- Configured OAuth2 provider, UMA providers, and OAuth2 agent (aka RS).
- Created resource_set myDevice for user Alice and RS.
- Authenticated to Alice's account on OpenAM, browsed to "Resources", clicked on myDevice and shared it with Bob. All went OK.
- Authenticated to Ted's account on OpenAM, browsed to "Resources", clicked on "Shared with me" and found myDevice!!!
This is happening while trying to get "permission_ticket" for Ted is rejected by OpenAM, saying resource is not shared (which is as expected).
Not sure if it matters, but users are created in the embedded DJ via LDAP queries (and not from OpenAM console).