Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13664

Client-based sessions and Policies using session props DO work

    Details

    • Sprint:
      2018.10 - Docs 6.5
    • Story Points:
      1
    • Needs backport:
      No
    • Needs QA verification:
      No
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      No (add reasons in the comment)

      Description

      Bug description

      The docs may be over-zealous about limitations when using Client-based sessions with Policies that use session properties.

      https://backstage.forgerock.com/docs/am/6/authentication-guide/index.html#session-state-client-based-limitations 

      It appears that session properties set during authentication (i.e. before JWT is minted) can be used in policy evaluations.

      The limitation is that session properties cannot be modified in client-based sessions once minted.

      How to reproduce the issue

      1. Create a policy that relies on session properties
      2. Switch AM to use Client-based sessions
      3. Evaluate the policy
      Expected behaviour
      Documented behaviour is that it will fail.
      Current behaviour
      Actual Behaviour is that evaluation succeeds correctly.

       

        Attachments

          Activity

            People

            • Assignee:
              cristina.herraz Cristina Herraz
              Reporter:
              FatBloke Andy Hall
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: