-
Type:
Bug
-
Status: Resolved
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: 14.0.0
-
Fix Version/s: 14.0.0
-
Labels:
-
Environment:OpenAM 14.0.0-SNAPSHOT Build 130b7188b4 (2016-August-24 23:14)
-
Target Version/s:
-
Rank:1|hzs0zb:
-
Sprint:Sprint "Anise" 113 - Turing, Sprint "Baharat" 114 - Turing
It is unclear if the "service" URL Parameter is being used.
Steps to demonstrate
- Add an authentication chain called "myldapservice", using a Required LDAP module.
Login using application parameters
- Attempt login to the default chain (Datastore) ldapservice using amadmin
- http://aczv.205.example.com:8080/openam/XUI/#login/&service=ldapservice
- Login: successful - as expected
- Demonstrate that you cannot login to the chain (LDAP) myldapservice using amadmin
- http://aczv.205.example.com:8080/openam/XUI/#login/&service=myldapservice
- Login: unsuccessful - as expected
Demonstrate problem logging in using URL parameters
- Attempt login to the default chain (Datastore) ldapservice (Datastore) using amadmin
- http://aczv.205.example.com:8080/openam?service=ldapservice
- Login: successful - as expected
- Attempt login to the chain (LDAP) myldapservice using amadmin
- http://aczv.205.example.com:8080/openam?service=myldapservice
- Login: successful - unexpected
- Attempt login to invalid chain using amadmin
- http://aczv.205.example.com:8080/openam?service=RUBBISH
- Login: successful - unexpected
- (See related
OPENAM-9620)
Note In 13.5.0
gets translated to:
- http://aczv.205.example.com:8080/openam/XUI/#login/&service=ldapservice
- http://aczv.205.example.com:8080/openam/XUI/#login/&authIndexType=service&authIndexValue=ldapservice
In 14.0.0
doesn't get translated.
- is related to
-
-
- Resolved
-
- is required by
-
-
- Resolved
-