Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 6.0.0, 6.1.0, 6.5.0, 6.5.1, 6.5.2, 7.0.0
-
Component/s: WebSocket
-
Labels:
-
Environment:IG making notification requests to AM
-
Support Ticket IDs:
-
Story Points:1
Description
Example wireshark capture from an IG notification request to AM:
Frame 2305: 460 bytes on wire (3680 bits), 460 bytes captured (3680 bits) on interface 0 Null/Loopback Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 53520, Dst Port: 8080, Seq: 1, Ack: 1, Len: 404 Hypertext Transfer Protocol GET /openam/notifications HTTP/1.1\r\n Connection: Upgrade\r\n Host: openam.example.com:8080\r\n iPlanetDirectoryPro: GgsTTlY0mc5W5BPFzkeFmHuZ0So.*AAJTSQACMDEAAlNLABxEQ3phaFdyVzJhTGIydkx1dUZ0VWJ6a0NNMmM9AAR0eXBlAANDVFMAAlMxAAA.*\r\n Origin: openam.example.com:8080\r\n Sec-WebSocket-Key: b9KogqU4vhwHxPt8kf6JLQ==\r\n Sec-WebSocket-Protocol: v1.notifications.forgerock.org\r\n Sec-WebSocket-Version: 13\r\n Upgrade: websocket\r\n \r\n [Full request URI: http://openam.example.com:8080/openam/notifications] [HTTP request 1/1] [Response in frame: 2307]
The Origin header is missing the scheme: Origin: openam.example.com:8080
The Tyrus third-party library used by IG has this fixed in v1.14, covered by https://github.com/eclipse-ee4j/tyrus/issues/611