Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-1280

Persistent cookies only works when debug is at Message Level

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 9.5.3_RC1, 9.5.3, 9.5.4_RC1, 9.5.4, 10.0.0-EA, 10.0.0
    • Fix Version/s: 9.5.5, 10.0.1, 10.1.0-Xpress
    • Component/s: authentication
    • Labels:
      None
    • Environment:
      Windows XP, Tomcat 6.0.26, Java 1.6_20, OpenAM 9.5.4, OpenDJ 2.4.5
    • Sprint:
      Sprint 3

      Description

      If we configure the OpenAM 9.5.4 to use persistent cookies using following configuration inside
      "Configuration" -> "Server&Sites" -> <server> -> "Advanced":

      com.iplanet.am.cookie.timeToLive=5
      openam.session.persist_am_cookie=true

      And the OpenAM is also configured with domain cookies, the Persistent cookie is only generated if the Debug level is set to Message. Note that this same configuration works on OpenAM 9.5.2 for any Debug level.

      Checking the class LoginViewBean.java at setCookie() method, we can see that this problem seem to be a side effect of the fix "OPENAM-667 Persistent Cookie should only be set on success and not on AMAuthCookie" which only gets the time to live value if the Debug level is set to Message.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                peter.major Peter Major
                Reporter:
                alissongarcia alissongarcia
              • Votes:
                1 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: