Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11177

Scripted auth module can not be used in auth chain if the username in sharedstate map does not 'match' the search attribute of the data store

    Details

    • Sprint:
      AM Sustaining Sprint 38, AM Sustaining Sprint 39, AM Sustaining Sprint 40, AM Sustaining Sprint 41, AM Sustaining Sprint 42, AM Sustaining Sprint 43, AM Sustaining Sprint 44, AM Sustaining Sprint 45, AM Sustaining Sprint 46, AM Sustaining Sprint 47, AM Sustaining Sprint 48, AM Sustaining Sprint 49, AM Sustaining Sprint 50, AM Sustaining Sprint 51, AM Sustaining Sprint 52, AM Sustaining Sprint 53, AM Sustaining Sprint 54, AM Sustaining Sprint 55, AM Sustaining Sprint 56
    • Story Points:
      3
    • Needs backport:
      Yes
    • Support Ticket IDs:
    • Verified Version/s:
    • Needs QA verification:
      No
    • Functional tests:
      Yes
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      This is similar to OPENAM-5598, but the similar solution needs to be implemented in ScriptIdentityRepository.getIdentity().

      Reproduction Steps
      Configure LDAP data store with 'uid' as 'user search attribute'
      Configure ldap auth module with 'mail' as 'Attributes Used to Search for a User to be Authenticated'
      Configure Device ID match
      Configure Device ID save
      Add mail to Realm > Authentication > Settings > User Profile >Alias Search Attribute Name
      Configure auth chain with required modules LDAP + Device Match + Optional module (etc. HOTP) > Device ID save

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jonthomas Jonathan Thomas
                Reporter:
                sachiko Sachiko Wallace
              • Votes:
                1 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: