Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14433

AM Session idletime not reset when Agent Profile has SSO Only set

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Not a defect
    • Affects Version/s: 6.0.0.2
    • Fix Version/s: None
    • Component/s: session
    • Labels:
    • Sprint:
      AM Sustaining Sprint 60
    • Support Ticket IDs:

      Description

      Bug description

      When Web Agent profile is set to SSO Only, the end users token's idletime is not reset when visiting protected resources. The idletime will keep increasing until the user hits the Max Session time and gets an error.

      How to reproduce the issue

      1. step 1: Install/Configure AM 6.0.0.2
      2. step 2: Create Agent profile in top realm
      3. step 3: Set Agent profile to SSO Only
      4. step 4: Install 5.5.0 Agent using the profile created in step 2
      5. step 5: Go to Agent protected resource and login as a user
      6. step 6: In another browser login as amAdmin and go to the Top Level realm's Sessions tab and type in demo, if that's the user who you logged into the website. Notice the idletime
      7. step 7: wait 3 minutes
      8. step 8: hit refresh in the agent protected page
      9. step 9: in Sessions tab, type username demo again. See the idletime has not changed. It does not get reset to 0 when the user access the protected resource.
      Expected behaviour
      Expected behavior is the idletime will get reset
      
      Current behaviour
      Idle Time keeps increasing until user times out via Max Session Time
      

      Work around

      Remove Agent's SSO Only configuration and add a simple policy. I used //::/* and GET Action, with Authenticated users.

      With AM using a Policy rather then the SSO Only the idletime gets reset. If you repeat the steps from above, you will see the idletime getting reset.

      Code analysis

      not done

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                joe.starling Joe Starling
                Reporter:
                david.bate David Bate
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: