Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8653

REST endpoint for policy does not return response attributes.

    XMLWordPrintable

    Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Not a defect
    • 13.0.0
    • None
    • entitlements
    • Rank:
      1|hzse9r:

      Description

      The PLL endpoint returns arbitrary ldap attributes as "response decisions" when the agent specifies them in its policy query. This facility isn't present in the corresponding JSON endpoint: /json/policies?_action=evaluate.

      These attributes are used by the agent to alter the headers of the request (or cookies) – they are mapped to arbitrary header or cookie names. They are similar to, though not the same as "response attributes", which the JSON endpoint does return correctly.

      The "response decisions" are additional values that can be set in the agent configuration without being set as "response attributes" in the policy. For example, in PLL, if you add "<GetResponseDecisions><Attribute name="mail"/></GetResponseDecisions>" inside the GetResourceResult element, you can get back the value of mail in a ResponseDecision element thus:
      <ResponseDecisions>
      <AttributeValuePair>
      <Attribute name="mail"/>
      <Value>nick.james@forgerock.com</Value>
      </AttributeValuePair>

      without "mail" being set as a response attribute for the policy.

        Attachments

          Activity

            People

            Unassigned Unassigned
            nick.james Nicholas James
              edwardb edwardb
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: