Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5774

XUI doesn't specify realm when using authlevel

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: 12.0.0
    • Fix Version/s: None
    • Component/s: authentication
    • Labels:
    • Support Ticket IDs:

      Description

      If using a URL such as:
      http://openam.example.com:8080/openam/XUI/#login/&realm=intern&authlevel=2

      When selecting a module from the list, XUI does not appear to specify the realm 'intern'.

      To reproduce:
      1. Create a sub realm 'intern'
      2. Add a new authentication module to this realm, set the authlevel to 2. The module name should not exist on the top realm.
      3. Repeat step 2.
      4. Retrieve the list of modules and make a selection. i.e. http://openam.example.com:8080/openam/XUI/#login/&realm=intern&authlevel=2
      XUI should show 'bad request error'.

      Workaround:
      Disable XUI

      Example of debug log with legacy UI:
      amLoginViewBean:04/02/2015 12:34:03:519 PM BST: Thread[http-bio-8080-exec-6,5,main]
      getEncodedQueryParams: parameter is:realm
      amLoginViewBean:04/02/2015 12:34:03:519 PM BST: Thread[http-bio-8080-exec-6,5,main]
      getEncodedQueryParams: parameter value:2
      amLoginViewBean:04/02/2015 12:34:03:519 PM BST: Thread[http-bio-8080-exec-6,5,main]
      getEncodedQueryParams: parameter value:intern

      Example of log with XUI:
      n getCallbacks() callback : javax.security.auth.callback.ChoiceCallback@2f4d2ad4
      amAMAuthUtils:04/02/2015 12:35:50:576 PM BST: Thread[http-bio-8080-exec-6,5,main]
      realmQualifedData : ActiveDirectory
      amAMAuthUtils:04/02/2015 12:35:50:576 PM BST: Thread[http-bio-8080-exec-6,5,main]
      DataFromRealmQualifiedData : ActiveDirectory
      amAMAuthUtils:04/02/2015 12:35:50:576 PM BST: Thread[http-bio-8080-exec-6,5,main]
      realmQualifedData : ActiveDirectory
      amAMAuthUtils:04/02/2015 12:35:50:576 PM BST: Thread[http-bio-8080-exec-6,5,main]
      RealmFromRealmQualifiedData : null
      amAuthUtils:04/02/2015 12:35:50:576 PM BST
      ...
      amAuthConfig:04/02/2015 12:35:50:576 PM BST: Thread[http-bio-8080-exec-6,5,main]
      newConfig, config not defined MODULE=ActiveDirectory;ORGANIZATION=dc=openam,dc=forgerock,dc=org;CLIENT=genericHTML
      amAuth:04/02/2015 12:35:50:576 PM BST: Thread[http-bio-8080-exec-6,5,main]
      ERROR: JAAS module for config: MODULE=ActiveDirectory;ORGANIZATION=dc=openam,dc=forgerock,dc=org;CLIENT=genericHTML, No Configuration found|noConfig.jsp
      amAuth:04/02/2015 12:35:50:576 PM BST: Thread[http-bio-8080-exec-6,5,main]
      AuthLoginException
      com.sun.identity.authentication.spi.AuthLoginException: No Configuration found|noConfig.jsp
      at com.sun.identity.authentication.service.AuthUtils.isPureJAASModulePresent(AuthUtils.java:1496)

        Attachments

          Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. OPENAM-5387 XUI does not pick up realm if formatted to RFC3986 specs

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. OPENAM-5744 Authentication level login doesn't work if the module name doesn't match the module type

          • Major - Major loss of function.
          • Resolved

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                andrew.dunn Andrew Dunn [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: