Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-4355

JSON/REST authentication interface doesn't expose some callback attributes

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 11.0.0
    • Fix Version/s: 12.0.0
    • Component/s: authentication, rest
    • Labels:
    • Sprint:
      Sprint 65 - Team Tesla

      Description

      The REST/JSON API (http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/webhelp/dev-guide/rest-api-auth-json.html) allows to initiate and complete authentication module over the REST queries by exposing the information about what kind of callbacks the authentication modules expects.

      However, some attributes of the callbacks are not exposed, for example the "header" field. Some authentication modules use this field to display errors and other messages to the users via the DAUI interface and they use like that:

      <Callbacks length="4" order="2" timeout="3600" header="Change Password&lt;BR&gt;&lt;BR&gt;#REPLACE#&lt;BR&gt;&lt;BR&gt;" >
      

      or

      <Callbacks length="0" order="3" timeout="120" header=" Your password has expired. Please contact service desk to reset your password" error="true" />
      

      However, this "header" field is not shown when the authentication is executed over the REST/JSON API.

      It seems that the LoginViewBean.java, which is used by DAUI is using the PagePropertiesCallback, which has getHeader() method, but the REST/JSON API only deals with the "regular" callbacks (http://docs.oracle.com/javaee/1.3/api/javax/security/auth/callback/Callback.html) ?

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rich.riley Rich Riley
                Reporter:
                aivo.kalu aivo.kalu [X] (Inactive)
                QA Assignee:
                Nemanja Lukic
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: