Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-10604

J2EE Agent denies access when using 'Login Attempt Limit'

    XMLWordPrintable

    Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Expired
    • 13.5.0
    • None
    • cdsso, j2ee agents
    • Rank:
      1|hzsx4f:

      Description

      Setup as per OPENAM-10513 and also set 'Login Attempt Limit' ( com.sun.identity.agents.config.login.attempt.limit) to 2 on app1.

      Login to app2 then access app1.
      App1 Agent will return 403 while logging:

      InitialPDPTaskHandler: sticky session mode value:
      amFilter:02/12/2017 09:05:31:051 PM GMT: Thread[http-bio-8180-exec-5,5,main]
      SSOTaskHandler: SSO Validation failed for AQIC5wM2LY4Sfcw1X4mTghF103oqGRo2UEMiBuYS9V19tqw.*AAJTSQACMDIAAlMxAAIwMQACU0sAEzM2OTc5NTM1MTQyMzAxODg2NTc.*
      amFilter:02/12/2017 09:05:31:051 PM GMT: Thread[http-bio-8180-exec-5,5,main]
      SSOTaskHandler: Login attempt number: 1
      amFilter:02/12/2017 09:05:31:051 PM GMT: Thread[http-bio-8180-exec-5,5,main]
      WARNING: CDSSOTaskHandler: Login attempt number 1 failed for request URI: /agentsample/authentication/accessdenied.html
      amFilter:02/12/2017 09:05:31:051 PM GMT: Thread[http-bio-8180-exec-5,5,main]
      ERROR: AmFilter: Error while delegating to inbound handler: CDSSO Task Handler, access will be denied
      java.lang.NullPointerException
              at java.net.URLDecoder.decode(URLDecoder.java:136)
              at java.net.URLDecoder.decode(URLDecoder.java:100)
              at com.sun.identity.agents.filter.CDSSOContext.parseCDSSOCookieValue(CDSSOContext.java:293)
              at com.sun.identity.agents.filter.CDSSOContext.getAuthnRequestID(CDSSOContext.java:313)
              at com.sun.identity.agents.filter.CDSSOTaskHandler.setCookiesAndGetRedirectResult(CDSSOTaskHandler.java:139)
              at com.sun.identity.agents.filter.CDSSOTaskHandler.doSSOLogin(CDSSOTaskHandler.java:74)
              at com.sun.identity.agents.tomcat.v6.AmTomcatCDSSOTaskHandler.doSSOLogin(AmTomcatCDSSOTaskHandler.java:86)
              at com.sun.identity.agents.filter.SSOTaskHandler.process(SSOTaskHandler.java:111)
              at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:194)
              at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:157)
              at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:70)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
              at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:748)
              at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:488)
              at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:411)
              at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:338)
              at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:473)
              at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:342)
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:207)
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
              at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
              at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070)
              at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
              at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
              at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
              at java.lang.Thread.run(Thread.java:745)
      
      amFilter:02/12/2017 09:05:31:052 PM GMT: Thread[http-bio-8180-exec-5,5,main]
      AmFilter: result =>
      
      -----------------------------------------------------------
      FilterResult:
              Status          : FORBIDDEN
              ProcessResponse         : false
              RedirectURL     : null
              RequestURL      : null
              RequestHelper:
                      null
      
              Data:
                      null
      
      -----------------------------------------------------------
      

      Note: Not reproducible with 11.0.3 and J2EE 3.5.1

        Attachments

          Issue Links

            Activity

              People

              Unassigned Unassigned
              andrew.dunn Andrew Dunn [X] (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: