[OPENAM-13139] Scripted Module cannot work if "iplanet-am-auth-shared-state-enabled=true" set Created: 28/May/18  Updated: 02/Jul/18  Resolved: 02/Jul/18

Status: Closed
Project: OpenAM
Component/s: authentication, scripting
Affects Version/s: 13.5.0, 13.5.1, 14.0.0, 14.1.0, 14.1.1, 5.5.1, 6.0.0, 6.0.0.1
Fix Version/s: None

Type: Bug Priority: Major
Reporter: C-Weng C Assignee: Unassigned
Resolution: Won't Fix Votes: 0
Labels: EDISON
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Rank: 1|hzw0rr:
Support Ticket IDs:

 Description   

Problem
When "iplanet-am-auth-shared-state-enabled=true" is set on the Scripted module, the script module will fail to work as there is no callback (when this has a Client script).

Expected

Works like any other auth module w/o error

Currently

Fails to work. What is worst is that the may not be much logging information of the failure. 

Impact/Workaround
Remove "iplanet-am-auth-shared-state-enabled=true" as the sharedState is always passed along.

Cause
When iplanet-am-auth-shared-state-enabled=true is set the Callback are not read in AMLoginModule and hence when the replaceCallback is called on the clientScriptOutput to render the client script the comparison on the state.length is 0 and not 2. and so throws Illegal state.

So when isSharedStatedEnable() one should probably do a setForceCallback(true) and do a forceCallbackInit() like what is done in LDAP module when rendering callback.



 Comments   
Comment by Andrew Vinall [ 04/Jun/18 ]

Bug Triage: C-Weng C Could we have more information in the Description?

Comment by Jonathan Thomas [ 02/Jul/18 ]

Future investment will be in Auth Trees and the workaround may be used.

Generated at Sat Feb 27 21:17:46 UTC 2021 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.