Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-1104

CDCServlet doesn't work if custom authentication was used

    XMLWordPrintable

    Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 9.5.3, 9.5.4, 10.0.0-EA
    • 9.5.5, 10.0.0
    • cdsso
    • Rank:
      1|hzn6yf:

      Description

      • machine environment *
        1. openAM server: openam.example.com:18080/opensso ... hosting demo-1.jsp
        on the agent configuration of admin console, specify following value as "CDSSO Servlet URL" parameter:
        http://openam.example.com:18080/opensso/cdcservlet?realm=myrealm&loginURI=demo-1.jsp
        under $OPENSSO_DEPLOY_DIR, place demo-1.jsp which redirects to custom login app
        2. PA server: j2eeagent.advertising.com:28080/helloworld/index.html(PA protected site)
        3. custom auth server: customlogin.advertising.com:38080/login/login.jsp
      • login sequence *
        1. user access j2eeagent.advertising.com:28080/helloworld/index.html
        2. request redirected to cdcservlet by PA
        3. cdcservlet redirect the request to custom login page (demo-1.jsp)
        4. demo-1.jsp redirects request to customlogin.advertising.com:38080/login/login.jsp
        5. custom login servlet logins to openAM remotely using AM SDK
        6. custom login servlet redirects request to "goto" parameter passed from demo-1.jsp with iPlanetDirectoryPro appended to URL
        7. cdcservlet validates user token redirects request to /agentapp/sunwCDSSORedirectURI

      At step 7, CDCServlet will reject user's request if "realm" has been specified.
      Also, PA is the one to set cookie if multiple domains were specified as "CDSSO Domain List" parameter value under Agent configuration of admin console. Since custom login is running on different domain than openAM server, iPlanetDirectoryPro is not set for openAM server domain and therefore CDSSO is not achieved.

        Attachments

          Activity

            People

            sachiko Sachiko Wallace
            sachiko Sachiko Wallace
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: