Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15505

Safari redirection fails if the goto URL has the same domain as AM

    XMLWordPrintable

    Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 6.0.0.4
    • 6.0.0.5
    • None
    • None
    • Rank:
      1|hzz6u7:

      Description

      Bug description

      Safari redirection fails if the goto URL has the same domain as AM

      How to reproduce the issue

      Setup an OOTB AM 6.0.0.4 and setup an external Tomcat server that shared the same domain name

      Access the URL using safari ( 12.1.3 )

      http://openam.int ernal.example.com:8080/openam?goto=http://lb.internal.example.com:18080

      Expected behaviour

      The redirection is successful

      Current behaviour

      The redirection fails with the following error "Unknown error. Please contact your Administrator"

      Observed that there is a logout endpoint that is triggered in the Safari 's developer tool console

      XMLHttpRequest cannot load http://openam.internal.example.com:8080/openam/json/sessions?_action=logout&goto=http%3A%2F%2Flb.internal.example.com%3A18080%2Fopenam due to access control checks.

       

      This behaviour is not observed in other browser such as Chrome 's developer tool. See below

       

       

      There is no issue if the goto domain name is different from OpenAM 's in the safari 's browser .

      eg lb.internal.example.net as the goto URL

      http://openam.int ernal.example.com:8080/openam?goto=http://lb.internal.example.net:18080

       

       

        Attachments

          Issue Links

            Activity

              People

              Unassigned Unassigned
              sam.phua Sam Phua
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: