Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13330

Improve SessionReource Authz Module processing

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.5.1, 6.5.0
    • Fix Version/s: 6.0.0.4, 6.5.0, 6.0.1, 5.5.2
    • Component/s: rest
    • Labels:
    • Sprint:
      AM Sustaining Sprint 52
    • Story Points:
      2
    • Support Ticket IDs:

      Description

      Session resource calls such as 'https://openam.test.com:8443/openam/json/realms/internal/sessions?_action=validate' go through admin  >  privilege > then a specific session resource autorization modules.

      If there are groups with delegated admin privileges this may include some extra membership lookups that may be unnecessary in this case.

      As the flow will accept any of these modules It would be better to re-order the authz modules so expensive operations occur last.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jonthomas Jonathan Thomas
                Reporter:
                jonthomas Jonathan Thomas
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: