Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14462

Document a new parameter that would return 401 instead of 200 when TransactionConditionAdvice fails with a wrong credential

    Details

    • Rank:
      1|hzxpv3:
    • Sprint:
      2019.3 - Marvel
    • Story Points:
      1
    • Needs backport:
      No
    • Needs QA verification:
      No
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      No (add reasons in the comment)

      Description

      Bug description

      Document a new parameter that would return 401 instead of 200 when TransactionConditionAdvice fails with a wrong credential

      How to reproduce the issue

      As a result of OPENAM-12627 fix, it is now optional to return error return 401 instead of 200 when TransactionConditionAdvice fails with a wrong credential

      Please see OPENAM-12627 for detail on how to recreate HTTP 200 response below :

      {
          "tokenId": "<old user token>",
          "successUrl": "http://example.com:80/index.html",
          "realm": "/"
      }
      

      By setting a new advanced parameter " org.forgerock.openam.auth.transactionauth.returnErrorOnAuthFailure=true" under [Configure] -> [Server Defaults] -> [Advanced] on admin console, it is now possible to return error 401 :

      {"code":401,"reason":"Unauthorized","message":"Login failure","detail":{"failureUrl":""}}
      
      Expected behaviour

      N/A

      Current behaviour

      N/A

      Work around

      N/A

      Code analysis

      N/A

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                cristina.herraz Cristina Herraz
                Reporter:
                sachiko Sachiko Wallace
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: