Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-2820

REST Authentication with multiple callbacks do not work across servers

    Details

    • Sprint:
      Sprint 33, Sprint 34, Sprint 35, Sprint 36, Sprint 38, Sprint 42, Sprint 48, Sprint 49, Sprint 50, Sprint 51, Sprint 52, Sprint 53, Sprint 54

      Description

      When logging into OpenAM via a module or authentication chain which has multiple callbacks, the authentication does not continue if the request does not always get directed to the same server.

      This means that if OpenAM is behind a load-balancer then the authentication attempt will fail if all requests are not sent to the same OpenAM instance. I believe that the AMAuthCookie currently provides this context in /UI/Login, and the authId jwt should contain that information for the REST interface.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                phillcunnington Phill Cunnington
                Reporter:
                samdrew Sam Drew
                QA Assignee:
                Sam Drew
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: