-
Type:
Bug
-
Status: Resolved
-
Priority:
Critical
-
Resolution: Duplicate
-
Affects Version/s: 5.5.1, 6.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 6.0.0.5, 6.5.0
-
Fix Version/s: None
-
Component/s: authentication, XUI
-
Labels:
-
Rank:1|hzx2db:
-
Sprint:AM Sustaining Sprint 60, AM Sustaining Sprint 61
-
Story Points:3
-
Support Ticket IDs:
Bug description
Switching from realmA to realmB is not possible via the XUI. When accepting to switch/leave realmA (by logging the user out), the authentication attempt in realmB fails.
How to reproduce the issue
- Create two realms, e.g realmA & realmB
- Point the browser to http://openam.example.com:18080/openam/XUI/?realm=realmA#login
- Authenticate as demo
- Point the browser to http://openam.example.com:18080/openam/XUI/?realm=realmB#login
- Accept on switching the realms/logout from realmA
- Authenticate as demo. It fails with:
"Session Upgrade fails since user is different than original authenticated user"
Expected behaviour
Authentication on realm B should be possible
Current behaviour
Switching from realmA to realmB is not possible
Work around
Re-try after the error, or refresh the page.
Code Analysis
Source code in 5.5.1:
if (forceAuth && sessionUpgrade) { try { newSession = AuthD.getSessionService().getSessionMutator(oldSession.getID()); } catch (SessionException e) { throw new AuthException(AMAuthErrorCode.SESSION_UPGRADE_FAILED, e); } }
- duplicates
-
OPENAM-14569 XUI Switch realm not working with login fragment
-
- Closed
-
- is related to
-
OPENAM-13904 Authentication via REST API - Switching realms is not possible
-
- Open
-