Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-7467

Redirect loop with XUI and resource=true when user initially authenticated to different chain

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.0.3, 13.0.0
    • Fix Version/s: 12.0.3, 13.0.0
    • Component/s: XUI
    • Sprint:
      AM Sustaining Sprint 14, AM Sustaining Sprint 15
    • Support Ticket IDs:

      Description

      Tested on OpenAM 12.0.3-SNAPSHOT Build -1 (2015-November-12 11:30)

      Set up:

      Test:

      Authenticate to OpenAM using ldapService first
      Go to the protected resource -> redirect loop

      Please note that the following works as expected:

      1) Unauthenticated user going to the protected resource; it is presented with the correct chain directly and gets access to resources

      2) Removing resource-based authn; authenticated users to the wrong chain trying to access the resource are correctly redirected to the correct chain for authentication

      Also worth noting: tried to modify the OpenAM login URL to: http://openam.example.com:18080/openam/XUI/#login/&resource=true and the flow end up on: http://openam.example.com:18080/openam/XUI/#login/&resource=truegoto=http%3A%2F%2Fwebsite.example.com%2Findex.html
      -> lost the & between true and goto

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jonthomas Jonathan Thomas
                Reporter:
                nathalie.hoet Nathalie Hoet
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: