OpenAM as IdP and Safari browser

This topic has 1 reply, 2 voices, and was last updated 11 months, 1 week ago by William Hepler.

  • Author
  • #25938

    I have setup OpenAM (13.0.0) to act as IdP and using it to authenticate user for a SP (Cloud application). I have configured the IdP as hosted under a sub realm and add a separate datastore to store the user information for IdP.

    The SP initiated SSO works fine with Chrome and Firefox but noticed that it fails when I try to do the SSO from Safari browser.

    I looked into the network traffic and compared the working case vs Safari case and I see that in one of the redirects/forward done in browser after the backend sends request to authenticate the SSO user, the query parameter ( ?realm=/myidprealm ) has gone missing and causing the authenticate page of root realm (/) to show up for user to enter credentials.

    Any ideas?

     William Hepler

    13.0.0 is a pretty old version and I believe there are fixes for Safari specifically. Forgerock would recommend moving to a later version. 13.5.2 is available but see the following, as 13.x.x is already first state EOSL, You should be looking to use 5.5.x at least or the latest version 6.5.2.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?