Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-828

WPA running in sso-only mode does not ignore policyservice response status

    XMLWordPrintable

    Details

      Description

      Set up webagent in sso-only mode and configure it with any session attribute to be set as http header. Request any protected resource. Agent will redirect the request for authentication and on return:
      1. will send session-service request
      2. send policyservice request.

      Depending on the policyservice response, it will either return 403 error or allow access to the resource.

      When running in sso-only mode, invalid policyservice response should be ignored. Only valid sessionservice response is required for sso-only.

        Attachments

          Activity

            People

            mareks Mareks Malnacs
            mareks Mareks Malnacs
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: