This topic has 3 replies, 3 voices, and was last updated 5 years, 7 months ago by naeemjmi.
-
AuthorPosts
-
November 10, 2016 at 8:24 pm #14207
soma
ParticipantHi,
I still have this issue (Session Termination issue) and I do not know how to solve it. Hope you will help me.
My scenario is easy:
1) Login via XUI login page
2) Open a role protected page in a new tab of the web browser (/hello/private/index.jsp), content is displayed properly
3) Go back to the XUI login page and logout
4) Navigate to the root url of my application ((/hello)
5) I get a infinite redirect loop (“The page isn’t redirecting properly”)The index page (/hello) is on the Not Enforced URIs list. I can open it without any authentication.
Environment:
OpenAM 13 runs on Tomcat
3.5.0 J2EE agent for Tomcat, agent filter mode: J2EE_POLICY
Login Form URI: /hello/authentication/login.jsp
Access Denied URI: [hello]=/hello/authentication/access-denied.jsp
Not Enforced URIs: configured properlyWeb application:
Declarative security is used for role protected content in my web application.As you can see there is a suspicious exception in the OpenAM log:
ERROR: AmFilter: Error while delegating to inbound handler: Not Enforced List Task Handler, access will be denied java.lang.NullPointerException at com.iplanet.dpro.session.SessionID.hashCode(SessionID.java:334) at java.util.Hashtable.get(Hashtable.java:363) at com.iplanet.dpro.session.Session.readSession(Session.java:2178) at com.iplanet.dpro.session.Session.removeSID(Session.java:1042) at com.sun.identity.agents.filter.LogoutHelper.removeSSOToken(LogoutHelper.java:174) at com.sun.identity.agents.filter.LogoutHelper.doLogout(LogoutHelper.java:63) at com.sun.identity.agents.filter.NotenforcedListTaskHandler.process(NotenforcedListTaskHandler.java:144) at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:194) at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:157) at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:70) ...
Could you please help me?
November 10, 2016 at 10:45 pm #14209Rogerio Rondini
ParticipantHi
That is a weird thing..
Anyway, did you enable the “Reset Cookie” option in the Agent Profile in the tab SSO ?
Cookie Reset
Cookie Reset:
Enabled
Agent resets cookies in the response before redirecting to authentication. (property name: com.sun.identity.agents.config.cookie.reset.enable)
Hot-swap: YesNovember 11, 2016 at 2:23 am #14214soma
ParticipantHi,
Thank you for the reply.
I tried that before but unfortunately it did not help :(December 28, 2016 at 6:31 am #15086naeemjmi
Participantit might be due to domain name change issue.your agent URL and Openam url domain should be same.
For eg:openam url- http://www.openam.example.com
Agent Url – http://www.agent.example.comthis will share the same cookie as their domain .example.com is same.
-
AuthorPosts
You must be logged in to reply to this topic.