-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 11.0.0, 11.0.1, 11.0.2, 12.0.0, 13.0.0
-
Component/s: authentication
-
Labels:
-
Sprint:AM Sustaining Sprint 37, AM Sustaining Sprint 38, AM Sustaining Sprint 39, AM Sustaining Sprint 40, AM Sustaining Sprint 41, AM Sustaining Sprint 42, AM Sustaining Sprint 43
-
Story Points:2
-
Needs backport:No
-
Support Ticket IDs:
-
Needs QA verification:No
-
Functional tests:No
-
Are the reproduction steps defined?:Yes and I used the same an in the description
Steps to reproduce
configure LDAP data store with 'uid' as 'user search attribute'
configure ldap auth module with 'mail' as 'Attributes Used to Search for a User to be Authenticated'
configure OATH auth module
configure auth chain with required modules LDAP + OATH
'javax.security.auth.login.name' in shared state map will be set to email address entered for LDAP auth.
OATH checkOTP method fails as the user identity can not be found.
Data store will not be able to find the entry as the search attribute is set to 'uid'.
- is related to
-
OPENAM-4856 HOTP auth module can not be used in auth chain if the username in sharedstate map does not 'match' the search attribute of the data store
-
- Resolved
-
- relates to
-
OPENAM-10971 FR-OATH auth module can not be used in auth chain if the username in sharedstate map does not 'match' the search attribute of the data store
-
- Resolved
-