Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-18160

NodeProcessException: identity.failure at RetryLimitDecisionNode with Nested Trees

    XMLWordPrintable

    Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 7.1.0
    • None
    • trees
    • OS Version: Linux 2.6.32-754.35.1.el6.x86_64
      Container: Tomcat 8.5.32
      JVM Version: 11.0.11+9-LTS-194
      AM 7.1.0
    • Rank:
      1|i05ds6:

      Description

      Bug description

      In AM 7.1, authentication to nested trees fail with NodeProcessException: identity.failure at org.forgerock.openam.auth.nodes.RetryLimitDecisionNode

       

      Authentication Log Error seen:

       {}ERROR: Exception in processing the tree{}

       {}org.forgerock.openam.auth.node.api.NodeProcessException: identity.failure{}

       {}[CONTINUED] at org.forgerock.openam.auth.nodes.RetryLimitDecisionNode.getIdentityFromContext(RetryLimitDecisionNode.java:165){}

       {}[CONTINUED] at org.forgerock.openam.auth.nodes.RetryLimitDecisionNode.onTreeComplete(RetryLimitDecisionNode.java:156){}

       {}[CONTINUED] at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor$TreeCompletionNodeVisitor.visit(AuthTreeExecutor.java:389){}

       

      How to reproduce the issue

      Create 3 trees nested with Inner Tree Evaluator nodes as described below.

      • Tree1 includes Inner Tree Evaluator (with Tree Name value of ‘Tree2’)
      • Tree2 included Inner Tree Evaluator (with Tree Name value of ‘Tree3’)
      • Tree3 included Data Store Decision node.
      • All 3 Trees contain a Retry Limit Decision node with Retry Limit value of ‘3’ and Save Retry Limit to User value of ‘Disabled
      • The User Profile value is set to “Required” in ([Realm name] > Authentication > Settings > User Profile > User Profile)
      • Hit URL to authenticate to Tree1:  http://am.example.com:8080/openam/XUI/?service=Tree1#login/
      • Provide username: demo

       

      Tree1:  (image-2021-07-28-18-21-58-856.png)

       

      Tree2:  (image-2021-07-28-18-21-17-428.png)

       

      Tree3: (image-2021-07-28-18-22-54-147.png)

       

      Expected behaviour

      User should be redirected to user profile page
      
      Current behaviour
      Login Failure
      

      Work around

      OPTIONAL - If you have a workaround, please put the details here (remove this text)

      Code analysis

      OPTIONAL - If you already investigated the code, please share your finding here (remove this text)

      org.forgerock.$className.java
      ...
      

        Attachments

          Activity

            People

            Unassigned Unassigned
            edward.johnson Edward Johnson
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: