No handler to dispatch to for URI

This topic has 1 reply, 1 voice, and was last updated 5 months, 3 weeks ago by Jatinder Singh (AcceptingNewProjects).

  • Author
    Posts
  • #26927
     smmellac
    Participant

    Hello,

    We are trying to chain IGs i.e., IG-DMZ will authenticate against AM and then pass traffic to IG (protected zone). However, we are seeing the below error
    “no handler to dispatch to for URI:xxxxxxxx”

    Route – IG (DMZ)
    {
    “name”: “400_openam”,
    “baseURI”: “https://openigdevext.com”,
    “condition”: “${matches(request.uri.path, ‘^/ebxlab’)}”,
    “handler”: “ChainHandler”,
    “heap”: [
    {
    “name”: “AmService”,
    “type”: “AmService”,
    “config”: {
    “url”: “AM URL”,
    “realm”: “/DEP”,
    “ssoTokenHeader”: “iPlanetDirectoryPro”,
    “agent”: {
    “username”: “OPENIG_Agent”,
    “password”: “pwd”
    },
    “sessionCache”: {
    “enabled”: false
    }
    }
    },
    {
    “name”: “AuthService”,
    “type”: “SingleSignOnFilter”,
    “config”: {
    “amService”: “AmService”
    }
    },
    {
    “name”: “ChainHandler”,
    “type”: “Chain”,
    “config”: {
    “handler”: “GenericHandler-EBX”,
    “filters”: [
    “AuthService”
    ]
    }
    },
    {
    “name”: “GenericHandler-EBX”,
    “type”: “DispatchHandler”,
    “config”: {
    “baseURI”: “http://IGprotected.com:8080/lab”
    }
    }
    ]
    }

    {
    “name”: “300_ebx”,
    “baseURI”: “APP URL:port”,
    “condition”: “${matches(request.uri.path, ‘^/lab’)}”,
    “handler”: “DH-Redirect to LAB”,
    “heap”: [
    {
    “name”: “DH-Redirect to LAB”,
    “type”: “DispatchHandler”,
    “config”: {
    “baseURI”: “APP URL:port/lab”
    }
    }
    ]
    }

    Any help would be greatly appreciated

    #27802

    You may have already found a working solution but below is what you can try. It does the following:

    * Intercepts /ebxlab at DMZ level;
    * Performs AuthN using AM;
    * Using assignment filter relays (reverse proxy) request to your protected IG at /lab.

    
    {
      "name”: "400_openam”,
      "baseURI”: "http://IGprotected.com:8080",
      "condition”: "${matches(request.uri.path, '^/ebxlab'')}”,
      "heap”: [
        {
          "name”: "AmService”,
          "type”: "AmService”,
          "config”: {
            "url”: "AM URL”,
            "realm”: "/DEP”,
            "ssoTokenHeader”: "iPlanetDirectoryPro”,
            "agent”: {
              "username”: "OPENIG_Agent”,
              "password”: "pwd”
            },
            "sessionCache”: {
              "enabled”: false
            }
          }
        },
        {
          "name”: "AuthService”,
          "type”: "SingleSignOnFilter”,
          "config”: {
            "amService”: "AmService”
          }
        }
      ],
      "handler”: {
        "type”: "Chain”,
        "config”: {
          "handler”: "GenericHandler-EBX”,
          "filters”: [
            "AuthService”,
            {
              "name": "AccessProtectedIG",
              "type": "AssignmentFilter",
              "comment": "Your comment",
              "config": {
                "onRequest": [
                  {
                    "target": "${request.uri.path}",
                    "value": "/lab"
                  }
                ]
              }
            }
          ],
          "handler": "ReverseProxyHandler"
        }
      } 
    }
    
Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?