The TokenExpired exception thrown in IdentityServicesImpl does not not produce a consistent error message.
Customer reports that this may cause issues when used in the rest service.
Steps to reproduce:
- Enable session failover in openam and have a multi-site deployment
- Call the rest identity/attributes interface with an expired token.
1. Call to OpenAM instance that is the authoritative server returns:
message:=Session was not obtained.
2. Call to OpenAM instance in the same site returns:
message=AQIC5wM2LY4SfcxQuZOO9ZB2Q69258s/nYn7WiacGEK/irw=@AAJTSQACMjAAAlNLABQtODgyNzYwMzMxNTYxMDY4NDMyMAACUzEAAjAz# Session was not obtained.
3. Call to an OpenAM instance in different site returns: