This topic has 2 replies, 2 voices, and was last updated 5 years, 5 months ago by full2.
-
AuthorPosts
-
February 22, 2017 at 11:27 am #15958
full2
ParticipantHello:
I am trying to setup openam13 in a empty Ubuntu Virtual machine.
But after setup, the login page does not work. The request “POST /openam/json/authenticate?” returns a 500 error.
I have tried using the ssoconfiguratortool.jar, and also with the web wizard choosing “Custom configuration”.
Always same results.
Checking some logs,After reading a similar thread, i have just tried entering in the COOKIE_DOMAIN the ***full*** name of the server and it has worked (???!!!).
But I believe (and I remember for other previous openam12 installations) i’ve got to put there the partial name.
Example:if the openam server will be in luis1.credential.eu
-Trying with “.credential.eu” always returned a sucessfull instalation both using ssoconfiguratortool.jar and web wizard, but later login page does not work.
-Trying with “luis1.credential.eu” works (!!??).Now, I dont know how to repeat the installation, and what to put there.
I am goint to repeat the installation, and see what happens, but please any idea or clarification would be apreciated.Questions:
-If i got a 500 in the openam/json/authenticate? request: Any ideas? I have looked in tomcat log, and nothing appears. OpenAm logs show some error but I dont know if they are important or not (http://pastebin.com/b4ibcwTL).
-What must be the value in the COOKIE_DOMAIN in the file used by ssoconfiguratortool? I remember for openam12 it must be “.credential.eu”. But now it has only worked for me if entering the full name, “luis1.credential.eu”. Has that changed in Openam13? Can anybody check, please?
Any ideas?
Enviroment:
Empty Ubuntu 14.
etc/hosts changed
Oracle Jdk 8, manualy downloaded, unziped in folder of the user. Path and java_home setup.
OpenDj unziped and installed. DN setup to ROOT_SUFFIX=dc=credential,dc=eu and
USERSTORE_SUFFIX=dc=credential,dc=eu
Tomcat 8 unziped, deploy openam .war file.
Setup of openam using “web wizard” or configurator.jar returns ok. But later initial login fails.-
This topic was modified 5 years, 5 months ago by
full2.
February 22, 2017 at 2:33 pm #15960Peter Major
ModeratorTomcat 8 does not allow leading dot characters in cookie domains.
February 22, 2017 at 3:03 pm #15961full2
ParticipantJe je, i have just discovered that.
I have found some discussions in this forum about that, some bugs related (https://forgerock.org/topic/openam-13-with-tomcat-8-5-9/ ), …..And I have just discovered that: same configuration file with COOKIEDOMAIN starting with “.foo.bar” works in Tomcat 7, but not on tomcat 8…
Oh my god, I was becoming crazy. I started doubting about myself, about that parameter, about other openam installations I did long time ago…
Thanks all.
I would suggest you mention this issue about .dot, cookie domain, and Tomcat 8,, somewhere in your help or release notes or documentation/install guides…By the way, in case this is usefull for anyone: my fastest way of “uninstall” the configuration of an openam instance is deleting the hidden folder .openamcfg , the folder referenced by those files and delete in the LDAP/OpenDJ things under the root DN.
Thanks for your fast response, Peter
-
This topic was modified 5 years, 5 months ago by
-
AuthorPosts
You must be logged in to reply to this topic.