[gatein-issues] [JBoss JIRA] (GTNSSO-28) realm is wrong adds an extra g in the realm name with OpenAM 11

Marek Posolda (JIRA) issues at jboss.org
Mon Feb 9 06:49:49 EST 2015 

    [ https://issues.jboss.org/browse/GTNSSO-28?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13038723#comment-13038723 ] 

Marek Posolda commented on GTNSSO-28:
-------------------------------------

No ETA so far. And we need to keep support for OpenAM 9.5 and 10.0 as far as I know, which is why your PR can't be merged. 

As I mentioned previously, proper fix would likely need to introduce new config parameter in OpenSSOCDLoginRedirectFilter (likely boolean parameter), which will allow to specify whether additional letter needs to be added. So it will handle all versions of OpenAM with OPENAM-1539 fixed or not. 

And the default value of param should be "true" (the additional letter will be added), so our existing customers on OpenAM 9.5 and 10.0 are not anyhow affected and don't need to change anything in their configurations.

> realm is wrong adds an extra g in the realm name with OpenAM 11
> ---------------------------------------------------------------
>
>                 Key: GTNSSO-28
>                 URL: https://issues.jboss.org/browse/GTNSSO-28
>             Project: GateIn SSO
>          Issue Type: Bug
>    Affects Versions: 1.4.0.Beta01
>         Environment: Using OpenAM 11 - using the plugin with Exo Platform but imagine this is probably the same for anything using gatein-sso for CDSSO with OpenAM 11
>            Reporter: Michael McKinsey
>            Assignee: Marek Posolda
>             Fix For: 1.4.4.Final
>
>
> The realm name is coming up wrong with an extra g which I believe is causing the error #403x
> https://./openam/cdcservlet?realm=gatein&goto=https%3A%2F%2F.%3A8443%2Fportal%2Finitiatessologin&ProviderID=https%3A%2F%2F.%3A8443%2Fportal%2Finitiatessologin%2F%3FRealm%3Dggatein&RequestID=71288&IssueInstant=2014-05-08T01%3A10%3A30Z&MajorVersion=1&MinorVersion=0
> notice realm is ggatein
> I found a reference to the extra g:
> https://github.com/gatein/gatein-sso/blob/b3b0e3fb9fd5d9498a97e89357603d1a0b0d800a/agent/src/main/java/org/gatein/sso/agent/filter/OpenSSOCDLoginRedirectFilter.java
> It says:
> // We need to use Realm=g because of bug (or strange behaviour) of OpenAM, which cuts first character of realmName during parsing
> String providerId = agentUrl + "/?Realm=g" + openSSORealm;
> I am guessing this was needed with OpenAM 10 but is causing an error with OpenAM 11.  I was trying to fix this myself but I can't get gatein-sso to build in my environment just yet.



--
This message was sent by Atlassian JIRA
(v6.3.11#6341)

More information about the gatein-issues mailing list