Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-6010

HTTP OAuth2 OpenAM and token introspection authorization mechanism are missing an "ssl-cert-nickname" property

    Details

    • Type: Bug
    • Status: QA in Progress
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 6.5.0, 6.0.0, 5.5.0, 3.5.0
    • Fix Version/s: 7.0.0
    • Component/s: config
    • Labels:
      None
    • Story Points:
      0.5

      Description

      Found by accident while working on OPENDJ-5865 resolution.

      Configurations for:

      • HTTP OAuth2 OpenAM Authorization Mechanism (HttpOauth2OpenamAuthorizationMechanismConfiguration.xml)
      • HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism (HttpOauth2TokenIntrospectionAuthorizationMechanismConfiguration.xml)

      allow user to specify a key manager provider which is used in SSL options computation while connecting to AM server or token introspection endpoint.
      But the configuration is missing the ssl-cert-nickname property which allows a user to choose which certificate the server should present to authenticate to the remote server.

      Acceptance criteria:
      This bug should be solved once HttpOauth2OpenamAuthorizationMechanismConfiguration.xml and HttpOauth2TokenIntrospectionAuthorizationMechanismConfiguration.xml will have been updated to contain an optional ssl-cert-nickname property and the code updated to take into account the configuration update.

        Attachments

          Activity

            People

            • Assignee:
              cforel carole forel
              Reporter:
              gaetan Gaetan Boismal [X] (Inactive)
              QA Assignee:
              carole forel
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: