Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-10278

arg=newsession does not handle Authentication Chain and redirects to service=adminserviceconsole

    Details

    • Sprint:
      AM Sustaining Sprint 33
    • Story Points:
      2

      Description

      When using arg=newsession with an authentication chain (service=) in the url, the authentication chain is lost and the auth chain shows service=adminserviceconsole rather then the service specified, with XUI turned off.

      Steps to reproduce utilizing the default ldapService authentication chain.

      1.
      Create realm "employees"

      2. create ream "engineering"

      3. In browser with cleared history/cookies go to this URL:

      http://ambate01.internal.forgerock.com:1200/openam/UI/Login?realm=employees
      

      and login.

      4. Then go here:

      http://ambate01.internal.forgerock.com:1200/openam/UI/Login?service=ldapService&realm=engineering&arg=newsession
      

      5)
      notice how you are redirected to:

      http://ambate01.internal.forgerock.com:1200/openam/UI/Login?service=adminconsoleservice&goto=http://ambate01.internal.forgerock.com:1200/openam/base/AMAdminFrame&&3VbxJYsz4Znw61PgXyBTbZuWQfBewqEwDhuP4jcrSsGcEjXU9nu8RF8HQ8q2uooA4TqgeI8v1XGmOf2J
      
      

      Seen on 12.0.0 --> 13.5.0

        Attachments

          Activity

            People

            • Assignee:
              markdr Mark de Reeper
              Reporter:
              david.bate David Bate
              QA Assignee:
              Filip Kubáň [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: