Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11018

Exporting IdP metadata through browser returns first IdP in the entity listing

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Not a defect
    • Affects Version/s: 13.5.0
    • Fix Version/s: None
    • Component/s: SAML
    • Labels:
      None
    • Support Ticket IDs:

      Description

      When trying to export SAML entity metadata through a browser, the first IdP in the entity list for a Realm is returned. To replicate:

      1. Create two circles of trust for a realm in OpenAM CoT and CoT2
      2. Create two test IdP entities test1 and test2.
      3. Add test1 to CoT and test2 to CoT2.
      4. Export test2's metadata with the following example URL:

      http://host2.example.com:8080/openam/saml2/jsp/exportmetadata.jsp?entityID=test2

      This will result in the user seeing the test1 entitiyID.

      Expected result:

      User should get the metadata for test2 not test1.

      Workaround:

      Use ssoadm to export metadata with the following example command:

      ./ssoadm export-entity -u amadmin -f password.txt -e / -y test1 -c saml2 -m test1.xml -x testExtended.xml

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              abel.hoxeng Abel Hoxeng
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: