Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11384

Auth Level value for step up sessions inconsistent with auth level value for non step up sessions

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: 14.0.0, 14.1.0
    • Fix Version/s: None
    • Component/s: authentication
    • Labels:
    • Support Ticket IDs:

      Description

      If a session is created by just hitting a specific module; it's AuthLevel is set to that of the module's AuthLevel WITHOUT any reference to realm:

      Call to

      ../openam/json/realms/root/sessions/?_action=getSessionInfo

      with AuthLevel added to session whitelist:

      { "AuthLevel": "10" }

      If however you go through step up, realm is included. This is inconsistent and adds complexity for customers implementing logic based on the value of this property.

      { "AuthLevel": "/:20" }

       

      Note the behaviour is the same if you traverse a chain.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                shokard Darinder Shokar
              • Votes:
                1 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: