"Cross" Realm Problem

[Fernando A. Barbeiro Campos]

Hi guys, here we go again. :)

I have defined, besides Top Level Realm, another two, lets say bank_employees and bank_clients – as image bellow.

Given this, I’ve also created users under each one of this realms, but when I navigate until the Subjects from a specific Realm, all users from the other Realm are there, visible to me:

Considering that I’m logged with AMAdmin, maybe it is not a problem, however, when I’m trying to do a Login with a specific user from a Realm bank_clients, it also accepted to be logged whether I pass bank_employees, for instance, to the Oauth 2 authorize endpoint.

Please guys, am I missing something or is there misconceptions from my part?

[Bhargava.bada]

Hi Fernando,

Can you please check the data store details in both the realms . if the data store is same you will see all the users from data store in both the realms . OpenAM loads the subject details from corresponding data store .

if you have different data store i hope your problem will be resolved .

Thanks
Bhargava

[Fernando A. Barbeiro Campos]

Hi Bhargava, you are right, I’m sharing the embedded default OpenDJ datastore. I will create separate ones and later I share the experience (or even any other doubts). Thank you so much for collaborating.

[Author]

Posts