-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 3.3.4, 4.0.0
-
Component/s: Doc, Web Agents
-
Verified Version/s:
-
Sprint:Sprint 115 Team Shakespeare
-
Cases:
-
Support Ticket IDs:
-
Epic Link:
Steps to reproduce
1) Setup OpenAM with Web Agent (3.3.x or 4.0.x)
2) Add a simple all users policy to allow access to everything, e.g "http://www.example.com/*"
3) Attempt to access http://www.example.com/test%23test
Result:
Access is denied
Expected result:
Access is allowed
Adding a rule for www.example.com/test#test or # works, but this is not a good workaround because the file could include many encoded # characters and each variation of this would require it's own rule.
I think the two key points are:
In OpenAM the wildcard character stops at a literal # character (much like ?).
The Agent decodes the %23 before sending it for evaluation to OpenAM.