This topic has 1 reply, 1 voice, and was last updated 3 years, 9 months ago by 
-
Posts
-
Hi @ all,
in my local dev in environment I am testing AM6 (V 6.0.0.4) and WPA (V 5.0.1.1). They are running on two different local VMs (VirtualBox).
I’m protecting a ressource with the WPA under the subdomain https://poc.mydomain.local
My AM6 is running under https://login.mydomain.local
I’m using a subSubRealm (/customers/europe) for interactions with those Domains.Authenticating is working fine. As soon as I try to access https://poc.mydomain.local the WPA redirects me to https://login.mydomain.local and after a successful AuthN I’m getting redirected back to https://poc.mydomain.local but the protected website (a light weight WordPress site) is not showing up. Instead it is showing me a 403 forbidden.
Just for your Information:
A Policy Set has been set up and the URL Patterns are working. I have tested it with FR recommendations.What I found out is, that the WPA after successful loging in:
{ "realm": "/customers/europe", "transactionId": "c3c40a6a-bb53-4249-a92f-0e24b6dd74ee-15156", "component": "Authentication", "eventName": "AM-LOGIN-MODULE-COMPLETED", "result": "SUCCESSFUL", "entries": [ { "moduleId": "Application", "info": { "authIndex": "module_instance", "authControlFlag": "REQUIRED", "moduleClass": "Application", "ipAddress": "127.0.0.1", "authLevel": "0" } } ], "principal": [ "wpa_wordpress_01" ], "timestamp": "2018-10-07T10:51:12.373Z", "trackingIds": [ "c3c40a6a-bb53-4249-a92f-0e24b6dd74ee-15157" ], "_id": "c3c40a6a-bb53-4249-a92f-0e24b6dd74ee-15159" }I tried it out with following request:
curl -X POST \ 'https://login.mydomain.local/sso/json/authenticate?module=Application' \ -H 'Accept-API-Version: resource=2.0, protocol=1.0' \ -H 'Cache-Control: no-cache' \ -H 'Content-Type: application/json' \ -H 'X-OpenAM-Password: myPassw0rd' \ -H 'X-OpenAM-Username: wpa_wordpress_01'The response to this request is:
{ "code": 401, "reason": "Unauthorized", "message": "Authentication Failed" }In the AM6 Logs I found this:
{ "realm": "/customers/europe", "transactionId": "c3c40a6a-bb53-4249-a92f-0e24b6dd74ee-19179", "component": "Authentication", "eventName": "AM-LOGIN-MODULE-COMPLETED", "result": "FAILED", "entries": [ { "moduleId": "LDAP", "info": { "authControlFlag": "REQUIRED", "moduleClass": "LDAP", "failureReason": "USERID_NOT_FOUND", "ipAddress": "127.0.0.1", "authLevel": "0" } } ], "principal": [ "wpa_wordpress_01" ], "timestamp": "2018-10-07T11:04:34.485Z", "trackingIds": [ "c3c40a6a-bb53-4249-a92f-0e24b6dd74ee-19180" ], "_id": "c3c40a6a-bb53-4249-a92f-0e24b6dd74ee-19182" }While Investigating I found out that the Endpoint is speaking with the UserStore and that might be wrong, wright?
Can anybody help me here?
Thanks in advanced
Fehmi
You must be logged in to reply to this topic.
