Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14483

If there is no token, then landing on the AM login page will result in 2 getSessionInfo Requests = 401 UnAuthZ


    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 6.0.0,, 7.0.0
    • Fix Version/s: 6.5.2, 7.0.0
    • Component/s: XUI
    • Labels:
    • Sprint:
      2019.4 - Coins, 2019.5 - Scissors, AM 2019.6 - Lathe
    • Support Ticket IDs:


      Bug description

      We are not sure if this is expected behavior or actually something we need to address.
      Please advise.

      How to reproduce the issue

      1. Go to the AM Login page in AM 6 or 6.5: 
      2. Clear cookie cache: chrome://settings/clearBrowserData 
      3. Open DevTools (ctl+shft+i).
      4. Refresh the page and observer the workflow (see screenshot).
      Expected behaviour
      Seems to fail on basic check-ups.
      Current behaviour
      User sees 401's in DevTools

      Work around


      If a token exists, then these pass with Status Code 200.

      Code analysis

      Info from a discussion (between Todd and Phil) via casework.


      The use case behind this call is more complex, but one of the main reasons for this call is for detecting a realm change. Previously in the UI, realms could be changed without reloading the application so there had to be a detection system for this. The UI now requires a refresh, so this use-case no longer exists, however there is legacy code still operating on this assumption. The double calls upon boot, I’ve not investigated as yet.


          Issue Links



              • Assignee:
                julian.kigwana@forgerock.com Julian Kigwana [X] (Inactive)
                ashley.hale Ashley Hale
              • Votes:
                0 Vote for this issue
                7 Start watching this issue


                • Created: