Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16325

Inner Tree Node capabilities and restrictions

    XMLWordPrintable

    Details

    • Rank:
      1|i011xc:
    • Support Ticket IDs:

      Description

      The Inner Tree Evaluator Node section has the following line:

      Any information collected or set by the parent tree, for example, a username or the authentication level, is available to the child trees. Information collected by child trees is available to the parent once evaluation of the child is complete. 

      Which is not true for passwords - they're not reflected in the transient state of child trees. When trying to authenticate a user within the child tree by retrieving the password from the parent tree, I see the following error:

      ERROR: Password is null, note this field is not stored across multiple requests
      
      ERROR: Exception in processing the tree org.forgerock.openam.auth.node.api.NodeProcessException: Unable to authenticate 
      

       This is a valid limitation, but it should be listed in the documentation along with some best practices for implementing the node as seen in the AM-400B-FR-SG coursebook (page 151 and 489).

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              sergio.bettiol Sergio Bettiol
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated: