Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-6514

OAuth2 authorization flow stores resource owner in universalID format if persistent mode is on

    Details

    • Support Ticket IDs:

      Description

      Steps :
      1. login to admin console
      2. click [Access Control] -> realm -> [Authentication] -> "All Core Settings ..."
      3. enable "Persistent Cookie Mode" setting
      4. click "Save" button and logout

      5. access login screen with "iPSPCookie=yes"
      http://<host>:<port>/openam/UI/Login?realm=hr&iPSPCookie=yes
      6. login and close browser without logging out.

      7. access authorization page
      http:///<host>:<port>/openam/oauth2/authorize?client_id=myClientID&scope=cn&redirect_uri=http%3A%2F%2F<host>%3A<port>%2Fopenam%2Foauth2c%2FOAuthProxy.jsp&response_type=code
      8. with 11.0.x, you will get internal error
      with 12.0.x, authorization page will be displayed, but when generating access code, it will use universalID instead of username.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sachiko Sachiko Wallace
                Reporter:
                sachiko Sachiko Wallace
                QA Assignee:
                Nemanja Lukic
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 0h
                  0h
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 4h
                  4h