Authentication failed when using realm name in XUI login URL

Tagged: ,

This topic has 2 replies, 2 voices, and was last updated 5 years, 1 month ago by subi.

  • Author
    Posts
  • #14790
     subi
    Participant

    All,

    Hoping one of you will be able to help.
    In OpenAM 13 admin guide, I see a section (2.7.1.1) that talks about specifying realm names in login URL. Post the success of ‘getting-started-assignments’, I created a new realm and named it MyNewRealm. However, when I try to mention this realm name in the XUI login url, I am getting ‘Authentication Failed’. I tried all different options (as part of URL path, as URL parameter, parameter of XUI etc) but none works. However, if I login to OpenAM without mentioning any realm name, I am able to login in and see both the Top Level Realm as well as MyNewRealm. Any pointers as to what I am missing?

    p.s. I am logging in as amadmin.

    thanks!
    subi

    #14794
     Peter Major
    Moderator

    amadmin user only exists in the top level realm, you cannot authenticate as amadmin in a subrealm.

    #14984
     subi
    Participant

    Thank you Peter. I ended up creating additional users and put them in a group. Then gave admin previleges for the group for the new realm. After these changes, I was able to use all the above mentioned methods to access the url.

    However, I had a follow/up question – while I am able to see the new realm as we all as the user’s self service pages using the above method, I am not able to see the same behaviour when I dont mention the realm name in the URL. My impression was that if the logged in user is part of the group that has admin priviliges for a particular realm, then the realm should show up when I give the normal login URL (for example, http://openam.example.com:8080/openam)

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?