Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-668

AuthClientUtils::sendAuthRequestToOrigServer does not handle server errors

    XMLWordPrintable

    Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • Express8, Snapshot9, Snapshot9.5, Snapshot9.5.1, Snapshot9.5.2_RC1, Snapshot9.5.2, 9.5.3_RC1
    • 9.5.3, 10.0.0-EA
    • authentication
    • Rank:
      1|hzn2i7:

      Description

      If the sendAuthRequestToOrigServer gets a 50x server error on return then the processing fails. In the HTTP_HEADERS the result in the map, the key is null with a value of 50x server error.

      In the LoginServlet we have this code:

      if (headers != null) {
      for (Map.Entry<String, List<String>> entry : headers.entrySet()) {
      String headerName = entry.getKey();
      if (headerName != null) {
      if (RETAINED_HTTP_HEADERS.contains(headerName.toLowerCase())) {
      List<String> headerValues = entry.getValue();
      if (headerValues != null) {
      for (String headerValue : headerValues)

      { response.addHeader(headerName, headerValue); }

      }
      }
      }
      }
      }

      The headerName will be null so therefore nothing will be set; there was no content so nothing ends up being returned to the client and we finish with this code:

      throw new CompleteRequestException();

      We need to capture the header response into the headers map with an actually value for the key and then process it accordingly. If it's not 200 then this value should be returned to the client.

        Attachments

          Activity

            People

            peter.major Peter Major [X] (Inactive)
            steve Steve Ferris
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: