Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-3992

com.forgerock.agents.config.hostmap does not seem to use the IP address

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 5.8.0
    • Fix Version/s: None
    • Component/s: Web Agents

      Description

      CAGENT_URL="http://abondance-uk.internal.forgerock.com/pkg/servers/forgerock/Agent/web-agent/staging/nightly/web-agent-nightly-Apache_v24_Linux_64bit.zip"
      OPENAM_URL="http://abondance-uk.internal.forgerock.com/pkg/servers/forgerock/OpenAM/staging/6.5.2.1/AM-6.5.2.1.war"

      USING GUI FOR CONFIGURATION
      To Recreate:
      1) Install Agent 5.8.0-SNAPSHOT and OPENAM 6.5.2.1
      2) Create a basic policy with access to all resources for all authenticated users
      3) In advanced properties add the following in custom properties

      com.forgerock.agents.config.hostmap[0]=openam.localtest.me|10:10:10:10

      4) Attempt to access a resource

      Expected behaviour
      _____________________

      Access not allowed

      Actual behaviour
      __________________

      Access allowed

      Also checked logs and no evidence that the IP address is used

      USING BOOTSTRAP PROPERTIES
      Also Tried using the bootstrap properties with the correct IP address (e.g.com.forgerock.agents.config.hostmap[0]=openam.localtest.me|10.166.0.2) and this time
      1) Install Agent 5.8.0-SNAPSHOT and OPENAM 6.5.2.1
      2) Create a basic policy with access to all resources for all authenticated users
      3) In the agent.conf file add com.forgerock.agents.config.hostmap[0]=openam.localtest.me|10.166.0.2
      4) restart agent
      5) attempt to access resource

      Expected behaviour
      _____________________
      Access Allowed

      Actual behaviour
      __________________
      Access Denied

      Logs were as follows

      2021-01-20 17:14:20 GMT ERROR   [71ed0318-c587-0934-a404-1b7b5baf0a45]: config_fetch():  failed to load configuration for agent: / wpa-agent, error
      2021-01-20 17:14:20 GMT ERROR   [71ed0318-c587-0934-a404-1b7b5baf0a45]: amagent_auth_handler(): failed to get agent configuration instance, error: error
      2021-01-20 17:14:20 GMT DEBUG   [a9548af5-6b9f-12ff-9459-c1a652043798]: (source/apache/agent.c:792) amagent_auth_handler(): begin
      2021-01-20 17:14:20 GMT DEBUG   [a9548af5-6b9f-12ff-9459-c1a652043798]: (source/net_client.c:212) sync_connect(): found host 'openam.localtest.me' (|10.166.0.2) entry in com.forgerock.agents.config.hostmap
      2021-01-20 17:14:20 GMT ERROR   [a9548af5-6b9f-12ff-9459-c1a652043798]: sync_connect(): error getting address for openam.localtest.me: Name or service not known
      2021-01-20 17:14:20 GMT DEBUG   [a9548af5-6b9f-12ff-9459-c1a652043798]: (source/utility.c:1276) am_timer(): getaddrinfo took 0 seconds
      2021-01-20 17:14:20 GMT ERROR   [a9548af5-6b9f-12ff-9459-c1a652043798]: unable to connect to openam.localtest.me:8080
      2021-01-20 17:14:20 GMT ERROR   [a9548af5-6b9f-12ff-9459-c1a652043798]: agent authentication and profile failure
      2021-01-20 17:14:20 GMT ERROR   [a9548af5-6b9f-12ff-9459-c1a652043798]: config_fetch():  failed to load configuration for agent: / wpa-agent, error
      2021-01-20 17:14:20 GMT ERROR   [a9548af5-6b9f-12ff-9459-c1a652043798]: amagent_auth_handler(): failed to get agent configuration instance, error: error
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              edward.barker edwardb
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated: