[OPENAM-5841] Realm override query parameter on login not overriding realm Created: 16/Apr/15  Updated: 20/Nov/16  Resolved: 24/Apr/15

Status: Resolved
Project: OpenAM
Component/s: UMA
Affects Version/s: 12.0.1, 13.0.0
Fix Version/s: 12.0.2, 12.0.3, 13.0.0

Type: Bug Priority: Major
Reporter: Phil Ostler [X] (Inactive) Assignee: Phill Cunnington
Resolution: Fixed Votes: 0
Labels: AME, TESLA, release-notes
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relates
relates to OPENAM-5922 Getting a user's resource sets from r... Resolved
is related to OPENAM-5508 REST with Realm/DNS Aliases causes un... Closed
Target Version/s:
Sprint: Sprint 84 - Team Tesla
Support Ticket IDs:
Verified Version/s:

 Description   

After the user has been redirected from registering a UMA resource set with the URL...

http://phil.openam.com:8080/openam/XUI/?realm=/realm1#uma/share/07bd76fc-634d-4a5a-892a-2c5356b893e10

...the XUI redirects back to the following URL as the user is not logged in (preserving the realm override parameter)...

http://phil.openam.com:8080/openam/XUI/?realm=/realm1#login/

...which translates to a call on the API with the following signature...

http://phil.openam.com:8080/openam/json/realm1/users/demo?realm=/realm1

...which should override the realm with /realm1, however the following error is being encountered

{"code":400,"reason":"Bad Request","message":"Invalid realm, /realm1/realm1"}

The realm query parameter should override the realm and not append to it



 Comments   
Comment by Peter Major [X] (Inactive) [ 24/Apr/15 ]

Potentially related to OPENAM-5508, need to determine if this can affect 12.0.1 as well

Comment by Nemanja Lukic [ 09/Jul/15 ]

Could someone please provide the steps to reproduce?

Comment by Nemanja Lukic [ 09/Jul/15 ]

To reproduce:

  • create a subrealm "realm1";
  • log in to: /openam/XUI/?realm=/realm1#login/ as demo/changeit
Comment by Peter Major [X] (Inactive) [ 14/Aug/15 ]

Backported to 12.0.2 with R15187

Comment by Nemanja Lukic [ 24/Sep/15 ]

Verified in: OpenAM 12.0.2 Build 15797 (2015-September-21 17:41)

Comment by Filip Kubáň [X] (Inactive) [ 28/Apr/16 ]

verified: OpenAM 12.0.3-RC2

Generated at Sat Oct 24 05:48:31 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.