Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15749

APIX and curl command fired at ../json/sessions?_queryFilter with username eq "webagent" doesn't seem to work

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 6.5.2.1
    • Fix Version/s: None
    • Component/s: REST SDK, session
    • Labels:
    • Environment:
      AM 6.5.2.1 with one or more Web agents up and running.
    • Sprint:
      AM Sustaining Sprint 70, AM Sustaining Sprint 71, AM Sustaining Sprint 72, AM Sustaining Sprint 73, AM Sustaining Sprint 74, AM Sustaining Sprint 75, AM Sustaining Sprint 76, AM Sustaining Sprint 77, AM Sustaining Sprint 78, AM Sustaining Sprint 79, AM Sustaining Sprint 80
    • Story Points:
      2
    • Support Ticket IDs:

      Description

      Going through the API Explorer (APIX) and executing the command works as expected without username and returns all sessions, including webagent.  In an effort to filter out the webagent sessions, I tested with username "amadmin" only, and that worked.  However, doing the same for "webagent" returns nothing.  Is that expected?

      Note: API Docs state only realm (required!) and username are allowed.

      How to reproduce the issue from APIX

      1. Setup AM 6.5.2.1 with a Web Agent (so you have a webagent session).
      2. Login as amadmin and launch  API Explorer.
      3. Goto /sessions on the left pane and scroll to the bottom on the right pane to 
        GET /sessions#3.1_query_filter and click on [Try it Now].
      4. Set _prettyPrint to true.
      5. Set the required _queryFilter to: realm eq "/" 
      6. Execute the query and review the output.
      7. Update the _queryFilter to list one username: realm eq "/" and username eq "amadmin"
      8. Execute the query and review the output.
      9. Update the _queryFilter to list one username: realm eq "/" and username eq "webagent"
      10. Execute the query and review the output.
      11. Copy the curl command to a text file to add in the iPlanetDirectoryPro: cookie.
      Expected behaviour
      See output below:
      Step 6. Shows all sessions (3)
      Step 8. Shows only amadmin sessions (1)
      Step 10. Shows only webagent sessions (2)
      Current behaviour
      See output below:
      Step 6. Shows all sessions (3)
      Step 8. Shows only amadmin sessions (1)
      Step 10. Shows nothing (0)
      

      Work around

      Unknown

      How to reproduce the issue from REST (curl it!)

      To demonstrate the same from command line for REST (curl) as shown below, while in APIX, open DevTools and copy the iPlanetDirectoryPro cookie to a text file.  Then copy the APIX command to the text file and append the -H "iPlanetDirectoryPro: <paste_cookie_here>" and insert the -k to avoid issues with cacerts.

      Output from curl

      Step 6. Realm + no username
      [root@vm2 ahale]# curl -k -X GET "https://openam.example.com:8443/am6521/json/sssions?_prettyPrint=true&_queryFilter=realm%20eq%20%22%2F%22%20" -H "accept: application/json" -H "Accept-API-Version: resource=3.1" -H "X-Requested-With: SwaggerUI" -H "iPlanetDirectoryPro:MCJmG1hzZlnW4DedUR1D0L6ZQdY.*AAJTSQACMDEAAlNLABwxdFJyMXZla283Mmx1WjA4c2o5RXNmRlAxU1U9AAR0eXBlAANDVFMAAlMxAAA.*"
      {
        "result" : [ {
          "_rev" : "1845595441",
          "username" : "webagent",
          "universalId" : "id=webagent,ou=agent,dc=openam,dc=forgerock,dc=org",
          "realm" : "/",
          "sessionHandle" : "shandle:u6IUWSFComWJi23j3F5dHha83sw.*AAJTSQACMDEAAlNLABx1MUlpdWhSNWZ4WmlFUDlzM3htcEFGV2tMblU9AAR0eXBlAANDVFMAAlMxAAA.*",
          "latestAccessTime" : "2019-10-07T19:53:16.321Z",
          "maxIdleExpirationTime" : "2061-09-26T19:53:16Z",
          "maxSessionExpirationTime" : "2061-09-26T19:53:16Z"
        }, {
          "_rev" : "411533588",
          "username" : "amadmin",
          "universalId" : "id=amadmin,ou=user,dc=openam,dc=forgerock,dc=org",
          "realm" : "/",
          "sessionHandle" : "shandle:raAh1IeC-idP4P45HJK2Eiplktg.*AAJTSQACMDEAAlNLABwxdFJyMXZla283Mmx1WjA4c2o5RXNmRlAxU1U9AAR0eXBlAANDVFMAAlMxAAA.*",
          "latestAccessTime" : "2019-12-05T00:35:33.574Z",
          "maxIdleExpirationTime" : "2019-12-05T02:05:33Z",
          "maxSessionExpirationTime" : "2019-12-05T06:21:35Z"
        }, {
          "_rev" : "293962012",
          "username" : "webagent",
          "universalId" : "id=webagent,ou=agent,dc=openam,dc=forgerock,dc=org",
          "realm" : "/",
          "sessionHandle" : "shandle:J_FCVQM5lKauECA7vcnz_LV1Q7s.*AAJTSQACMDEAAlNLABwrK0FOL0phd05uQTg2ZzZFR3ZmR0RzZFMwMms9AAR0eXBlAANDVFMAAlMxAAA.*",
          "latestAccessTime" : "2019-10-07T19:53:16.397Z",
          "maxIdleExpirationTime" : "2061-09-26T19:53:16Z",
          "maxSessionExpirationTime" : "2061-09-26T19:53:16Z"
        } ],
        "resultCount" : 3,
        "pagedResultsCookie" : null,
        "totalPagedResultsPolicy" : "NONE",
        "totalPagedResults" : -1,
        "remainingPagedResults" : -1
      }
      [root@vm2 ahale]# 

       

      Step 8. Realm + amadmin
      [root@vm2 ahale]# curl -k -X GET "https://openam.example.com:8443/am6521/json/sssions?_prettyPrint=true&_queryFilter=realm%20eq%20%22%2F%22%20and%20username%20eq%20%22amadmin%22" -H "accept: application/json" -H "Accept-API-Version: resource=3.1" -H "X-Requested-With: SwaggerUI" -H "iPlanetDirectoryPro:MCJmG1hzZlnW4DedUR1D0L6ZQdY.*AAJTSQACMDEAAlNLABwxdFJyMXZla283Mmx1WjA4c2o5RXNmRlAxU1U9AAR0eXBlAANDVFMAAlMxAAA.*"
      {
        "result" : [ {
          "_rev" : "1031253404",
          "username" : "amadmin",
          "universalId" : "id=amadmin,ou=user,dc=openam,dc=forgerock,dc=org",
          "realm" : "/",
          "sessionHandle" : "shandle:raAh1IeC-idP4P45HJK2Eiplktg.*AAJTSQACMDEAAlNLABwxdFJyMXZla283Mmx1WjA4c2o5RXNmRlAxU1U9AAR0eXBlAANDVFMAAlMxAAA.*",
          "latestAccessTime" : "2019-12-05T00:35:33.574Z",
          "maxIdleExpirationTime" : "2019-12-05T02:05:33Z",
          "maxSessionExpirationTime" : "2019-12-05T06:21:35Z"
        } ],
        "resultCount" : 1,
        "pagedResultsCookie" : null,
        "totalPagedResultsPolicy" : "NONE",
        "totalPagedResults" : -1,
        "remainingPagedResults" : -1
      }[root@vm2 ahale]# 

       

      Step 10. Realm + webagent
      [root@vm2 ahale]# curl -k -X GET "https://openam.example.com:8443/am6521/json/sessions?_prettyPrint=true&_queryFilter=realm%20eq%20%22%2F%22%20and%20username%20eq%20%22webagent%22" -H "accept: application/json" -H "Accept-API-Version: resource=3.1" -H "X-Requested-With: SwaggerUI" -H "iPlanetDirectoryPro:MCJmG1hzZlnW4DedUR1D0L6ZQdY.*AAJTSQACMDEAAlNLABwxdFJyMXZla283Mmx1WjA4c2o5RXNmRlAxU1U9AAR0eXBlAANDVFMAAlMxAAA.*"
      
      {
        "result" : [ ],
        "resultCount" : 0,
        "pagedResultsCookie" : null,
        "totalPagedResultsPolicy" : "NONE",
        "totalPagedResults" : -1,
        "remainingPagedResults" : -1
      }
      [root@vm2 ahale]# 
      

       

       

       

       

        Attachments

          Activity

            People

            • Assignee:
              jonthomas Jonathan Thomas
              Reporter:
              ashley.hale Ashley Hale
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated: