[OPENAM-6514] OAuth2 authorization flow stores resource owner in universalID format if persistent mode is on - ForgeRock JIRA

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 11.0.2
Fix Version/s: 11.0.4, 12.0.3
Component/s: oauth2
Labels:
- release-notes
- test-candidate

Support Ticket IDs:

Verified Version/s:

12.0.3

Description

Steps :
1. login to admin console
2. click [Access Control] -> realm -> [Authentication] -> "All Core Settings ..."
3. enable "Persistent Cookie Mode" setting
4. click "Save" button and logout

5. access login screen with "iPSPCookie=yes"
http://<host>:<port>/openam/UI/Login?realm=hr&iPSPCookie=yes
6. login and close browser without logging out.

7. access authorization page
http:///<host>:<port>/openam/oauth2/authorize?client_id=myClientID&scope=cn&redirect_uri=http%3A%2F%2F<host>%3A<port>%2Fopenam%2Foauth2c%2FOAuthProxy.jsp&response_type=code
8. with 11.0.x, you will get internal error
with 12.0.x, authorization page will be displayed, but when generating access code, it will use universalID instead of username.

Attachments

Issue Links

relates to

OPENAM-7260 OAuth2 authorization flow sets wrong resource owner if alias name + LDAP auth is used.

Resolved

Activity

People

Assignee:

Sachiko Wallace

Reporter:

Sachiko Wallace

QA Assignee:

Nemanja Lukic

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

03/Aug/15 3:34 AM

Updated:

05/Apr/17 1:15 PM

Resolved:

28/Aug/15 1:40 AM

Time Tracking

Estimated:

Remaining:

Logged: