Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14865

No error message is provided when login page is supplied with incorrect session cookie domain

    Details

    • Target Version/s:
    • Sprint:
      AM 2019.7 - Lighthouse, AM 2019.8 - Crank

      Description

      Bug description

      In latest trunk, no error is displayed when reproducing OPENAM-14808.

      How to reproduce the issue

      The same steps should be followed as for OPENAM-14808, except that AM deployed should be 7.0.0 snapshot.

      Expected behaviour
      When attempting to login to second server (that has cookie domain of forgerock.com), error message 'User name/password combination is invalid' (i.e. translation.json authenticationFailed key value) should be shown.
      
      Current behaviour
      No error message is shown and end user remains on login page with no indication of what has failed.
      

      Work around

      Ensure that when using the same browser to login to multiple servers either:

      1) The cookie domains do not overlap (e.g. internal1.forgerock.com and internal2.forgerock.com, instead of forgerock.com and internal.forgerock.com)

      2) Use separate browser instances of incognito windows such that cookies are not shared across the two servers.

      Code analysis

      In processLoginRequest.js, the code arrives at the block after 'SessionManager.login' (as a result of calling SessionManager.login and through to RESTLoginHelper.getLoggedUser (which results in a 401 response) with the value for 'reason' being populated (structure as per ErrorsHandler.handleError function error variable.  As a result this is passed to the EventManager.sendEvent and that results in no message displayed.

      Comparing with AM 6.0.0.6, the code arrives at the same point with the reason variable being undefined.  This then results in the EventManager.sendRequest with "authenticationFailed". 

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                julian.kigwana@forgerock.com Julian Kigwana [X] (Inactive)
                Reporter:
                lawrence.yarham Lawrence Yarham
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: