[OPENAM-5721] WindowsDesktopSSO trusted realm list doesn't work Created: 25/Mar/15  Updated: 02/Aug/16  Resolved: 16/Oct/15

Status: Resolved
Project: OpenAM
Component/s: authentication
Affects Version/s: 11.0.3
Fix Version/s: 12.0.3, 13.0.0

Type: Bug Priority: Minor
Reporter: Jari Ahonen Assignee: Sachiko Wallace
Resolution: Fixed Votes: 0
Labels: EDISON, release-notes
Remaining Estimate: 0h
Time Spent: 0.5h
Original Estimate: Not Specified

Issue Links:
Relates
relates to OPENAM-9407 Backport OPENAM-7556 to 12.0.x Resolved
is related to OPENAM-4923 Update Windows Desktop SSO module to ... Resolved
Target Version/s:
Sprint: AM Sustaining Sprint 13

 Description   

The new trusted realms list functionality in OpenAM 11.0.3 WindowsDesktopSSO auth module is broken. Only the first realm in the list will work.

The reason is that the trusted realm checking logic in WindowsDesktopSSO.java lines 285-291 causes the authentication to fail when it encounters the first non-matching realm on the list (whenever isTokenTrusted() returns false). It should check all the realms on the list and only fail if none of them match.


Generated at Tue Oct 27 00:46:46 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.