Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14018

Radius Authentication Module Primary and Secondary Radius Server help button shows server:port when it should be server

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.0.4, 13.0.0, 13.5.2, 14.0.0, 14.1.0, 5.5.1, 6.0.0.5
    • Fix Version/s: 7.0.0
    • Component/s: authentication, XUI
    • Labels:
    • Target Version/s:
    • Sprint:
      AM Sustaining Sprint 59, AM Sustaining Sprint 60, AM Sustaining Sprint 61, AM Sustaining Sprint 62, AM Sustaining Sprint 63, AM Sustaining Sprint 64, AM Sustaining Sprint 65, AM Sustaining Sprint 66
    • Story Points:
      1
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      No
    • Functional tests:
      No

      Description

      Bug description

      In the Radius Authentication Module's Primary Radius Servers & Secondary Radius Servers online help in the GUI, shows:

      A list of primary Radius servers that will be used for authentication
      
      The module will use these servers in preference to the secondary servers. A single entry must be in the format:
      
      radius_server:port
      
      Multiple entries allow associations between OpenAM servers and a Radius server. The format is:
      
      local server name | radius_server:port
      
      NB The local server name is the full name of the server from the list of servers and sites.
      

      but if you look at the AM 6.x documentation:

      https://backstage.forgerock.com/docs/am/6/authentication-guide/#authn-radius

      Primary Radius Servers, Secondary Radius Servers
      Specify the IP address or fully qualified domain name of one or more primary RADIUS server. The default is 127.0.0.1 (localhost loopback), and optionally, set secondary servers.
      
      ssoadm attribute: primary is iplanet-am-auth-radius-server1; secondary is iplanet-am-auth-radius-server2
      
      When authenticating users from a directory server that is remote to AM, set the primary values, and optionally, the secondary server values. Primary servers have priority over secondary servers.
      
      Both properties take more than one value; thus, allowing more than one primary or secondary remote server, respectively. Assuming a multi-data center environment, AM determines priority within the primary and secondary remote servers, respectively, as follows:
      
      Every RADIUS server that is mapped to the current AM instance has highest priority.
      
      Every RADIUS server that was not specifically mapped to a given AM instance has the next highest priority.
      
      RADIUS servers that are mapped to different AM instances have the lowest priority.
      

      no port is listed, because the Radius Authentication module has as a separate field for port.

      How to reproduce the issue

      Details steps outlining how to recreate the issue (remove this text)

      1. Login to AM
      2. Navigate to Authentication
      3. Create Radius Authentication module
      4. Click on module after it's been created
      5. Click the "i" next to the Primary and Secondary Radius Server's
      6. it says: radius_server:port
      Expected behaviour

      Expected to say the same as the documentation:

      Specify the IP address or fully qualified domain name of one or more primary RADIUS server.

      Current behaviour

      it says: radius_server:port

      Work around

      none

      Code analysis

      None

        Attachments

          Activity

            People

            • Assignee:
              joe.starling Joe Starling
              Reporter:
              david.bate David Bate
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: