Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-17712

SAML2 session state not stored in-memory if it can't be stored locally

    XMLWordPrintable

    Details

    • Rank:
      1|i0117j:
    • AM Sustaining Sprint 85, AM Sustaining Sprint 86
    • 5
    • No
    • No
    • Yes
    • Yes and I used the same an in the description

      Description

      Bug description

      openam/js/saml2-write.js and js/saml2-read.js suggest AM should use an in-memory cache if it fails to retrieve the state from session storage but instead it fails with errorcode=UnableToGetAuthnReq&httpstatuscode=500

      How to reproduce the issue

      1. Configure an SP and IDP
      2. On IDP, comment out calls to addToSessionStorage in openam/js/saml2-write.js
      3. Start SP-initiated SSO
      4. Enter valid IDP credentials
      Expected behaviour
      Flow works, AM uses in-memory cache to retrieve state
      Current behaviour
      Flow fails with errorcode=UnableToGetAuthnReq&httpstatuscode=500

        Attachments

          Issue Links

            Activity

              People

              lawrence.yarham Lawrence Yarham
              aaron.haskins Aaron Haskins
              Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: