Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8844

When serverinfo service call fails, it is not possible to login

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 12.0.3, 13.0.0
    • Fix Version/s: None
    • Component/s: authentication
    • Labels:
    • Environment:
      OpenAM 12.0.3-RC2 Build 4dbe218a05 (2016-April-25 17:57)

      Description

      This issue is regression for the OPENAM-6293

      Steps to reproduce:

      1.) Enable tamper data (firefox or chrome plugin to modify requests and headers)
      2.) Hit the /openam/XUI/#login/
      3.) Block the request /openam/json/serverinfo/* with tamper
      4.) Login with user

      Observed result

      Login/password combination is invalid (401 Unauthorized)

      Expected result

      Successful login

      The problem is that request:
      /openam/json/users?_action=idFromSession
      does not contain a header: Content-API-Version:protocol=1.0,resource=2.0

      I added affected version 13, because the OPENAM-6293 fix was implemented there as well, but I have not tested it.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                richard.hruza Richard Hruza
                QA Assignee:
                Richard Hruza
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: