-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 13.0.0, 13.5.0
-
Component/s: authentication, session
-
Labels:
When using arg=newsession with an authentication chain (service=) in the url, the authentication chain is lost and the auth chain shows service=adminserviceconsole rather then the service specified, with XUI turned off.
Steps to reproduce utilizing the default ldapService authentication chain.
1.
Create realm "employees"
2. create ream "engineering"
3. In browser with cleared history/cookies go to this URL:
http://ambate01.internal.forgerock.com:1200/openam/UI/Login?realm=employees
and login.
4. Then go here:
http://ambate01.internal.forgerock.com:1200/openam/UI/Login?service=ldapService&realm=engineering&arg=newsession
5)
notice how you are redirected to:
http://ambate01.internal.forgerock.com:1200/openam/UI/Login?service=adminconsoleservice&goto=http://ambate01.internal.forgerock.com:1200/openam/base/AMAdminFrame&&3VbxJYsz4Znw61PgXyBTbZuWQfBewqEwDhuP4jcrSsGcEjXU9nu8RF8HQ8q2uooA4TqgeI8v1XGmOf2J
Seen on 12.0.0 --> 13.5.0