Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-1945

Default Configuration create invalid domain cookie

    Details

    • Sprint:
      AM Sustaining Sprint 21

      Description

      Hi, I've confirmed "Default Configuration" still does not work OpenAM 10.0.0.
      The cause is domain cookie creation by publicsuffix-1.0.1.jar
      You can see the library returning wrong result.

      ex)
      pss.getEffectiveTLDLength("idp.example.com");
      -> 11 (EffectiveTLD=".com", DomainCookie=".example.com")
      Correct

      pss.getEffectiveTLDLength("idp.example.co.jp");
      -> 14 (EffectiveTLD=".jp", DomainCookie=".co.jp")
      Wrong, Collect domain cookie is: .example.co.jp

      pss.getEffectiveTLDLength("idp.example.gs.oslo.no");
      -> 19 (EffectiveTLD=".no", DomainCookie=".oslo.no")
      Wrong, Collect domain cookie is: .example.gs.oslo.no

      Thus, "Default Configuration" does not work with most second level
      domain (and third level domain).
      So, I wrote alternative library for detecting domain cookie.

      https://github.com/hamano/regdom4j/

      This library will work perfectly correct.

      java -jar regdom4j.jar idp.example.com
      -> example.com

      java -jar regdom4j.jar idp.example.co.jp
      -> example.co.jp

      java -jar regdom4j.jar idp.example.gs.oslo.no
      -> example.gs.oslo.no

      Please consider replacing with the library.
      Thank you.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                peter.major Peter Major [X] (Inactive)
                Reporter:
                hamano hamano
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 4h
                  4h
                  Remaining:
                  Remaining Estimate - 4h
                  4h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified