Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5368

Spurious "Not Found Error" message appears when I select a migrated policy in the policy editor

    XMLWordPrintable

Details

    • Rank:
      1|hzozyf:
    • Sprint 91 - Team Curie

    Description

      I have a policy that I've created in OpenAM 12 using ssoadm and the old policy framework XML style. (The XML for the policy is at the end of this description.)

      When I open the Policy Editor, it appears as though OpenAM 12 has migrated the policy correctly. After selecting the IPAMWAS app, I see one OpenAM 12 policy for each of the rules in the policy XML. However, when I select one of the policies, I get the Not Found Error message in red at the top of the page for several seconds. The message goes away and I am able to see the policy components in the Policy Editor, and I can make modifications to the policy (I tried adding an Env Condition and changing the description, and both worked.)

      So the problem here is the spurious Not Found Error message that appears for a few seconds and then goes away.

      <?xml version="1.0" encoding="ISO-8859-1"?>
      <!DOCTYPE Policies 
      PUBLIC "-//OpenSSO Policy Administration DTD//EN"
      "jar://com/sun/identity/policy/policyAdmin.dtd">
      
      <Policies>
      <Policy name="Rockshop_Checkout" referralPolicy="false" active="true" >
      <Rule name="checkout Path With Parameters">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/checkout/*?*" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="checkout Path Without Parameters">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/checkout/*" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="checkout Path Ending in Question Mark">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/checkout/*?" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="wp-login.php">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/wp-login.php" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="wp-login.php With Parameters">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/wp-login.php?*" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="wp-login.php With Something Before Parameters">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/wp-login.php*?*" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="my-account Path">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/my-account/" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="edit-account Path">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/my-account/edit-account/" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="edit-address Path">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/my-account/edit-address/" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="edit-address Path Without Parameters">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/my-account/edit-address/*" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Rule name="edit-address Path With Parameters">
      <ServiceName name="iPlanetAMWebAgentService" />
      <ResourceName name="https://forgerock-rockshop.openrock.org:443/my-account/edit-address/*?*" />
      <AttributeValuePair>
      <Attribute name="POST" />
      <Value>allow</Value>
      </AttributeValuePair>
      <AttributeValuePair>
      <Attribute name="GET" />
      <Value>allow</Value>
      </AttributeValuePair>
      </Rule>
      <Subjects name="Subjects:13923158582566k2Z2vo=" description="">
      <Subject name="All Authenticated Users" type="AuthenticatedUsers" includeType="inclusive">
      </Subject>
      </Subjects>
      </Policy>
      </Policies>
      

      Attachments

        Issue Links

          Activity

            People

              esergueeva esergueeva [X] (Inactive)
              David.Goldsmith David Goldsmith
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: