Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14433

AM Session idletime not reset when Agent Profile has SSO Only set

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Not a defect
    • 6.0.0.2
    • None
    • session
    • Rank:
      1|hzxmt3:
    • AM Sustaining Sprint 60
    • 0
    • Future
    • None

    Description

      Bug description

      When Web Agent profile is set to SSO Only, the end users token's idletime is not reset when visiting protected resources. The idletime will keep increasing until the user hits the Max Session time and gets an error.

      How to reproduce the issue

      1. step 1: Install/Configure AM 6.0.0.2
      2. step 2: Create Agent profile in top realm
      3. step 3: Set Agent profile to SSO Only
      4. step 4: Install 5.5.0 Agent using the profile created in step 2
      5. step 5: Go to Agent protected resource and login as a user
      6. step 6: In another browser login as amAdmin and go to the Top Level realm's Sessions tab and type in demo, if that's the user who you logged into the website. Notice the idletime
      7. step 7: wait 3 minutes
      8. step 8: hit refresh in the agent protected page
      9. step 9: in Sessions tab, type username demo again. See the idletime has not changed. It does not get reset to 0 when the user access the protected resource.
      Expected behaviour
      Expected behavior is the idletime will get reset
      
      Current behaviour
      Idle Time keeps increasing until user times out via Max Session Time
      

      Work around

      Remove Agent's SSO Only configuration and add a simple policy. I used //::/* and GET Action, with Authenticated users.

      With AM using a Policy rather then the SSO Only the idletime gets reset. If you repeat the steps from above, you will see the idletime getting reset.

      Code analysis

      not done

      Attachments

        Issue Links

          Activity

            People

              joe.starling Joe Starling
              david.bate David Bate
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: