Issue with realm redirection with webagents 5 and openAM 5.5.1

This topic has 20 replies, 10 voices, and was last updated 3 years, 4 months ago by William Hepler.

  • Author
    Posts
  • #21875
     kumar.vivek
    Participant

    Hi Guys,
    I am also struck in the same situation. Any more suggestions to fix the same.
    Thanks
    Vivek

    #23218
     sahanasharma01
    Participant

    Hello Anirudh

    Maybe this guide can help you. OAuth 2.0 Guide. ForgeRock Access Management 5.5. ForgeRock AS 201 Mission St, Suite 2900 San Francisco, CA 94105, USA (US)

    #23221
     William Hepler
    Participant

    From the release notes:
    https://backstage.forgerock.com/docs/openam-web-policy-agents/5/web-agents-rnotes/#web-agent-changes

    Changes to Conditional Login

    Web Agents 5 change the OpenAM Conditional URL (com.forgerock.agents.conditional.login.url) and the Regular Expression Conditional Login URL (org.forgerock.agents.config.conditional.login.url properties as follows:

    Web Agents 5 authenticate to and log out users from the oauth2/authorize endpoint, which is not configurable. Therefore, to specify the realm or authentication module to which users should authenticate to, or log out from, add a conditional redirection rule. For example:

    example.com|https://openam.example.com:8443/openam/oauth2/authorize?realm=customers
    Web Agents 5 let you configure conditional login redirection against any service or website in your environment.

    Web Agents 5 conditional login let you match domains, subdomains, and paths in the incoming request URL in each rule.

    For more information, see Login URL Properties in the User Guide.

    #24823
     gaetano
    Participant

    That happened to us when installing the agent, if you forget to add the “/” before test when you specify the
    Agent realm/organization name.

    Agent realm/organization name: /test

    Hope this helps.

    #24885
     syedqader1
    Participant

    @aniru2dh
    when you are trying to give login url make sure you are pointing to right realm location.
    for example: if I have my agent configured in /test then I would be given my realm login url like below
    https://localhost.openam.com:8443/sso/UI/Login?realm=/test

    #24888
     William Hepler
    Participant

    For agents 5 and above they will default to the global realm unless you specify

    com.forgerock.agents.conditional.login.url=myapp.domain.com|http:/mylogin.example.com?realm=customers

    See the following
    https://backstage.forgerock.com/knowledge/kb/article/a81991865
    https://backstage.forgerock.com/docs/openam-web-policy-agents/5.5/web-agents-guide/#web-agent-conditional-redirection

Viewing 6 posts - 16 through 21 (of 21 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?