Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8579

Syntax issue within ssoadm command.

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Cannot Reproduce
    • Affects Version/s: 12.0.2
    • Fix Version/s: None
    • Component/s: CLI
    • Labels:
    • Environment:
      OpenAM 12.0.2
    • Rank:
      1|hzl5fb:
    • Sprint:
      AM Sustaining Sprint 20
    • Support Ticket IDs:

      Description

      In ssoadm command a space doesn't work to combine sub-commands to update the authentication chains.
      Steps to reproduce this issue.
      Create two Authentication instances using following commands.

      /ssoadm create-auth-instance -e consumers -m ConsumersAuth -t DataStore -u amadmin -f /tmp/pwd.txt

      /ssoadm create-auth-instance -e consumers -v -m PWDValidator -t DataStore -u amadmin -f /tmp/pwd.txt

      Then add the two authentication chain using following syntax..

      ssoadm/openam/bin/ssoadm update-auth-cfg-entr -e consumers -m ldapService -u amadmin -f /tmp/pwd.txt -a "ConsumersAuth|REQUIRED|iplanet-am-auth-shared-state-enabled=true iplanet-am-auth-store-shared-state-enabled=true" "PWDValidator|SUFFICIENT|iplanet-am-auth-shared-state-enabled=true iplanet-am-auth-shared-state-behavior-pattern=useFirstPass"

      After the above command authentication does not work for the given realm "consumers". So I login as amadmin and change the space back to | via UI and restart tomcat , it starts working. So while ssoadm accepts space between

      planet-am-auth-shared-state-enabled=true iplanet-am-auth-store-shared-state-enabled=true

      the openam functionality breaks with space between the options....

      So when I login as amadmin and change the space back to | via UI and restart tomcat , it starts working.

      So while ssoadm accepts space, the openam functionality breaks with space between the options.

      So the final command looks like this..

      ./ssoadm update-auth-cfg-entr -e consumers -m ldapService -u amadmin -f /tmp/pwd.txt -a "ConsumersAuth|REQUIRED|iplanet-am-auth-shared-state-enable=ture|iplanet-am-auth-store-shared-state-enabled=true" "PWDValidator|SUFFICIENT|iplanet-am-auth-shared-state-enabled=true|iplanet-am-auth-shared-state-behavior-pattern=useFirstPass"

      Observed Result: Per my research, the correct syntax between subcommand is a "space" and not "|"
      Example, if they apply a space and not the "|" between
      =true and iplanet-am-auth-store-shared-state-enabled

      The command doesn't give any error BUT the authentication fails..

      Expected Result: Fix the syntax so that when they have "space" between

      =true and iplanet-am-auth-store-shared-state-enabled

      the authentication doesn't fail.

      Workaround:
      The workarond is to provide a "|" instead of space and authentication then work fine.. Current workaround command that works..

      iplanet-am-auth-shared-state-enable=ture|iplanet-am-auth-store-shared-state-enabled=true"

      The entire command for workaround looks like this..

      ./ssoadm update-auth-cfg-entr -e consumers -m ldapService -u amadmin -f /tmp/pwd.txt -a "ConsumersAuth|REQUIRED|iplanet-am-auth-shared-state-enable=ture|iplanet-am-auth-store-shared-state-enabled=true" "PWDValidator|SUFFICIENT|iplanet-am-auth-shared-state-enabled=true|iplanet-am-auth-shared-state-behavior-pattern=useFirstPass"

        Attachments

          Activity

            People

            • Assignee:
              peter.major Peter Major [X] (Inactive)
              Reporter:
              darshan.bhatt Darshan Bhatt [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 3h
                3h
                Remaining:
                Time Spent - 1h Remaining Estimate - 2h
                2h
                Logged:
                Time Spent - 1h Remaining Estimate - 2h
                1h