Details
Description
The self-registration, forgotten-password and forgotten-username flows have not been updated to use the new realm syntax. Rather than list all the individual bugs that would have resulted by having not completed this work - I have described below the expected behaviours in the all the user flows through the user-self-service UI.
Set up
1: Create a subrealm called customers.
2: Create an alias for the customers called foo.
3: Set up a dns alias for customers too. https://wikis.forgerock.org/confluence/display/openam/Test+Multi-Tenant+Setup+with+Realms
4: Enable self-registration, forgotten-password and forgotten-username on the subrealm and enable email for each.
5: Add the Email service
Flows
1: Goto to the original url, (not the dns yet): http://openam.example.com/openam/XUI/?realm=/customers#login&locale=fr
2: Click through to each of the following self-registration, forgotten-password or forgotten-username.
3: Click the return to login button on each.
Expected the browser to return to the original http://openam.example.com/openam/XUI/?realm=/customers#login&locale=fr
Repeat steps 1 and 2 above, then
3: Enter a fake item into the form and press submit
4: Click the return to login button on each.
Expected the browser to return to the original http://openam.example.com/openam/XUI/?realm=/customers#login&locale=fr
Repeat steps 1, 2 and 3 above, then
4: Click the try again button
Expected the browser to return to http://openam.example.com/openam/XUI/?realm=/customers#passwordReset&locale=fr (passwordReset or forgotUsername or register)
5: Click the return to login button on each.
Expected the browser to return to the original http://openam.example.com/openam/XUI/?realm=/customers#login&locale=fr
Repeat steps 1, 2 and 3 above, then
4: Actually register a new user, or reset a password or request a forgotten username.
Expected email link http:///openam.example.com/openam/XUI/?realm=/customers#passwordReset&token=ABC
(passwordReset or forgotUsername or register) - params are dropped but realm is preserved
Actual returned email link http:///openam.example.com/openam/XUI/#passwordReset&realm=/customers&token=ABC
params are dropped but realm is defined in the wrong part of the url.
Realm Aliases
To test the realm aliases substitute the realm=/customers for realm=foo and try the flows above again.
The first 3 flows should work the same but with the realm substituted as realm=foo.
The last one when you actually get links back from the server should have swapped the realm for the absolute realm again.
http:///openam.example.com/openam/XUI/?realm=/customers#passwordReset&token=ABC
DNS Aliases
To test the DNS aliases substitute the initial url for http://mydns.example.com/openam/XUI/#login&locale=fr and try the flows above again.
The expected urls on the first 3 flow should be http://mydns.example.com/openam/XUI/#login&locale=fr
The last one when you actually get links back from the server should return the url without the dns but with the absolute realm defined
Expected email link http:///openam.example.com/openam/XUI/?realm=/customers#passwordReset&token=ABC
Attachments
Issue Links
- depends on
-
OPENAM-10048 Forgotten Password and Forgotten Username flows not working on subrealms
-
- Closed
-