Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-766

REST authentication should return amlbcookie

    XMLWordPrintable

    Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • Snapshot9, Snapshot9.5, Snapshot9.5.1, Snapshot9.5.2_RC1, Snapshot9.5.2, 9.5.3_RC1
    • 9.5.5, 10.0.0-EA
    • rest
    • None
    • Rank:
      1|hzn6dj:

      Description

      For a multi-server OpenAM configuration, if the load balancer cookie is configured, this is returned from a standard OpenAM web app authentication, but not from a REST authentication call.

      .../openam/identity/authenticate

      When the application and OpenAM are opposite sides of a load balancer, this makes it difficult (or impossible) to direct subsequent calls to the correct OpenAM server in a cluster.

      Workaround is to decode the SSOToken in the client-side application, which is only possible using the AMSDK and not desirable, as it adds unnecessary complexity.

        Attachments

          Issue Links

            Activity

              People

              steve Steve Ferris
              tim Tim Rault-Smith
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: