Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-18090

Creation of UMA Policy to share a resource fails when identities have custom attributes

    XMLWordPrintable

    Details

    • Bug
    • Status: In Progress
    • Major
    • Resolution: Unresolved
    • 6.5.2.2
    • 6.5.4, 8.0.0, 7.1.1, 7.0.3
    • UMA
    • Rank:
      1|i056ue:
    • AM Sustaining Sprint 87, AM Sustaining Sprint 88, AM Sustaining Sprint 89
    • 2

      Description

      Bug description

      UMA Policy creation fails with 403 when using custom identity object classes*.*

      How to reproduce the issue

      Deploy AM, embedded config and user store.
      Deploy a separate dir server to act as user store.
      Add a number of additional attributes to the external directory server, e.g. uTest1, uTest2, uTest3.
      Create/modify a test user to then include these custom attributes
      Create a sub-realm e.g. subscribers, delete the embedded Identity Store and add the external directory store.
      Configure the Identity Store (not sure if needed) to include these attriutes for identities.
      Follow the steps detailed at https://backstage.forgerock.com/docs/am/7.1/uma-guide/managing-uma-policies.html#managing-uma-policies.

      Expected behaviour
      The UMA flow should complete successfully.
      
      Current behaviour
      At the step for creation of an UMA policy creation (https://backstage.forgerock.com/docs/am/7.1/uma-guide/managing-uma-policies.html#to-create-an-uma-policy), the request fails with a 403.
      
      
      

      Work around

      None

      Code analysis

      n/a

        Attachments

          Issue Links

            Activity

              People

              sfraser Sam Fraser
              david.bate David Bate
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated: