-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 11.0.1, 11.0.2, 12.0.0
-
Component/s: authentication, policy
-
Labels:
-
Support Ticket IDs:
You will need to disable XUI because of OPENAM-3135
To reproduce:
- Install OpenAM
- If you are on 12.0.0, disable XUI (Configuration > Authentication > Core > XUI interface > uncheck box)
- create subrealm
- Install agent under subrealm
- Configure OpenAM Login URL for the agent: http://openam.example.com:8080/openam/UI/Login?resource=true&realm=testrealm01
- Create a policy with ConditionToService set to a chain that is not the default for the realm
When accessing the protected resource, you will get "An internal authentication error has occurred." error.
amLoginViewBean:02/13/2015 08:45:17:705 AM NZDT: Thread[http-18080-1,5,main]
getLoginDisplay exception:
java.lang.NullPointerException
at com.sun.identity.entitlement.ReferralPrivilege.evaluate(ReferralPrivilege.java:489)
at com.sun.identity.entitlement.PrivilegeEvaluator$PrivilegeTask.run(PrivilegeEvaluator.java:423)
at com.sun.identity.entitlement.PrivilegeEvaluator.evaluate(PrivilegeEvaluator.java:335)
at com.sun.identity.entitlement.PrivilegeEvaluator.evaluate(PrivilegeEvaluator.java:248)
at com.sun.identity.entitlement.Evaluator.evaluate(Evaluator.java:216)
at com.sun.identity.policy.PolicyEvaluator.getPolicyDecisionE(PolicyEvaluator.java:872)
at com.sun.identity.policy.PolicyEvaluator.getPolicyDecision(PolicyEvaluator.java:819)
at com.sun.identity.policy.PolicyEvaluator.getPolicyDecisionIgnoreSubjects(PolicyEvaluator.java:2444)
at com.sun.identity.policy.ProxyPolicyEvaluator.getPolicyDecisionIgnoreSubjects(ProxyPolicyEvaluator.java:257)
at com.sun.identity.policy.util.PolicyDecisionUtils.getActionDecision(PolicyDecisionUtils.java:135)
at com.sun.identity.policy.util.PolicyDecisionUtils.doResourceIPEnvAuth(PolicyDecisionUtils.java:122)
at com.sun.identity.authentication.server.AuthContextLocal.login(AuthContextLocal.java:479)
at com.sun.identity.authentication.server.AuthContextLocal.login(AuthContextLocal.java:419)
at com.sun.identity.authentication.UI.LoginViewBean.getLoginDisplay(LoginViewBean.java:911)
at com.sun.identity.authentication.UI.LoginViewBean.processLogin(LoginViewBean.java:862)
at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:519)
- is related to
-
OPENAM-5451 Resource based authentication does not work as expected in 12 (with legacy UI)
-
- Resolved
-