Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-24

Identity Changes not propagating to policy decisions

    XMLWordPrintable

    Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • Snapshot9
    • 9.5.5, 10.0.1, 10.1.0-Xpress
    • policy
    • Linux 2.6.18-128.7.1.el5 #1 SMP Mon Aug 24 08:20:55 EDT 2009 i686 i686 i386 GNU/Linux
      OpenAM Express 9
    • Rank:
      1|hzn2mn:
    • Sprint 3

      Description

      Identity Changes not propagating to policy decisions
      ----------------------------------------------------

      When an identity changes (user/group) the policy decision cache remain the same, leading to a strange situation: user X is not in group Y anymore but he still have access. The decision cache is not updated.

      Suggestion: make all cached entries from Policy Cache involving the changed identity invalid and suitable for refresh.

      Currently, there is an identity change notification mechanism. It is just a matter of linking both information:
      identity change and policy decision.

      I tried to disable policy cache in the agent configuration but it didn't work.

        Attachments

          Activity

            People

            markdr Mark de Reeper
            dlouzado dlouzado
            Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: