16:26:50 GMT
      Connection: close
      {"result":"Successfully logged out"}
      2020-06-08 16:26:50 GMT ERROR   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: config_fetch():  failed to load configuration for agent: / wpa-agent, error unknown system error
      2020-06-08 16:26:50 GMT ERROR   [0b6ad681-df4b-b4cf-4a70-2e15eb148171]: amagent_auth_handler(): failed to get agent configuration instance, error: unknown system error
      
      

      This is more apparent when using something like ssoadm to populate values/hostname values. Raising for visibility for the affected customer. Closure type will depend on the analysis. Probably a rogue strcmp.

      Workaround:
      Use lowercase or if using script to populate then use something like Hostname --> toString.lowerCase().

        Attachments

          Activity

            People

            Assignee:
            jeremy.cocks Jeremy Cocks
            Reporter:
            jeremy.cocks Jeremy Cocks
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: