Resolution: Not a defect
Affects Version/s: 126.96.36.199, 6.1.0
Fix Version/s: None
If a PAP is deployed and set at the Realm > Realm Name > Authentication > Chains > chain name > Settings level. It does not execute. However if it is set at the Realm > Realm Name > Authentication > Settings > Post Authentication Processing > Authentication Post Processing Classes level the PAP does successfully execute.
1. Deploy the attached openam-post-auth-sample-6.0.0.jar to WEB-LIB/lib of AM6 instance
2. Login to AM, and create a chain called chain1 containing DataStore as REQUIRED
3. Goto Realm > Realm Name > Authentication > Chains > chain1 > Settings and add com.forgerock.openam.examples.SamplePAP to the Post Authentication Processing Class section.
4. From within the realm add the Session Property Whitelist Service and add Property1, Property2, Property3 all the way up to Property9
5. Restart AM
Edit the attached authN_Get_Session_Props_AM10.sh script to reflect the target FQDN of AM
6. Execute authN_Get_Session_Props_AM10.sh
7. Within the debug directory there will be a timestamped Authentication file showing the failure scenario
8. Now make the PAP work; add com.forgerock.openam.examples.SamplePAP to Realm > Realm Name > Authentication > Settings > Post Authentication Processing > Authentication Post Processing Classes
9. Repeat step 6 and 7
Looks to be a regression of https://bugster.forgerock.org/jira/browse/OPENAM-9979 and has been noted as already not working for trees here https://bugster.forgerock.org/jira/browse/AME-15760