Uploaded image for project: 'OpenIG'
  1. OpenIG
  2. OPENIG-234

Federation doesn't work if we used incomplete user in IDP

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 2.1.0, 3.0.0, 3.1.0, 3.1.1, 4.0.0, 4.5.0, 5.0.0, 5.5.0, 5.5.1, 6.0.0, 6.1.0, 6.5.0
    • Fix Version/s: None
    • Component/s: None

      Description

      If the selected user has not the right data in mapping attributes, eg f we use

      "assertionMapping": {
                  "userName":"uid",
                  "password":"userPassword"
              }
      

      And if the selected user has an empty uid the log displays :

      Jul 31, 2014 12:04:52 PM com.sun.identity.plugin.log.impl.FedletLogger access
      INFO: SUCCESS_FED_SSO
      {anonymous}
      {eMoB1bYBnGBL170kYvCH8zfAE10k}
      {anonymous}
      2014-07-31T10:04:52Z:FederationServlet.FederationServlet:WARNING:FederationServlet: Warning no assertion attribute found for : uid
      2014-07-31T10:04:52Z:FederationServlet.FederationServlet:DEBUG:FederationServlet adding subject to session: subjectName = eMoB1bYBnGBL170kYvCH8zfAE10k
      2014-07-31T10:04:52Z:FederationServlet.FederationServlet:DEBUG:FederationServlet adding session index: sessionIndexMapping = s264f83eb0ef8dabfc146fe0e504de61c193161001
      2014-07-31T10:04:52Z:FederationServlet.elapsed:STAT:Elapsed time: 21 ms:21 ms
      2014-07-31T10:04:52Z:DispatchHandler.elapsed:STAT:Elapsed time: 21 ms:21 ms
      2014-07-31T10:04:52Z:GatewayServlet.elapsed:STAT:Elapsed time: 21 ms:21 ms
      2014-07-31T10:04:52Z:GatewayServlet.started:STAT:Started
      2014-07-31T10:04:52Z:DispatchHandler.started:STAT:Started
      2014-07-31T10:04:52Z:SPInitiatedSSORedirectHandler.started:STAT:Started
      2014-07-31T10:04:52Z:SPInitiatedSSORedirectHandler.elapsed:STAT:Elapsed time: 0 ms:0 ms
      2014-07-31T10:04:52Z:DispatchHandler.elapsed:STAT:Elapsed time: 0 ms:0 ms
      2014-07-31T10:04:52Z:GatewayServlet.elapsed:STAT:Elapsed time: 1 ms:1 ms
      2014-07-31T10:04:52Z:GatewayServlet.started:STAT:Started
      2014-07-31T10:04:52Z:DispatchHandler.started:STAT:Started
      2014-07-31T10:04:52Z:FederationServlet.started:STAT:Started
      Jul 31, 2014 12:04:52 PM com.sun.identity.plugin.log.impl.FedletLogger access
      INFO: REDIRECT_TO_IDP
      {http://localhost:8090/openam/SSORedirect/metaAlias/idp}
      2014-07-31T10:04:52Z:FederationServlet.elapsed:STAT:Elapsed time: 3 ms:3 ms
      2014-07-31T10:04:52Z:DispatchHandler.elapsed:STAT:Elapsed time: 3 ms:3 ms
      2014-07-31T10:04:52Z:GatewayServlet.elapsed:STAT:Elapsed time: 4 ms:4 ms
      2014-07-31T10:04:52Z:GatewayServlet.started:STAT:Started
      2014-07-31T10:04:52Z:DispatchHandler.started:STAT:Started
      2014-07-31T10:04:52Z:FederationServlet.started:STAT:Started
      Jul 31, 2014 12:04:52 PM com.sun.identity.plugin.log.impl.FedletLogger access
      INFO: GOT_RESPONSE_FROM_POST
      {}
      Jul 31, 2014 12:04:52 PM com.sun.org.apache.xml.internal.security.signature.Reference verify
      INFO: Verification successful for URI "#s2fa7e45ce5c71e8f869a8278250b77323db794c8c"
      Jul 31, 2014 12:04:52 PM com.sun.identity.plugin.log.impl.FedletLogger access
      INFO: FOUND_AUTHN_ASSERTION
      {s2fa7e45ce5c71e8f869a8278250b77323db794c8c}
      {}
      {s264f83eb0ef8dabfc146fe0e504de61c193161001}
      Jul 31, 2014 12:04:52 PM com.sun.identity.plugin.log.impl.FedletLogger access
      INFO: SUCCESS_FED_SSO
      

      ... and loop again and again

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              violette Violette Roche Montane
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: