Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-7091

Policy Agent unable to handle + symbol

    Details

    • Sprint:
      Sprint 96 - Team Curie
    • Support Ticket IDs:

      Description

      Issue:
      Policy Agent 3.3.4 is always redirecting URLs with a + symbol to login even if the not enforced URL policies mean they shouldn't. We did not have this problem in 3.3.0 but were told to upgrade to resolve a similar problem. URLs are allowed to contain any valid character as defined by RFC 3986 so I'd expect the web agent to allow this. I've attached the logs for testing the following URLs in turn:

      http://hostname.com:90/rest-ws/address/address-lookup/v1/addresses/1/RG214EA (worked ok)
      http://hostname.com:90/rest-ws/address/address-lookup/v1/addresses/1/RG21%204EA (worked ok)
      http://hostname.com:90/rest-ws/address/address-lookup/v1/addresses/1/RG21+4EA (redirected, not ok)
      

      Background:
      In Apache 2.2 web policy agent 3.3.0 we had an issue where the following URL would always require validation, even when our not enforced URL policies mean it should not be validated:

      http://hostname.com:90/rest-ws/address/address-lookup/v1/addresses/1/RG21%204EA

      To resolve this we were advised to upgrade to web policy agent 3.3.4 and this resolved the original issue but now urls containing + symbols have the same problem:

      http://hostname.com:90/rest-ws/address/address-lookup/v1/addresses/1/RG21+4EA

      We have enabled the Invert Not Enforced URLs and the com.forgerock.agents.notenforced.url.regex.enable properties and these URLs do not match any of the expressions in the list so should not be enforced.

        Attachments

          Activity

            People

            • Assignee:
              mareks Mareks Malnacs
              Reporter:
              miketleach Mike Leach
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: