CustomScopeValidator OpenAM 13.x

This topic contains 6 replies, has 3 voices, and was last updated by  Peter Major 11 months, 2 weeks ago.

  • Author
  • #15590


    We have written a CustomScopeValidator class, which works perfectly well in OpenAM 12.0.

    Now we are in the process of upgrading to OpenAM 13.5 and we experience a problem. After adjusting the code to conform the slightly changed interface we still get an error on the /openam/oauth2/authorize call. (‘internal server error’).

    GET /openam/oauth2/authorize?client_id=sample&scope=read%20write&state=6296560&

    HTTP/1.1 400 Bad Request
    Cache-Control: no-store
    Date: Mon, 30 Jan 2017 11:59:28 GMT
    Accept-Ranges: bytes
    Server: Restlet-Framework/2.3.4
    Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
    Pragma: no-cache
    Content-Type: text/html;charset=UTF-8
    Transfer-Encoding: chunked
    Connection: close

    <!DOCTYPE html>
    ~ Copyright 2012-2015 ForgeRock AS.
    ~ The contents of this file are subject to the terms
    ~ of the Common Development and Distribution License
    ~ (the License). You may not use this file except in
    ~ compliance with the License.
    ~ You can obtain a copy of the License at
    ~ See the License for the specific language governing
    ~ permission and limitations under the License.
    ~ When distributing Covered Code, include this CDDL
    ~ Header Notice in each file and include the License file
    ~ at
    ~ If applicable, add the following below the CDDL Header,
    ~ with the fields enclosed by brackets [] replaced by
    ~ your own identifying information:
    ~ “Portions Copyrighted [year] [name of copyright owner]”
    ~ Portions Copyrighted 2014 Nomura Research Institute, Ltd
    <html lang=”en”>
    <meta charset=”utf-8″>
    <meta http-equiv=”X-UA-Compatible” content=”IE=edge”>
    <meta name=”viewport” content=”width=device-width, initial-scale=1″>
    <meta name=”description” content=”OAuth2 Error”>
    <title>OAuth2 Error Page</title>

    <body style=”display:none”>
    <div id=”wrapper”>Loading…</div>
    <footer id=”footer” class=”footer”></footer>
    <script type=”text/javascript”>
    pageData = {
    realm : “/”,
    baseUrl: “”,
    error: {
    description: “Internal Server Error”,
    message: “server_error”
    <script data-main=”” src=””></script>


    Error in the logfile (access.csv):
    “The request could not be understand by the server due to malformed syntax”

    Even when using the custom scope validator from the documentation we experience this problem. Again, on version 12.x this works fine.

    Hope you can clue on this. Otherwise, how to obtain more debug info, we switched in the console to ‘Message’ level but still not enough to tackle this.


     Peter Major 

    Have you checked the logs under the debug folder?


    Yes, but i don’t see any log entry added when executing this call.

     Scott Heger 

    What about in your container logs? Anything there?


    Debugged it after building OpenAM from the source and got it working on OpenAM 13.0 now, the custom scope validator sample misses a check on token != 0 in getUserInfo(), probably change since 12.0?

    For 13.5 i still got an internal server error on the /access_token endpoint, maybe some token null as well.


    BTW Are there any 13.5 maven dependencies in anyway?

     Peter Major 

    Yes, there are. Reach out to support via for more information.

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.

©2018 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?